Hacker claims ability to issue Windows update

Comodohacker reckons he has access to Windows update
Kerry Butters

September 13, 2011

The hacker responsible for the recent attack on DigiNotar has claimed that he also has the ability to issue Windows updates.

Microsoft has denied that this is possible in a recent security statement issued last week.

The hacker, known as Comodohacker, claims that this is not true and he has already reversed an “entire windows update protocol”.

As far as the attack on DigiNotar goes, the attacker claims that this was carried out as retaliation for Srebrenica, when Dutch peacekeepers failed to prevent the town being taken during the Bosnian conflict.

Microsoft says that the root certificates were revised at the end of last month to remove any from DigiNotar and so it is unlikely that any attacker has access.

However, Comodohacker claims to be in possession of four more certificates from GlobalSign who admitted that they have detected an intrusion, but only on their web servers where no root information is kept.

The hacker posted a statement on pastebin which outlined the attacks he has carried out alongside a series of brags about his cleverness.

Microsoft says it’s preparing another update which will add DigiNotar to their list of untrusted certificates. However, in the meantime users can purge them manually by following the instructions set out here.

“Attackers are not able to leverage a fraudulent Windows Update certificate to install malware via the Windows Update servers,” Microsoft asserted.

“The Windows Update client will only install binary payloads signed by the actual Microsoft root CA certificate, which is issued and secured by Microsoft. Also, Windows Update itself is not at risk, even to an attacker with a fraudulent certificate.”

No doubt the relevant authorities will be keen to speak to Comodohacker. Recently governments have made it very clear that these kinds of attacks will not be tolerated in a series of arrests made around the world, with members of hacktivist groups Anonymous and LulzSec being collared.

Comodohacker has suggested the idea of a web hacking course in which he can teach those groups a thing or two.


Post a comment

Your email address will not be published. Required fields are marked *

Visited 4163 times, 1 so far today