Microsoft warns that Flame exploits Windows flaw

Computer virus said to have been built by creators of Stuxnet worm that attacked Iran's nuclear program in 2010.

By REUTERS
June 4, 2012 20:51
1 minute read.
hacking hackers computer hacking [illustrative]

hacking hackers computer hacking [illustrative]_370. (photo credit: Thinkstock/Imagebank)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user uxperience almost completely free of ads
  • Access to our Premium Section and our monthly magazine to learn Hebrew, Ivrit
  • Content from the award-winning Jerusalem Repor
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later Don't show it again

BOSTON - Microsoft Corp warned PC users that the Flame virus that attacked systems across the Middle East infects computers by exploiting a flaw in the Windows operating system.

The company released software to protect against infections exploiting the previously undisclosed flaw.

Be the first to know - Join our Facebook page.


Mike Reavey, a senior director with Microsoft's Security Response Center, said in a blog post that he feared that other hackers might be able to copy the technique to launch more widespread attacks with other types of viruses.

"We continue to investigate this issue and will take any appropriate actions to help protect customers," Reavey said in the blog post.

A spokeswoman for Microsoft declined to elaborate. She would not comment on whether other viruses had exploited the same flaw in Windows or if the company's security team was looking for similar bugs in the operating system.

The flaw enabled Flame to install itself on computers by tricking Windows into believing that the malicious software was a legitimate program from Microsoft, Reavey said in the blog, which was published late on Sunday.

News of the Flame virus, which surfaced a week ago, generated headlines around the world as researchers said that technical evidence suggests it was built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010.



Ryan Smith, chief research scientist with security firm Accuvant, said the discovery of the Microsoft flaw was also significant.

"The Windows vulnerability in and of itself is a big story," said Smith, whose customers include large corporations. He added that it is possible other highly sophisticated pieces of malware may have also exploited the same flaw and be invisible to the users of the systems they have infected.

When customers install the software on infected computers, such viruses would either stop working or they might become invisible, Smith said.

Related Content

Angela Merkel gestures during a cabinet meeting in Berlin
July 21, 2018
Exclusive: German intelligence contradicts Merkel on Iran's nuclear drive

By BENJAMIN WEINTHAL