Microsoft revokes 28 of its code-signing certificates
The long awaited patch for the CVE-2012-1889 vulnerability that has been heavily exploited in the wild and the exploit for which has even been included in the Blackhole Exploit Kit is not the only big news from the latest Patch Tuesday.
Among other things, Microsoft has notified users that it has made available an automated Microsoft Fix it solution (a workaround – not a patch) that disables the Windows Sidebar and Gadgets on supported editions of Windows Vista and Windows 7, because of a number of vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets.
The vulnerabilities in question will be revealed in a scheduled talk at the Black Hat security conference later this month in Las Vegas by two security researchers who shared their knowledge with Microsoft beforehand in order not to endanger users.
The company has also issued an advisory notifying users that it has revoked trust in 28 of its own intermediate CA certificates.
“Upon a routine review, we are placing these certificates in the Untrusted Certificate Store, and replacing them with new certificate authorities that meet our high standard of public-key infrastructure (PKI) management,” they said. “We are unaware of any misuse of the certificate authorities, but are taking pre-emptive action to protect customers.”
The revoked certificates could be uses to spoof content, perform phishing attacks, or perform man-in-the-middle attacks, and this move by Microsoft is the result of the discovery of the misuse of the company’s trusted digital signatures by the recently discovered Flame malware.