Security Protection – Harry Waldron MVP Rotating Header Image

Microsoft – Special CERT update to address misuse by Flame Malware

This out-of-band emergency update mitigates Certificate Authority manipulation by the Flame Malware attacks circulating primarily in middle eastern countries.

https://isc.sans.edu/diary.html?storyid=13366
http://technet.microsoft.com/en-us/security/advisory/2718704
http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx

QUOTE: Microsoft just released an emergency bulletin, and an associated patch, notifying users of Windows that a “unauthorized digital certificates derived from a Microsoft Certificate Authority” was used to sign components of the “Flame” malware. The update revokes a total of 3 intermediate certificate authorities:

* Microsoft Enforced Licensing Intermediate PCA (2 certificates)
* Microsoft Enforced Licensing Registration Authority CA (SHA1)

Comments are closed.