Security Advisor

Was the Flame Malware Spread Microsoft's Fault?

Last week I wrote about the somewhat newly discovered surveillance worm making its way through the Middle East. Well, Microsoft now says that it could have played a part in the distribution of the malware and pleads ignorance with concern to its role.

According to a Microsoft security advisory, the virus took advantage of a flaw in Microsoft's Terminal Server Licensing Services to create unauthentic Microsoft certificates. Once antivirus programs saw that the Flame was certified by Microsoft, the doors were open for it to cause havoc.

Seeing the error in its ways, Microsoft released a security update that will automatically revoke all bogus Microsoft certificates making their way through the wild. If you don't have automatic update on, go ahead and apply that bandage.

However, if you're not on a nation's watch list, and don't originate from Iran, chances are you'll be safe from infection -- this worm's targets have been a small and selective group of individuals that may or may not be in the terrorist industry.

As for Microsoft, while it didn't knowingly give the Flame architects the key to the Internet, it does hold some of the responsibility for the damage caused by it. Or so Andrew Storms, director of security operations for nCircle, believes.

"The discovery of a bug that's been used to circumvent Microsofts secure code certificate hierarchy is a major breach of trust, and it’s a big deal for every Microsoft user," said Storms. "It also underscores the delicate and problematic nature of the trust models behind every Internet transaction."

What do you think? Is it Microsoft's duty to customers to find and fix any bugs that could be used for harm? Or will hackers always find holes in software, no matter how secure it is? Let me know at [email protected]

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.