When we examined the certificate with the Windows utility certutil.exe we saw a different story emerge. We expected to find a Certificate Revocation List (CRL) Distribution Point (CDP) extension, an Authority Information Access (AIA) extension, and a “Microsoft Hydra” critical extension. First, it had no X.509 extension fields, which was not consistent with the certificates we issued from the Terminal Server licensing infrastructure. As we reviewed this certificate, we noticed several irregularities. When we first examined the Flame malware, we saw a file that had a valid digital signature that chained up to a Microsoft Root authority. We continue to encourage all customers who are not installing updates automatically to do so immediately. This certificate and all certificates from the involved certificate authorities were invalidated in Security Advisory 2718704. On systems that pre-date Windows Vista, an attack is possible without an MD5 hash collision.
In short, by default the attacker’s certificate would not work on Windows Vista or more recent versions of Windows. They had to perform a collision attack to forge a certificate that would be valid for code signing on Windows Vista or more recent versions of Windows. This blog summarizes what our research revealed and why we made the decision to release Security Advisory 2718704 on Sunday night PDT. Since our last MSRC blog post, we’ve received questions on the nature of the cryptographic attack we saw in the complex, targeted malware known as Flame.
0 kommentar(er)
