(480) 812-0489
MTI Tech Solutions

Tech Blog

IT / Computer / Internet Topics

Start your conversation!

(800) 991-6241

STOP THE FLAME: Emergency updates have been issued by Microsoft for all versions of its Windows OS.

Jul 10, 2012

STOP THE FLAME:  Emergency updates have been issued by Microsoft for all versions of its Windows OS.

They call it Flame.  It is a highly developed new piece of malware. Antivirus vendors found this new worm had a significant interesting details of which required a windows update.  It was found that the Flame worm used a seemingly older Microsoft cryptographic algorithm which allowed you to create certificates and sign codes as if it came from Microsoft. 

Flame exploited this to start its attack.  This strategy is called Man-in-the-Middle (MitM) attack.  How did it work?

  1.  Flame worm signed its code with a seemly legitimate Microsoft certificate.
  2. Redirected local Windows Update with an infected machine
  3. The machine updates the infected update to the new machine (the victim).
  4. Since the machine thinks it is a legitimate Microsoft certificate, the infection is not detected and updates with no problem.

Microsoft’s Actions:

An update has been released to ensure everyone’s computers are safe.  In addition, Microsoft has revoked the two intermediate CA certificates.  What does that do?  It prevents your Window computer from updating the Flame rogue certificates.  We recommend all Window users download the update.  You can do this by clicking the hyperlink or copy and paste the following link.  http://support.microsoft.com/kb/2718704

Maximize Your Business' Potential with Tailored IT Support

Reach out today for a personalized consultation on how MTI's customized IT solutions can drive growth for your tech needs