×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

CERT Alert: Possible "signed" virus

CERT Alert: Possible "signed" virus

CERT Alert: Possible "signed" virus

(OP)
CERT has issued a new advisory: "CA-2001-04 Unauthentic 'Microsoft Corporation' Certificates." ( www.cert.org/advisories/CA-2001-04.html ) It seems that VeriSign, Inc. issued two certificates to an individual fraudulently claiming to be an employee of Microsoft Corporation. There are some who believe that this could allow someone to write a virus that will look like a MS signed document. See www.microsoft.com/technet/security/bulletin/MS01-017.asp and
http://www.verisign.com/developer/notice/authenticode/index.html for more details.

On the other hand, VMyths ( http://Vmyths.com ) suggests that this is just media hyteria for three reasons. "First & foremost, ALL previous virus incidents (e.g. Melissa, ILoveYou, Kournikova) succeeded WITHOUT digital signatures.  Second, Verisign issued these "fake IDs" nearly two months ago, yet it only just now came to light.  Third, antivirus software can detect signed or unsigned viruses with equal ease."

My personal take, while number 3 is a valid reason, numbers 1 and 2 are of little comfort.

James P. Cottingham
www.ivcusa.com

RE: CERT Alert: Possible "signed" virus


"Third, antivirus software can detect signed or unsigned viruses with equal ease."


Yes, but this is only true if it is a known virus.

- Jeff Marler
  www.JeffMarler.com
  (please note, that the page is under construction)

RE: CERT Alert: Possible "signed" virus

(OP)
How true, how true!

James P. Cottingham
www.ivcusa.com

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close