Flamer : Microsoft rolls update for Digitally Spoofed certificates

If you have not  heard of Flamer, Popularly known as Flame Malware, you seriously need to read this piece of news and share with as many people as possible as this malware can run in your computer with getting detected unless you have been updating your computer with latest updates regularly. Since not every computer user is geek to know about security issues, we recommend you help them out.

So coming back to topic, What is this Flame malware ?

This malware was powerful enough to stay under cover for a year and was capable of spoofing websites and performing phishing attacks. This means it can not only steal lot of information from you but also can disguise websites without triggering any alerts on your browser.

Apart from this, it is capable to record audio, Take Screenshots and also keyboard inputs which makes it an ultimate keylogger. According to Bit Defender, there are two component,  flask and jimmy, which can be triggered on remote computers from any machine to steal the information.

  • Flask gathers almost every data on the computer. Right from the System time to Network info to Passwords.
  • Jimmy is responsible to gather data from files ending with extensions such as  *.doc, *.docx, *.xls, *.dwg, *.kml *.ppt, *.csv, *.txt, *.url, *.pub, *.rdp, *.ssh, *.ssh2, *.vsd, *.ora, *.eml.

Flame was found to have certificate signed by Microsoft ? Nope

It was found that that attacks by Flame was using some digital certificates which signaled it came from Microsoft Certificate Authority. Signed Certificates are used as symbol of trust and if spoofed can be used for phishing attacks etc. This affects all version of Microsoft Windows including Windows XP.

Keeping this in mind, Microsoft has rolled out a fix in form of update and is it revokes the trust of the following intermediate CA certificates:

  • Microsoft Enforced Licensing Intermediate PCA (2 certificates)
  • Microsoft Enforced Licensing Registration Authority CA (SHA1)

This update will be rolled out with Windows Update but if you want it faster than that, You can download it from here. Just make sure to choose the correct operating system.

How to scan for Flame ?

If you have a good anitivirus, chances are that you already have an update. So all you need to do is scan your computer, but if you want a fix specifically for Flame, then BitDefender has come up with a standalone fix which can scan it for you. Download it from here via Ghacks.

LEAVE A REPLY

Please enter your comment!
Please enter your name here