Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft releases Security Advisory 2718704


  • Please log in to reply
3 replies to this topic

#1 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:07:29 AM

Posted 04 June 2012 - 12:35 AM

http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx

We recently became aware of a complex piece of targeted malware known as "Flame" and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at risk. Additionally, most antivirus products will detect and remove this malware. That said, our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks. Therefore, to help protect both targeted customers and those that may be at risk in the future, we are sharing our discoveries and taking steps to mitigate the risk to customers.


Unauthorized digital certificates could allow spoofing http://support.microsoft.com/kb/2718704

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:29 AM

Posted 05 June 2012 - 01:33 PM

Researchers reveal how Flame fakes Windows Update
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Union_Thug

Union_Thug

    Bleeps with the fishes...

  • Topic Starter

  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:07:29 AM

Posted 06 June 2012 - 05:14 AM

Interesting read, thank you QM7 :thumbup2:

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:29 AM

Posted 07 June 2012 - 06:10 AM

You're welcome.

Microsoft Product Team Blog: Update to Windows Update, WSUS Coming This Week

As part of the phased mitigation strategy we outlined on the MSRC blog, an update was released with Security Advisory 2718704 that prevents unauthorized certificates from being used to attack Windows systems. In an effort to provide additional protection for customers, the next action in our mitigation strategy is to further harden Windows Update as a defense-in-depth precaution. Now that we have seen broad adoption of Security Advisory 2718704, our deployment of the security hardening update to Windows Update and Windows Server Update Services (WSUS) infrastructures will begin to roll out over the next few days.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users