I frequently chastise people for ignoring Windows Update messages and prompts to apply patches to other applications such as Adobe products and Java. The response I frequently hear is “How do I know if the updates are real?” or “Yeah, I keep putting that off”.
I’ve always assumed that when Windows Update pops up in the system tray (the bottom right corner of your screen) that the messages are legitimate and safe since digital certificates are used by the operating system to verify authenticity.
You may not have heard about the newly publicized Flame malware since it has not made a splash in the U.S… yet. However it’s all the rage in tech articles and blogs lately. The Flame malware has created counterfeit security certificates that fool Microsoft Windows into thinking that bogus updates are real. If these “updates” are applied, your computer is infected.
Fortunately, security companies and Microsoft have jumped up and issued (or will issue) updates to protect against these attacks. However, they’re fearful that the malware may have other exploits that they have not yet discovered.
What to do? Unplug your computers from the internet!
HA! That’s not really an option. However, it’s now more important than ever to make sure all operating system updates and patches are applied, that your antivirus software and definitions are updated, you’re running approved firewall software, and that you apply all updates and security patches to applications such as Microsoft Office, Adobe products and Java. If you’re not running antivirus software, find one. There are plenty of free (and very effective) options out there.
For more information, take a look at this article from PCWorld:
Stay safe out there!
Ken
P.S. If you want to “geek out” and read more, take a look at the next articles. While security firms are still wrestling with the code, so far they have found that Flame can monitor email inboxes, take screen shots of what you’re working on and even record conversations you’re having near your computer. It also exploits BlueTooth to spread to other devices. What’s really interesting is that this malware does not appear to be the work of bored teen geeks or crime syndicates from the former Soviet Union. Instead, because it has to date targeted computers in Iran, security experts believe it was created as a cyber weapon by a nation-state. Enjoy!
http://security.blogs.cnn.com/2012/06/05/decoding-the-flame-virus/?iref=allsearch
http://www.pcworld.com/article/256644/flame_cyberweapon_lurked_for_years.html