Flame Virus Could Exploit Windows Flaw

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
The Microsoft Security Response Center blog has issued a warning about the new Flame virus. Hit the link for all the info or fire up Windows Update for the patch.

We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. We identified that an older cryptography algorithm could be exploited and then be used to sign code as if it originated from Microsoft. Specifically, our Terminal Server Licensing Service, which allowed customers to authorize Remote Desktop services in their enterprise, used that older algorithm and provided certificates with the ability to sign code, thus permitting code to be signed as if it came from Microsoft.
Click to expand...
 
I wish the Soviets would stop making stuff like this. Look at all this patching we have to do now!
 
SkribbelKat said:
I wish the Soviets would stop making stuff like this. Look at all this patching we have to do now!
Click to expand...

isn't Flame US government made like Stuxnet was? I thought I read about it the other day on NYTimes.
 
Azhar said:
Edit: found it. Last paragraph on page 1.

Apparently it hasn't been confirmed nor denied by our government.
Click to expand...

I doubt that anyone will ever claim responsibility for it unless someone finds substantial evidence or someone leaks information. Until the, I'd like to accuse Soviet Russia, Czechoslovakia, Rhodesia, and Siam for secret, joint development.
 
Fantastic, got to be more careful guys. So far no viruses for a while, knock on wood.
 
Steve said:
The Microsoft Security Response Center blog has issued a warning about the new Flame virus. Hit the link for all the info or fire up Windows Update for the patch.
Click to expand...

Thank you MS for telling everybody about this flaw.

5 seconds till another virus is out that exploits the same flaw.
 
this virus has been around for 5 years and they just found it now. this means there is other stuff out there that we don't know about or A/V can't detect.
 
There are probably many 'mutations' or variants already out in the wild. Government sponsored 'cyberwars' have probably been going on longer than most of us would think.
 
Good times, a country that works against it's people, because that makes sense. :confused:
 
Given this is government made I doubt MS will fix it, The government probably paid MS to have that flaw in first place. It kinda makes me wonder about all the other viruses and if more than we think are government made.
 
Red Squirrel said:
Given this is government made I doubt MS will fix it, The government probably paid MS to have that flaw in first place. It kinda makes me wonder about all the other viruses and if more than we think are government made.
Click to expand...

Ah, just another reason to use not-Windows.
 
PornoSatan said:
So Stuxnet and Flame are now both confirmed US/Israel projects? Cute.
Click to expand...

Really no surprise. Everyone had already figured it was them since Israel/Iran have such hate for each other. Plus no one (besides Russia and Iran at least) want's Iran to have nuclear weapons or the ability to make dirty bombs.

But the downside of that prevention is this super intelligently design virus out in the wild being mutated.
 
You must log in or register to reply here.
Back
Top