Page 3 of 3
One thing noticeably absent from the June Patch Tuesday lineup was an additional fix to support security against the Flame worm.
“When Microsoft investigated Flame, they found out that it was often looking like a legitimate Microsoft download,” said Wolfgang Kandek, CTO of Qualys. “The attackers had found a way to generate a digital signature using some pretty sophisticated technology. So Microsoft fixed that last week by removing the related certificates from the overall list of Microsoft certificates on every machine. That was the quickest thing for them to do. So right now, they're re-engineering the deliveries for Windows updates using a new signing certificate. The client who installs the downloads is going to be much pickier. It will have to be signed by one specific certificate, as opposed to just any Microsoft certificate. And, it will also scrutinize communication between itself and the site where it gets downloaded. We expect this update to be out within the next 30 days.”
Even though Flame is currently limited to specific cyberattacks, a number of security professionals are warning channel partners to nonetheless take this threat seriously. “The likelihood of getting Flame onto your system is virtually nil, unless you're dealing with one of the countries that are involved,” added VMware's Miller. “But copycat virus writers will definitely go after those modules, so this is going to need to be addressed this month. It’s going to be a goldmine for anyone trying to launch an attack against corporate resources.”
<< Previous | 1 | 2 | 3