Microsoft has in Windows to three of its own certificates is removed. The certificates were used for the signen of the recently discovered Flame trojan, and made use of a now obsolete algorithm for encryption.
Three Microsoft certificate authorities through a Windows update blocked, Microsoft has announced. The update is Sunday night issued. If the update is installed, can rogue code no longer occur like this by Microsoft is developed.
The affected certificates are made use of outdated cryptography, and therefore they could be cracked, explains the company. The certificates were used for the issuance of licenses for Windows Terminal Service, remote use of applications. These certificates, three in total, made it also possible to code to sign.
Consequently, attackers are code signing with a certificate from Microsoft, so it seemed that these came from the software giant from Redmond. That is also the reason that the malware by virus scanners, it was noted, even though the virus since 2010, in circulation.
The Flame trojan arrived last week in the open; security company Kaspersky discovered the new malware, which the target would have at computers in the Middle East. It would be more sophisticated than the Stuxnet – and DuQu-trojans. Of those last two is suspected by the U.s. government in cooperation with Israel developed. Or that Flame also, as is, is still unclear.
