Microsoft has updated its security certificate platform in response to the recent discovery of the Flame malware attack.
Microsoft said that it would be issuing the updates to prevent the use of unsigned security certificates which could be presented to users as authentic and issued by Microsoft. According to Microsoft, such techniques have been used by Flame's creators and could be adopted for other attacks.
"Our investigation has discovered some techniques used by this malware that could also be leveraged by less sophisticated attackers to launch more widespread attacks," Microsoft Security Response Center senior director Mike Reavey said in a blog posting.
"Therefore, to help protect both targeted customers and those that may be at risk in the future, we are sharing our discoveries and taking steps to mitigate the risk to customers."
Among the updates being issued by Microsoft are patches which will automatically block the certificates used in the Flame attack. Additionally, the company is removing the ability for the Terminal Server Licensing Service to issue certificates which allow for code to be signed.
"These actions will help ensure that any malware components that might have been produced by attackers using this method no longer have the ability to appear as if they were produced by Microsoft," Reavey explained.
Since its discovery in late May, the Flame malware has sent security vendors and researchers alike scrambling for answers and updates. With its massive payload and sophisticated attack techniques, Flame is widely believed to be an industrial espionage tool developed in a state-sponsored programme.
Though the risk of attack from the malware itself is seen as minimal for nearly all firms in Europe and North America, malware writers could mimic Flame's techniques for infecting systems and avoiding detection in future attacks.
British Airways blames 'global systems outage' for IT meltdown
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store
Airport believes new system will be more reliable than GPS or Google Maps