Microsoft 'hardens' Windows Update from Flame penetration

[JMH]

How the hot malware burned a new hole in Redmond's backside

Microsoft has "hardened" its Windows Update system after researchers discovered the Flame virus can infect PCs by offering itself as an update masquerading as official Microsoft software.

The sophisticated worm has been hurtling through computers in the Middle East and beyond for up to two years before being unearthed by security experts late last month. Now it has emerged that the malware uses a skeleton-key-like certificate found in Microsoft's Terminal Services Licensing server to sign its malicious code and trick Windows machines into trusting and installing its executables.

http://www.theregister.co.uk/2012/06/07/microsoft_combats_flame_with_additional_hardening/

 

[JMH]

[h=1]Microsoft's moves against Flame may throw wrench in Patch Tuesday[/h]

Microsoft today said it would deliver seven security updates next week, three critical, to patch 28 bugs in Windows, Internet Explorer, Office and other programs in its portfolio.
But Microsoft's promise to start pushing an update to Windows Update this week -- part of its response to the Flame espionage malware -- could disrupt this month's patching, one expert warned.


The number of updates was right on the average so far this year of seven per month, yet another indication that although Microsoft once used an even-odd schedule, patching more vulnerabilities in the even months, it has discarded the model.


"It's totally flat-lined," said Andrew Storms, director of security operations at nCircle Security. "The up-and-down is totally gone."


This month's Patch Tuesday will fix the largest number of vulnerabilities -- 28 all told -- this year. In May, Microsoft fixed 23 security flaws.

http://www.computerworld.com/s/arti...in_Patch_Tuesday?source=rss_keyword_microsoft