Flame disguised itself as a Windows update

John Moe Jun 5, 2012

You know those heist movies where the thieves dress up as security guards or cops in order to pull off the big job? Well, if all those characters were lines of computer code, that’s essentially how the Flame worm was able to travel around from machine to machine. Turns out Flame had obtained fake Microsoft security certificates that allowed it to pass itself off as an official Microsoft security update, even though it was ANYTHING BUT.


From Fox News:


“We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft,” the company said in its security blog.


The company responded to the discovery by advising customers how to block such malware, releasing a security update to fight it and updating its licensing service to reduce the risk of similar cybertattacks in the future.

So Microsoft’s response is, pretty much, “Yes yes, but trust us THIS time. Good luck with that.


As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.