Discovery of the Flame virus that mainly affected computers in the Middle East, has prompted Microsoft Corp to strengthen the security of a Windows program that helps customers secure their PCs and update software.
Mike Reavey, senior director of the Microsoft Security Response Center, said in a blog post that the world’s biggest software maker plans to boost security measures on the Windows Update software that is included with the operating system that runs the majority of the world’s PCs.
Microsoft disclosed over the weekend that the hackers who built Flame exploited a flaw in Windows that allowed them to trick PCs into believing it was a legitimate piece of software from Microsoft. The software was then downloaded onto computers using the Microsoft Update feature.
News of the Flame virus surfaced a week ago when cyber security experts described it as one of the most sophisticated pieces of malicious software discovered to date. They are still investigating the virus, which they believe was released specifically to target computers in Iran and across the Middle East, similar to the Stuxnet worm that attacked Iran’s nuclear program in 2010.
The security experts said Flame likely only infected several thousand computers and was targeted at entities that would be of interest to nations involved in espionage.
Microsoft said on its website on Sunday that it was releasing software to fix the bug using its Windows Update system. But security experts said machines infected with some advanced viruses may not benefit from that update because those viruses had disabled the Windows Update software.
That is partially what prompted the need to further boost the security of the Windows Update feature, they said.
“If Microsoft is going to ‘harden’ the update feature, they must also prevent writers of malicious software from disabling the updating process on local computers,” said John Bumgarner, chief technology officer of the U.S. Cyber Consequences Unit, a non-profit think-tank that studies the impact of cyber warfare.
Microsoft disclosed the plan to boost security of Windows Update late Monday on a Microsoft Security Response Center blog: http://blogs.technet.com/b/msrc/
Company officials could not immediately be reached to elaborate on Tuesday morning.
Yet Reavey said in a blog posted on Sunday that it was taking the flaw in Windows seriously because the bug could be exploited by developers of less sophisticated viruses to launch more widespread attacks.
Microsoft declined to say whether such attacks have already taken place.