> I'm covering a story about a digital certificate flaw recently disclosed by > Microsoft, which affects Windows systems (Bulletin MS02-048). Apparently, > the vulnerability could allow an attacker to delete digital certificates > and prevent the user from accessing certain functions. I was hoping you > could comment on how serious this flaw is - could an attacker actually > exploit the vulnerability to do anything useful? From a quick scan of the advisories, the main risk appears to be that of denial of service, though not in the sense of crashing machines, but preventing users from verifying the identity of websites and senders of signed email as well as accessing their EFS-encrypted partitions. Potentially it could also prevent said users from using their own signatures to sign outgoing messages. The attack also applies to certificates on smart cards if they're attached to the system being attacked. It seems clear that the hassle and nusiance are likely outcomes from this vulnerability being exploited (particularly if workstations are not backed up regularly!), though with some extrapolation this could cause knock-on effects in the real world (what if a supplier will not accept an order without a valid digital signature? what if the supplier is part of a just-in-time process?) > Also, how well is Microsoft doing regarding its trustworthy computing > initiative? Well, I'm sure they're[sic] probably found and fixed a fair few bugs during their security review and I'm pleased to see that they're starting to ship some of their software with features/protocols disabled by default, but the well-publicised month of auditing is nothing much compared with, say, the effort expended by the developers of OpenBSD. And even some of the packages included in OpenBSD are found to have problems from time to time. I'm also concerned that despite Microsoft's self-professed hightened awareness of security issues, they still appear not to have produced a fix for the potentially *very* serious SSL man-in-the-middle attack discovered by Mike Benham a few weeks ago. Lots of software, including much of that produced by Microsoft, doesn't appear to have been designed with security in mind at all stages, and that's what it takes to deliver a dependable solution. You can't just "slap a bit of security in" a couple of weeks before release! Best Regards, Alex Butcher Security Analyst, Assursys Computing Ltd.