Adobe revoking a valid code signing certificate

AdobeAbode has announced, via a blog post by Brad Arkin, the company’s senior director, that it intends revoking a valid code signing certificate, after a couple of malicious utilities have been found to be using the certificate.

Disclosing that Adobe has initiated investigation into what probably is “the inappropriate use of an Adobe code signing certificate for Windows," Arkin said in the blog post: “We plan to revoke the impacted certificate on October 4, 2012 for all software code signed after July 10, 2012."

With regard to the impact of the revocation, Arkin said that the move will affect the Windows platform, Adobe Muse and Adobe Story AIR applications, and Acrobat. com desktop services which run on Windows as well as Mac computers. Arkin also added that the revocation will “not” have any effect most of the customers of Adobe software for Windows.

Meanwhile, with the blog post revealing that both the utilities - "pwdump7 v7.1" and "myGeeksmail. dll" – apparently make use of the same source, it appears that the certificates being revoked by Adobe were likely used in an APT. While the first utility chiefly mined password hashes from Windows OS, the second one was an ISAPI - Internet Server Application Programming Interface - filter.

About Adobe’s decision to wait till next week for revoking the certificates, Adobe spokeswoman Wiebke Lips said that the interim period will give the administrators enough time to prepare their systems.