Signature Detail

HTTP: Executable Signed With Revoked Adobe Certificate Download

This signature detects the download of executable files signed with a digital certificate that has been revoked by Adobe due to being mis-used to sign malicious programs. Digital certificates are typically used to verify that an executable comes from a trusted 3rd party - only the 3rd party has the private keys to sign these files. If those keys are stolen, a malicious attacker could use the keys to sign malware that would then be trusted by the operating system and run with less restrictions.

References

• URL: http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html
• URL: http://www.adobe.com/support/security/advisories/apsa12-01.html