Hacker News new | comments | show | ask | jobs | submit login
Microsoft releases Security Advisory (technet.com)
12 points by wglb 1644 days ago | hide | past | web | 3 comments | favorite



I'm not sure those steps will be that effective without Windows boxes everywhere being updated. Shouldn't the certificate be blacklisted?

Will removing the signing function from Remote Desktop disable the exploit in current installations? I don't think anyone using it to sign malware will want this upgrade.

Can anyone give an explanation on what happens?


See steps 1 and 2 from the linked article:

We are taking several steps to remove this risk:

• First, today we released a Security Advisory outlining steps our customers can take to block software signed by these unauthorized certificates.

• Second, we released an update that automatically takes this step for our customers.

• Third, the Terminal Server Licensing Service no longer issues certificates that allow code to be signed.


Thanks, @recoiledsnake, but I did read the article.

> we released a Security Advisory

So sysadmins will have to do something. What about machines that are managed by their own users?

> Second, we released an update that automatically takes this step for our customers.

What happens to machines that aren't updated (such as machines controlling industrial/flight/medical systems?

> Third, the Terminal Server Licensing Service no longer issues certificates that allow code to be signed.

Doesn't it run on the Windows machines themselves? Why would someone who's using it for signing malware upgrade to the new, non-signing, version?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: