Microsoft has issued a security warning and an emergency update over the weekend that fixes a serious flaw in Windows that was exploited by the Flame malware attack last month. Flame was massive and sophisticated but luckily a targeted attack. However, the same method could be exploited in a less sophisticated implementation for a more widespread attack.
In researching the methods used by the Flame virus, Microsoft discovered that the attack exploited Window’s Terminal Server Licensing Service, which uses an older cryptography algorithm. It allowed parts of the malware to be signed by certificates that made them appear to be produced by Microsoft.
Microsoft is resolving the issue by issuing an update that blocks software signed by these unauthorized certificates and the company is also terminating its Terminal Server Licensing Service from issuing any new certificates. For more details on the update, you can visit Microsoft’s security advisory page.