Kama Sutra Spoofs Digital Certificates

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Jan 25 18:34:33 EST 2006

Anne & Lynn Wheeler <lynn at garlic.com> writes:

>The Kama Sutra worm can fool WIndows into accepting a malicious ActiveX control 
>by spoofing a digital signature, a security company said Tuesday.

If you track down the original Fortinet advisory you'll see that the Information-
Week text is slightly misleading, all it does is set the "this control is all 
right" flags in the registry to make Windows think it's passed a signature check
at some point in the past.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list