Security

Special Patch Alert: Flame malware targets Microsoft Update

Windows Update could be compromised if you don't take steps to prevent it.

My colleague over on the TechRepublic IT Security Blog, Selena Frye, published a disturbing post today (June 4, 2012), explaining the Windows-Update-specific security problems caused by Flame malware. You can read the gory details in her blog post, but the general gist is that you need to apply the corrective patch as soon as possible.

Check out:

Flame

For those of you who don't keep up with such things, Flame is a highly sophisticated piece of malware linked to recent espionage in Iran that targeted that nation's sensitive information. The speculation is that the software is state-sponsored, although there is no proof as of yet.

Now that Flame is in the wild, it has been surfacing in different scenarios causing security professionals to lose sleep as they attempt to contain it. This is similar to Stuxnet, which 60 Minutes reported on this past summer.

I suppose you could say we are looking at the first instances of cyber-warfare collateral damage. IT security is going to be a busy area of expertise for the foreseeable future, it appears.

Please patch ASAP:

About

Mark Kaelin is a CBS Interactive Senior Editor for TechRepublic. He is the host for the Microsoft Windows and Office blog, the Google in the Enterprise blog, the Five Apps blog and the Big Data Analytics blog.

10 comments
psauve
psauve

Please note that Microsoft Security Advisory (2718704) says: "The majority of customers have automatic updating enabled and will not need to take any action because the KB2718704 update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871. For administrators and enterprise installations, or end users who want to install the KB2718704 update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. For more information on how to manually apply the update, see Microsoft Knowledge Base Article 2718704. For Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices, no update is available at this time."

JandNL
JandNL

We have Windows 7 Home Premium 64-bit SP1,. However, when we downloaded and tried to install the listed file (Windows6.1-KB2718704-x64.msu), we got the message, "Does not apply to your computer." What is the problem?

cpet
cpet

The update won't install on my work Win XP 32 bit PC. Downloaded but won't install. I hope it doesn't mean I already have a proplem

lostinlodos
lostinlodos

Is Flame the same virus that Isrial created and used to DECLARE WAR on Iran?

fluxtatic
fluxtatic

No, Israel keeping an eye on other countries in the Middle East, Palestinians, their own citizens... Wake up - Iran hasn't started a war in over 200 years. Israel and the US are committing war crimes and crimes against humanity every day. What seems more dangerous to you - a country that is not developing a nuclear weapons program, but rather energy and medical usage, or a country that did not sign the non-proliferation treaty, and does have nukes but denies it? How about a country that is now using drone strikes to kill "military-age male civilians in designated areas."? Not combatants - citizens. How do you think it'd go over if another country started drone strike on the US - in LA, in Des Moines, in Atlanta. Not because they were dangerous...just because. Iran isn't the enemy - The US and Israel are.

Forensics.Focus@gmail.com
Forensics.Focus@gmail.com

For years now I have preached the following mantra to my students, seminar attendees, church group, family, friends, and wife... Use good, strong, passwords and if you must write them down keep that paper in your purse or wallet w/o the corresponding user name, account number, whatever; always back up on a regular basis; use good antivirus software and make sure it updates everyday; AND always do your updates. Now,we have a terrible new virus on the loose and we do not know how it works. A new form of State Sponsored Terrorism. Iran's revenge?

James-SantaBarbara
James-SantaBarbara

It's a bogus certificate problem. Microsoft has blacklisted it and revoked that certificate. This is not the first problem with certificates by any means; and apply to any Windows browser. If you keep your system updated properly then its not much of a problem at all.

hippiekarl
hippiekarl

and it's already installed (go to 'Action Center'--the little 'flag' icon in your tray, and look for the update #; I bet you got it around 3:00AM yesterday). Your machine is just refusing to RE-install it. ;)

danbi
danbi

As long as you trust Microsoft and parters to install and run any software, with full privileges on your (own) computer and your (own) data and networks there is no problem. Big Brother will take care of you. Just behave, or...

Greenknight_z
Greenknight_z

Got an unscheduled update yesterday, now I know what it was about. Avira already had it covered, anyway, so my window of vulnerability was tiny.

Editor's Picks