InfoWorld - Security Adviser: 16 security problems bigger than Flame

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2012

Flame has proven a complex piece of malware, but if it were to disappear today, the Internet would just as insecure

By Roger A. Grimes
JUNE 12, 2012

Flame's man-in-the-middle hash-collision attack is very interesting, I won't deny. It's an incredibly complex, chained exploit using MD5 collision, weak vendor digital certificate, WPAD (Web Proxy Auto-Discovery Protocol) vulnerabilities, and signed malware. This is one for the history books.

Still, I can't get overly upset about Flame. Microsoft (my full-time employer) has revoked the weak certificate. The WPAD vulnerability has been around forever. There are far easier ways to accomplish the same outcome, such as pass-the-hash. Plus, Flame isn't widespread.

But the biggest reason I still can't get upset about Flame: The state of IT security is really bad already. Flame may add more fuel to the fire, but the inferno is already raging. How bad is it? Consider all that was happening before Flame and its effects became widespread:

Click the URL above to read the full article