-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                    National Cyber Alert System

              Technical Cyber Security Alert TA12-156A


Microsoft Windows Unauthorized Digital Certificates

   Original release date: June 04, 2012
   Last revised: --
   Source: US-CERT


Systems Affected

     All supported versions of Microsoft Windows, including:

     * Windows XP and Server 2003
     * Windows Vista and Server 2008
     * Windows 7 and Server 2008 R2
     * Windows 8 Consumer Preview
     * Windows Mobile and Phone


Overview

   X.509 digital certificates issued by the Microsoft Terminal
   Services licensing certificate authority (CA) can be illegitimately
   used to sign code. This problem was discovered in the Flame
   malware. Microsoft has released updates to revoke trust in the
   affected certificates.


Description

   Microsoft Security Advisory (2718704) warns of active attacks using
   illegitimate certificates issued by the the Microsoft Terminal
   Services licensing certificate authority (CA). There appear to be
   problems with some combination of weak cryptography and certificate
   usage configuration. From an MSRC blog post:

      We identified that an older cryptography algorithm could be
      exploited and then be used to sign code as if it originated from
      Microsoft. Specifically, our Terminal Server Licensing Service,
      which allowed customers to authorize Remote Desktop services in
      their enterprise, used that older algorithm and provided
      certificates with the ability to sign code, thus permitting code
      to be signed as if it came from Microsoft.
   
   From another MSRC blog post:

      What we found is that certificates issued by our Terminal
      Services licensing certification authority, which are intended
      to only be used for license server verification, could also be
      used to sign code as Microsoft. Specifically, when an enterprise
      customer requests a Terminal Services activation license, the
      certificate issued by Microsoft in response to the request
      allows code signing without accessing Microsofts internal PKI
      infrastructure.
   
   The following details about the affected certificates were provided
   in Microsoft Security Advisory (2718704):

      Certificate: Microsoft Enforced Licensing Intermediate PCA
      Issued by: Microsoft Root Authority
      Thumbprint: 2a 83 e9 02 05 91 a5 5f c6 dd ad 3f b1 02 79 4c \
                  52 b2 4e 70

      Certificate: Microsoft Enforced Licensing Intermediate PCA
      Issued by: Microsoft Root Authority
      Thumbprint: 3a 85 00 44 d8 a1 95 cd 40 1a 68 0c 01 2c b0 a3 \
                  b5 f8 dc 08

      Certificate: Microsoft Enforced Licensing Registration Authority
                   CA (SHA1)
      Issued by: Microsoft Root Certificate Authority
      Thumbprint: fa 66 60 a9 4a b4 5f 6a 88 c0 d7 87 4d 89 a8 63 \
                  d7 4d ee 97


Impact

   An attacker could obtain a certificate that could be used to
   illegitimately sign code as Microsoft. The signed code could then
   be used in a variety of attacks in which the code would appear to
   be trusted by Windows.

   An attacker could offer software that appeared to be signed by a
   valid and trusted Microsoft certificate chain. As noted in an MSRC
   blog post, "...some components of the [Flame] malware have been
   signed by certificates that allow software to appear as if it was
   produced by Microsoft."


Solution

   It is important to act quickly to revoke trust in the affected
   certificates. Any certificates issued by the Microsoft Terminal
   Services licensing certificate authority (CA) could be used for
   illegitimate purposes and should not be trusted.

   Apply updates

      Apply the appropriate versions of KB2718704 to add the affected
      certificates to the Untrusted Certificate Store. Updates will
      reach most users via automatic updates and Windows Server Update
      Services (WSUS).
   
   Revoke trust in affected certificates

      Manually add the affected certificates to the Untrusted
      Certificate Store. The Certifcates MMC snap-in and Certutil
      command can be used on Windows systems.
   

References

 * US-CERT Current Activity: Unauthorized Microsoft Digital
   Certificates -
   <https://www.us-cert.gov/current/#microsoft_unauthorized_digital_certificates>

 * Microsoft Security Advisory (2718704) -
   <https://technet.microsoft.com/en-us/security/advisory/2718704>

 * Unauthorized digital certificates could allow spoofing -
   <http://support.microsoft.com/kb/2718704>

 * Microsoft certification authority signing certificates added to the
   Untrusted Certificate Store -
   <https://blogs.technet.com/b/srd/archive/2012/06/03/microsoft-certification-authority-signing-certificates-added-to-the-untrusted-certificate-store.aspx>

 * Microsoft releases Security Advisory 2718704 -
   <https://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx>

 * Windows Server Update Services -
   <http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx>

 * Certutil -
   <http://technet.microsoft.com/en-us/library/cc732443%28v=ws.10%29.aspx>

 * How to: View Certificates with the MMC Snap-in -
   <http://msdn.microsoft.com/en-us/library/ms788967.aspx>


Revision History

  June 04, 2012: Initial release

 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA12-156A Feedback INFO#461124" in
   the subject.
 ____________________________________________________________________

   Produced by US-CERT, a government organization.
 ____________________________________________________________________

This product is provided subject to the Notification as indicated here: 
http://www.us-cert.gov/legal.html#notify

This document can also be found at
http://www.us-cert.gov/cas/techalerts/TA12-156A.html

For instructions on subscribing to or unsubscribing from this 
mailing list, visit http://www.us-cert.gov/cas/signup.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBT80kYHdnhE8Qi3ZhAQItEQf+LtKD3ZFVSQXiS0S6qId/oXVl/+mMdIqo
uI71CA9Pkm/fKhMW17nOJvKZ+51jPRsWMfEJ4WVZJGvIos26GRkiRmwErfXGf4gn
XI4xFt4J5VEuKRJbYeey5JtKUywMEb2urxceooMOhbbi1Y0+iAVY4QnRm0jwxCgM
ojl6bNbEK8Pb2mGD8XQCwRSuwbKgifaIKlbyuNMZvNEvSvCS9Fpmw8pJzSYbZMr8
gKj4G2us/1C1dlNcje3AGNH2LAsvfHg9IagK60XhtX6tuZQ7x+EVRzxYuuAm14Ra
RgVm8QsTQJ3TmqG/a3xH0NDb0vEmZd7cWR30GgYEuwtYc7LYTqVORQ==
=cMSk
-----END PGP SIGNATURE-----