Results 1 to 10 of 467

Thread: Microsoft Alerts

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005

    Exclamation MS Security Advisory (2718704)


    Microsoft Security Advisory (2718704)
    Unauthorized Digital Certificates Could Allow Spoofing
    June 03, 2012 - "Microsoft is aware of active attacks using unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows. Microsoft is providing an update for all supported releases of Microsoft Windows. The update revokes the trust of the following intermediate CA certificates:
    • Microsoft Enforced Licensing Intermediate PCA (2 certificates)
    • Microsoft Enforced Licensing Registration Authority CA (SHA1)
    Recommendation. For supported releases of Microsoft Windows, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service..."

    3 Jun 2012 - "We recently became aware of a complex piece of targeted malware known as 'Flame' and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks..."

    3 Jun 2012 - "... we released Security Advisory 2718704*, notifying customers that unauthorized digital certificates have been found that chain up to a Microsoft sub-certification authority issued under the Microsoft Root Authority... we encourage all customers to apply the officially tested update to add the proper certificates to the Untrusted Certificate Store... Components of the Flame malware were signed with a certificate that chained up to the Microsoft Enforced Licensing Intermediate PCA certificate authority, and ultimately, to the Microsoft Root Authority. This code-signing certificate came by way of the Terminal Server Licensing Service that we operate to issue certificates to customers for ancillary PKI-based functions in their enterprise. Such a certificate could (without this update being applied) also allow attackers to sign code that validates as having been produced by Microsoft.
    Conclusion: We recommend that all customers apply this update."

    Last Review: June 4, 2012 - Revision: 129.0

    Jun 4 2012
    ... Unauthorized digital certificates derived from these certificate authorities are being actively used in attacks.
    Windows Mobile 6.x and Windows Phone 7 and 7.5 are also affected.
    Impact: A remote user may be able to spoof code signing signatures.
    Solution: The vendor has issued a fix (KB2718704), available via automatic update...

    June 4, 2012

    Microsoft Security Advisory (2718704)
    Severity: Extreme Severity
    Published: Monday, June 04, 2012 20:39
    This security vulnerability is high risk and should be looked at ASAP by security teams.
    Analysis: Due to the risks involved, multiple sources suggest that this issue be mitigated as soon as possible. The vulnerability has already been used in the Flame malware, which has been around for a few years. How many other potential adversaries have found and are leveraging the same security hole for their purposes is an open question.

    Last Updated: 2012-06-05 ...(Version: 4)

    June 1, 2012 Mikko Hypponen, Chief Research Officer - F-Secure

    Last edited by AplusWebMaster; 2012-06-07 at 20:37.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts