Skip to main content

Microsoft bolsters security in bid to douse Flame virus

Microsoft has responded to the Flame virus tearing through computers in numerous countries by strengthening the security of its Windows Update program.

The Flame virus, a sophisticated malware that tries to glean sensitive information, has featured prominently in the Middle East with Iran most affected. Microsoft recently revealed that the virus gained a foothold in its software by forging one of its own security certificates, and the company has now moved to boost security measures on its widely-used Windows Update platform.

In the official blog of the Microsoft Security Response Centre, senor director Mike Reavey said, "When events like the current one occur, it's important for us to respond quickly and help protect customers as the first priority".

He added, "You can expect that we will continue to evaluate additional hardening of both the Windows Update channel and our code signing certificate controls as part of our ongoing analysis".

The menace of the Flame virus has been emphasised by security firm Kaspersky, who believe it "might be the most sophisticated cyber weapon yet unleashed". The malware can sniff network traffic, take screenshots, record audio conversations, and intercept keyboards, among other intrusions. Kaspersky thus describe it as "a complete attack toolkit designed for general cyber-espionage purposes".

The Russian company expects a nation-state to be behind the virus, and with Iran being the most frequent victim - and given the political climate - many will attribute the attack to western forces.

Attacks of this nature have featured heavily on the agenda of late, illustrated by Google's move to install a new tool warning users of state-sponsored hacking.