Some interesting information has been released recently which highlights potential dangers of "cryptographic collisions", specifically with the MD5 scheme.
Team Register" wrote:"Microsoft has "hardened" its Windows Update system after researchers discovered the Flame virus can infect PCs by offering itself as an update masquerading as official Microsoft software."
...
"To attack systems using Windows Vista and above, a potential attacker would have needed access to the now invalid Terminal Server Licensing Service certificates and the ability to perform a sophisticated MD5 hash collision.
On systems that pre-date Vista, an attack is possible without an MD5 hash collision. In either case, of course, an attacker must get his signed code onto the target system."
...
"Microsoft added that it had waited until it was clear that most of its customers were protected against the malware before publishing more details about how so-called "cryptographic collisions" had been used in those attacks."
http://www.theregister.co.uk/2012/06/07 … hardening/
I note that updates were also made available for various Server releases & Windows 8 Release Preview (see KB2718704 FAQ, above).
termserv wrote:"This change requires no specific action on the part of the Terminal Services or Remote Desktop Services administrator unless the administrator needs to set up a new or reactivate an existing Terminal Services license server or Remote Desktop license server, or install a new client access license (CAL) pack on a license server."
http://blogs.msdn.com/b/rds/archive/201 … vices.aspx
It is unknown to me at this time if Server 2012 RC needed patching.
MicroSoft wrote:"For Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices, no update is available at this time."
I think it could be inferred that since one (sha1) certificate was revoked, that at least one sha1 collision indeed existed. No wonder NIST advised moving along to better schemes, such as sha256 or sha512, years ago.
sha256 would likely add 2*2^96 improbabilities, yet sha512 could add 2*2^352 improbabilities.
Richard Chirgwin wrote:"The controllers of the Flame malware have apparently reacted to the publicity surrounding the attack by sending a self-destruct command.
According to Symantec, some command-and-control machines have sent a command designed to wipe Flame from compromised computers.
The command, which Symantec has dubbed “urgent suicide”, was captured on honeypots (since an ordinary machine would have the malware removed without the user noticing).
The C&C server shipped a file called browse32.ocx, which acts as a Flame uninstaller, complete with a list of files and folders to be deleted. After deletion, the module overwrites the disk with random characters. As Symantec notes, the uninstaller “tries to leave no traces of the infection behind”, in an attempt to thwart anyone capturing and analyzing the malware.
The module is instructed to remove more than 160 files and four folders. Symantec says Flame had originally shipped with a suicide module, and they don’t know why a new suicide module was used.
“The version of this module that we have was created on May 9, 2012,” Symantec’s post notes, which was “just a few weeks” before the malware became known"
http://www.theregister.co.uk/2012/06/07 … e_command/
Last edited by TechDud (2012-06-12 04:27:24)