Microsoft certification authority signing certificates added to the Untrusted Certificate StoreWhile these security issues are not Flame-specific, and could be used in other forms of unrelated malware, Microsoft was able to identify components of the Flame malware that had been signed with a certificate that ultimately chained up to the Microsoft Root Authority.

via Microsoft Certificate Was Used to Sign “Flame” Malware | SecurityWeek.Com.

Microsoft did not say what algorithm was exploited in order to generate the rogue certificates, though SecurityWeek did reach out to Microsoft for comment and we will update the story if a response is recieved.