Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our ads are polite and keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • When is a security cert not a security cert?

    Posted on June 4th, 2012 at 21:21 woody Comment on the AskWoody Lounge

    When it’s a Microsoft security cert, of course.

    Microsoft just sent an out-of-band patch down the Automatic Update chute. It plugs one of the (many) holes used by the “Flame” malware.

    While I figure none of you are susceptible to Flame – the whole thing’s been overblown – you may be susceptible if some cretin figures out how to use the security certificate signing technique to generate a different cert.

    Microsoft has details in Security Advisory 2718704 . Brian Krebs has an excellent synopsis on his site.

    I’m about to change the MS-DEFCON level to 4. This patch is good incentive.

    If that helped, take a second to support AskWoody on Patreon