“Analysis of the massive ‘Flame’ cyber attack code has revealed that rogue Microsoft security certificates were used to make the malware appear as if it was officially signed by Microsoft. Microsoft has issued a security advisory, revoked trust in the rogue certificates, and provided steps to help IT admins and users prevent attacks that rely on the spoofed Microsoft certificates.”
Source: ‘Flame’ Spread Via Rogue Microsoft Security Certificates | PCWorld Business Center