403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx
Follow us:
403 Forbidden

403 Forbidden


nginx

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

June 4, 2012 at 7:50 AM

Microsoft issues warning about Flame virus spread through unauthorized security certificates

Microsoft has issued a warning about, and an update designed to combat, malware known as “Flame,” a virus that spread by unauthorized use of one of Microsoft’s own digital security certificates. An unauthorized certificate could be used to spoof content.

Though the issue affects all supported releases of Windows, “Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk,” according to an official Microsoft blog post. “That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks.”

According to Microsoft:

We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. We identified that an older cryptography algorithm could be exploited and then be used to sign code as if it originated from Microsoft.

In response, the company has issued an advisory and a Windows update patch.

Comments

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


403 Forbidden

403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx