It looks like the highly sophisticated Flame malware is going to have a bit of an afterburn.
While the greater threat of Flame has been limited geographically to the Middle East, some facets of the attack could now be the basis for future, more widespead attacks, Microsoft says.
Portions of Flame exploited the workings of Microsoft’s certificate approval system, allowing the software to appear as if Microsoft itself had approved it.
That’s bad enough, but according to Microsoft, less sophisticated attackers could use the tactic as the basis for their own efforts. Essentially, it allows bad guys to create malignant software and pass it off as if Microsoft itself had created it. By doing this, the software can be used to spoof, phish, and attack computers under the guise of trusted software.
That’s a huge deal for business users, who, have grown to rely on the Microsoft certificate authority to give it them trusted word on which software they can install safely.
Microsoft released a security advisory and update for the issue on Sunday.
As far as cyber treats go, Flame is a doozy. Designed for information acquisition, the software can listen in on audio conversations, take screenshots, and log keystrokes. Called one of the most complex cyber warfare tools ever created, the software’s had some pretty high-ranking victims, including Iranian officials.
Copyright 2012, VentureBeat