Microsoft Windows is flawed in the way it trusts certificates. Microsoft Windows File Protection will automatically trust software that has been digitally signed with certificates rooted in any of the Trusted Root Certification Authorities.
This can be abused by malicious persons to sign any maliciously designed code and install it on systems without alerting the user, because Windows "trusts" root certificates even if they should only be used for signing SSL certificates and not signing code. This could be done anonymously by using:
Also Windows is designed to trust every version of previously published code from .CAT files, this allows malicious persons to replace new code with old buggy and vulnerable code.
This problem exists even if you have applied MS02-050 to prevent ID spoofing with digital signatures.
Solution: In our opinion no operating system or software should trust the source or origin of software or digital signatures by default. This should always be verified by a system administrator or other capable person. We recommend that you configure your Windows systems to trust as few root certificates as possible and instruct your users about the consequences (ie. they are prompted each time they enter an SSL site).
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Microsoft Windows Certificate Chain vulnerability
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.