While the greater threat of Flame has been limited geographically to the Middle East, some facets of the attack could now be the basis for future, more widespead attacks, Microsoft says.
Portions of Flame exploited the workings of Microsoft’s certificate approval system, allowing the software to appear as if Microsoft itself had approved it.
That’s bad enough, but according to Microsoft, less sophisticated attackers could use the tactic as the basis for their own efforts. Essentially, it allows bad guys to create malignant software and pass it off as if Microsoft itself had created it. By doing this, the software can be used to spoof, phish, and attack computers under the guise of trusted software.
That’s a huge deal for business users, who have grown to rely on the Microsoft certificate authority to give them trusted word on which software they can install safely.
Microsoft released a security advisory and update for the issue on Sunday.
As far as cyber threats go, Flame is a doozy. Designed for information acquisition, the software can listen in on audio conversations, take screenshots, and log keystrokes. Called one of the most complex cyber warfare tools ever created, the software’s had some pretty high-ranking victims, including Iranian officials.
Kaspersky, which made the initial Flame report, is set to release its findings on this latest development later today, and we’ll update here once that happens.
Photo: Flickr user Stewart