As part of its monthly “Patch Tuesday” security updates for June, Microsoft announced changes in how Windows manages certificates. These changes include a new automatic updater tool for Windows 7 and Windows Vista that will flag stolen or known forged certificates. This shift will have a huge impact on companies and software vendors who use Microsoft’s implementation of public key infrastructure as part of their authentication and software distribution—especially if they haven’t followed best practices for certificates in the past.
The changes come on the heels of revelations about the recently discovered Flame malware, which used a rogue certificate authority that masqueraded as Microsoft in order to hijack the Windows Update mechanism. On June 8, Microsoft made changes to its Update service to prevent such attacks in the future. The changes announced on June 11 go even further, moving to blunt the use of stolen or forged certificates of any kind from being used by malware writers and other attackers.
According to a post on the Microsoft Security Response Center blog by Microsoft Trustworthy Computing spokesperson Angela Gunn, the new certificate update tool will rely on a “Disallowed Certificate Trust List” maintained by Microsoft. The tool will check the list daily, moving certificates found on the list to an “untrusted” store. In the past, moving certificates to untrusted status required manually updating them.
Microsoft also gave advance warning of an update to how Windows manages certificates that will blanket invalidate certificates that don’t have adequate security. Certificates with RSA encryption keys of less than 1024 bits will automatically be marked as invalid. “Once this key length update is released, we will treat all of these certificates as invalid, even if they are currently valid and signed by a trusted certificate authority,” Gunn wrote.
Loading comments...
