It looks like everything signed by an Adobe Code Signing Certificate can be malware
Posted by jpluimers on 2012/09/29
If I read Inappropriate Use of Adobe Code Signing Certificate my conclusion is that anything signed by the Adobe Code Signing Certificate since 2012-07-10 potentially can be malware.
As a precaution, I will manually revoke the certificate on all my systems (that’ll take a while!). If anyone knows how to automate that process, please post a comment showing how to.
Hitching on a trusted certificate of a big software company comes close to the ultimate hack: trojaning signed malware in the distribution of an OS vendor.
–jeroen
via: Inappropriate Use of Adobe Code Signing Certificate « Adobe Secure Software Engineering Team (ASSET) Blog.
Like this:
Like Loading...
Related
This entry was posted on 2012/09/29 at 18:38 and is filed under *nix, Adobe, Android Devices, Apple, HTC, HTC Sensation, iOS, iPad, iPhone, iPod, iPod touch, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, Opinions, OS X 10.8 Mountain Lion, Power User, Windows, Windows 7, Windows 8, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP.
Tagged: adobe software, conclusion, engineering team, precaution, secure software, software, software company, software engineering, technology, ultimate hack. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Leave a Reply