Kama Sutra Spoofs Digital Certificates
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Jan 25 18:34:33 EST 2006
Anne & Lynn Wheeler <lynn at garlic.com> writes:
>The Kama Sutra worm can fool WIndows into accepting a malicious ActiveX control
>by spoofing a digital signature, a security company said Tuesday.
If you track down the original Fortinet advisory you'll see that the Information-
Week text is slightly misleading, all it does is set the "this control is all
right" flags in the registry to make Windows think it's passed a signature check
at some point in the past.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list