A Microsoft update released this week introduces a digital certificate updater designed to notify systems of untrusted certificates in a day or less. In the past, Microsoft would have to release a Windows update or change certificate revocation lists (CRLs) manually to give users an updated list untrusted certificates. With this new update, users will receive an up-to-date list of flagged certificates automatically within a day "at most" says Microsoft's Kurt Hudson. Part of the update involved changing the URLs used to contact Windows update for these certificate lists, so some may need to update their firewall exceptions in order for the update to work properly.
This update is the latest of Microsoft's responses to a certificate spoof exploit used by the Flame malware, a trojan that has been linked to the well-known Stuxnet infection that damaged nuclear facilities in Iran. The two trojans have been linked, but Stuxnet and Flame are very different — Flame focuses on cyberespionage and gathers information from files and recording devices like webcams and microphones. Although the malware is primarily active on computers in Iran and Israel, Microsoft's update aims to fix the manner in which the machines were infected and prevent future trojans from abusing certificate spoofs.