Tuesday's revocation of 28 certificates is part of a much larger overhaul of Microsoft's cryptographic key management regimen that's designed to make it more resistant to abuse. The housecleaning follows last month's discovery that some of the company's trusted digital signatures were being abused to certify the validity of the Flame malware that has infected computers in Iran and other Middle Eastern Countries. By forging the cryptographic imprimatur used to certify the legitimacy of Windows updates, Flame was able to spread from one computer to another inside an infected network.
Like the intermediate certificate authorities that Flame abused to hijack the Windows Update mechanism, at least some of the certificates Microsoft moved into its Untrusted Certificate Store on Tuesday contained code-signing permissions. An advisory characterized the purge as a "pre-emptive cleanup" and said there's no evidence any of the certificates have been abused or compromised.
Microsoft revokes 28 digital certificates
Posted on Wednesday, July 11 2012 @ 14:03 CEST by Thomas De Maesschalck