KB2718704-Connection to Flame malware

Microsoft certification authority signing certificates added to the Untrusted Certificate Store
http://blogs.technet.com/b/srd/archive/2012/06/03/microsoft-certification-authority-signing-certificates-added-to-the-untrusted-certificate-store.aspx

Connection to Flame malware

Components of the Flame malware were signed with a certificate that chained up to the
Microsoft Enforced Licensing Intermediate PCA certificate authority, and ultimately,
to the Microsoft Root Authority. This code-signing certificate came by way of the
Terminal Server Licensing Service that we operate to issue certificates to customers
for ancillary PKI-based functions in their enterprise. Such a certificate could
(without this update being applied) also allow attackers to sign code that validates
as having been produced by Microsoft.

Conclusion

We recommend that all customers apply this update.

Microsoft Security Advisory (2718704)
Unauthorized Digital Certificates Could Allow Spoofing
http://technet.microsoft.com/en-us/security/advisory/2718704

http://support.microsoft.com/kb/2718704

Flame Malware Uses Forged Microsoft Certificate to Validate Components
http://threatpost.com/en_us/blogs/flame-malware-uses-forged-microsoft-certificate-validate-components-060412

 

Answer
Answer

Good information....

 

Thanks, Rhab!

MVP Consumer Security 2014-2016
Windows Insider MVP 2016-2018

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

 
 

Question Info


Last updated March 26, 2018 Views 3,012 Applies to: