The MD5 collision crypto attack used by the Flame authors to spoof Windows Update was a very sophisticated hack, said reputed security researcher and Pwnie Awards judge Alexander Sotirov at the awards ceremony. Some of the best cryptographers in the world are still trying to determine how the collision attack was actually performed, he said.

In addition to using a novel cryptoanalysis technique, this attack also had very serious implications, because it weakened the public's trust in Windows Update, Sotirov said. How can anyone trust it now, after it was abused by real attackers and not just in an academic setting? the researcher asked.

Sotirov was part of an international team of security researchers who demonstrated a practical collision attack against the MD5 algorithm in 2008 by generating a rogue CA certificate that gave them the ability to spoof any HTTPS-protected website on the Internet.

After that incident, everyone thought that vendors would stop using digital certificates with MD5 signatures, but Microsoft was still using one as of 2012, Sotirov said.

Following the discovery of the Flame attack, Microsoft revoked three of its intermediate CA certificates and strengthened Windows Update to prevent similar attacks in the future.