Microsoft ‘hardens’ Windows Update from Flame penetration.
Microsoft “hardened” its Windows Update system after researchers discovered the Flame virus can infect PCs by offering itself as an update masquerading as official Microsoft software.
The worm infected computers in the Middle East and beyond for up to 2 years before being discovered by security experts in late May. Now, it emerged that the malware uses a skeleton-key-like certificate found in Microsoft’s Terminal Services Licensing server to sign its malicious code and trick Windows machines into trusting and installing its executables. June 6, Microsoft said it was continuing to analyze Flame and repeated it would “evaluate additional hardening of both the Windows Update channel and our code signing certificate controls.” It warned any customers who do no have their Windows Update software set to automatic configuration to install the latest patch immediately, which will thwart Flame’s man-in-the-middle attack.