Flame Malware Hijacks Windows Update

[crushallserpents]

= Flame Hits Windows Update: 7 Key Facts
Flame's use of spoofed Microsoft security certificates will likely be mimicked by sophisticated malware writers to craft widespread attacks, experts say.
- http://www.informationweek.com/news/...rime/240001490

= Flame Malware Hijacks Windows Update
- http://it.slashdot.org/story/12/06/0...windows-update

related -

- http://www.securityweek.com/flame-ma...date-mechanism
- http://news.slashdot.org/story/12/06...-flame-malware
- http://blogs.technet.com/b/msrc/arch...-strategy.aspx
- http://www.net-security.org/malware_news.php?id=2138

[valmar]

Quote:

Originally Posted by crushallserpents

= Flame Hits Windows Update: 7 Key Facts
Flame's use of spoofed Microsoft security certificates will likely be mimicked by sophisticated malware writers to craft widespread attacks, experts say.
- http://www.informationweek.com/news/...rime/240001490

= Flame Malware Hijacks Windows Update
- http://it.slashdot.org/story/12/06/0...windows-update

related -

- http://www.securityweek.com/flame-ma...date-mechanism
- http://news.slashdot.org/story/12/06...-flame-malware
- http://blogs.technet.com/b/msrc/arch...-strategy.aspx
- http://www.net-security.org/malware_news.php?id=2138

Like the Stuxnet virus, you can bet every last bit of fiat money that the U.S. Government and Israel created the Flame virus. Linux is invulnerable to it though, for the time being. It'd take a lot for the Flame virus to crack the average Linux box. Especially now that the world in general has wind of it's existence. I think that Microsoft is somehow part of the whole Flame virus saga....

In this article, notice the signature: http://blogs.technet.com/b/msrc/arch...-strategy.aspx

Mike Reavey
Senior Director, MSRC
Microsoft Trustworthy Computing

What do you think Trustworthy Computing is?
http://www.gnu.org/philosophy/can-you-trust.html
http://www.enterprisenetworkingplane...-Computing.htm

OK, it's off topic, but I was following a train of thought.
Perhaps I should start a new thread regarding this...

[streamline]

why would anybody need Windows Update after having setup and installed all the cyber-security measures?

[nwonow]

Why would people running a nuclear plant trust their operations to a windoze PC - the most bug ridden insecure platform going.

[faustus]

Quote:

Originally Posted by nwonow

Why would people running a nuclear plant trust their operations to a windoze PC - the most bug ridden insecure platform going.

Stuxnet was the worm used to infiltrate specialised Power plant systems etc.

Flame is a rather poor relation (if related at all, the authors might have taken some of the ideas from Stuxnet, but its not even close to the same level of class) aimed at data mining from standard users.

[crushallserpents]

These two blogs go into incredible detail about Flame and its components:

http://blog.cuckoobox.org/
http://stratsec.blogspot.com/

[dolores1]

Ta. D.