View Single Post
Old 06-12-12, 03:30 PM   #1
Registered User
Join Date: Jun 2009
Posts: 56,592
Post Microsoft overhauls certificate management in response to Flame PKI hack

As part of its monthly 'Patch Tuesday' security updates for June, Microsoft announced changes in how Windows manages certificates. These changes include a new automatic updater tool for Windows 7 and Windows Vista that will flag stolen or known forged certificates. This shift will have a huge impact on companies and software vendors who use Microsoft's implementation of public key infrastructure as part of their authentication and software distribution'especially if they haven't followed best practices for certificates in the past.

The changes come on the heels of revelations about the recently discovered Flame malware, which used a rogue certificate authority that masqueraded as Microsoft in order to hijack the Windows Update mechanism. On June 8, Microsoft made changes to its Update service to prevent such attacks in the future. The changes announced on June 11 go even further, moving to blunt the use of stolen or forged certificates of any kind from being used by malware writers and other attackers.

According to a post on the Microsoft Security Response Center blog by Microsoft Trustworthy Computing spokesperson Angela Gunn, the new certificate update tool will rely on a 'Disallowed Certificate Trust List' maintained by Microsoft. The tool will check the list daily, moving certificates found on the list to an 'untrusted' store. In the past, moving certificates to untrusted status required manually updating them.

Read more | Comments

News is offline   Reply With Quote