|06 Jun 2012||#1|
Flame malware collision attack explained
Since our last MSRC blog post, we’ve received questions on the nature of the cryptographic attack we saw in the complex, targeted malware known as Flame. This blog summarizes what our research revealed and why we made the decision to release Security Advisory 2718704 on Sunday night PDT. In short, by default the attacker’s certificate would not work on Windows Vista or more recent versions of Windows. They had to perform a collision attack to forge a certificate that would be valid for code signing on Windows Vista or more recent versions of Windows. On systems that pre-date Windows Vista, an attack is possible without an MD5 hash collision. This certificate and all certificates from the involved certificate authorities were invalidated in Security Advisory 2718704. We continue to encourage all customers who are not installing updates automatically to do so immediately.
|My System Specs|
|Similar help and support threads for2: Flame malware collision attack explained|
|Flame Malware Details Surface, Point to More Viruses||Security News|
|Invisible iFrame drive-by malware attacks explained [VIDEO]||Security News|
|Is Israel behind the Flame cyber-attack?||Security News|
|When faced with malware attack in progress how do you handle it?||System Security|
|Chinese using malware to attack US DoD smart card security||Security News|
|Linux repository hit by malware attack||Chillout Room|
|McAfee warns of new Mac malware attack.||System Security|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 05:30 PM.