Microsoft sounds alarm on Flame virus’s Windows exploit

Boston — Reuters

John Bumgarner, a cyber warfare expert who is chief technology officer of the U.S. Cyber Consequences Unit, a non-profit group that studies the impact of cyber threats, holds a notebook computer while posing for a portrait in Charlotte in this December 1, 2011 file photo. A United Nations agency charged with helping member nations secure their national infrastructures plans to issue a sharp warning about the risk of the Flame virus that was recently discovered in Iran and other parts of the Middle East. Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections. (John Adkisson/Reuters/John Adkisson/Reuters)

Microsoft Corp warned PC users that the Flame virus that attacked systems across the Middle East infects computers by exploiting a flaw in the Windows operating system.

The company released software to protect against infections exploiting the previously undisclosed flaw.

Mike Reavey, a senior director with Microsoft’s Security Response Center, said in a blog post that he feared that other hackers might be able to copy the technique to launch more widespread attacks with other types of viruses.

Story continues below ad

“We continue to investigate this issue and will take any appropriate actions to help protect customers,” Mr. Reavey said in the blog post.

A spokeswoman for Microsoft declined to elaborate. She would not comment on whether other viruses had exploited the same flaw in Windows or if the company’s security team was looking for similar bugs in the operating system.

The flaw enabled Flame to install itself on computers by tricking Windows into believing that the malicious software was a legitimate program from Microsoft, Mr. Reavey said in the blog, which was published late on Sunday.

News of the Flame virus, which surfaced a week ago, generated headlines around the world as researchers said that technical evidence suggests it was built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010.

Ryan Smith, chief research scientist with security firm Accuvant, said the discovery of the Microsoft flaw was also significant.

“The Windows vulnerability in and of itself is a big story,” said Mr. Smith, whose customers include large corporations. He added that it is possible other highly sophisticated pieces of malware may have also exploited the same flaw and be invisible to the users of the systems they have infected.

When customers install the software on infected computers, such viruses would either stop working or they might become invisible, Mr. Smith said.

Microsoft’s warning is available here.

Follow us on Twitter: @GlobeTechnology

Companies & investments Mentioned In This Article (1)

Company Price Change Volume
Microsoft
MSFT-Q
44.38 -1.114 % 33,579,617

Topics:

More Stories