IBM Security Notice Regarding Two IBM Code Signing Certificates
Two IBM Code Signing Certificates Are Being Revoked
IBM recently has identified malware which appears to have been signed by one of two IBM code signing certificates, one for signing Java code (which already is expired) and the other for signing code to run on Windows systems. IBM is revoking these certificates today, October 14, 2016. Updates for products which may have been using these certificates will be published as soon as they are available. To IBM’s knowledge, this malware has not been distributed with any IBM software.
Product Impact
Some IBM software products will be impacted by the revocation of these two code signing certificates. The product list can be found in the table below. The revocation of these certificates does not pose a security risk to users. However, there may be potential impact to the usability of the products; in certain situations, some products may fail to run or warn the user that the certificates used to sign the products are no longer valid.
Next Steps
Updates for products which may have been using these certificates will be published as soon as they are available. Refer to the table below for the location where product updates will be made available. Other than installing these updates, which should address any usability issues, no additional actions are required. If you have any questions about how to update these products, visit the IBM Support Portal.
| Product | Location Where Product Update Will Be Made Available |
| IBM WebSphere Application Server V9 (Only Windows products impacted) | Refer to the following link for further instructions: http://ift.tt/2eC0wEn |
| IBM Installation Manager (Only Windows products impacted) | Flash Service Bulletin Website |
| IBM Rational Synergy for Rational Team Concert Interface | Fix Central |
| IBM Rational Synergy for Eclipse Interface | Fix Central |
| IBM Rational Change | Fix Central |
| IBM Security AppScan Enterprise | Fix Central |
| IBM InfoSphere Change Data Capture | Fix Central |
| Rational System Architect (includes IBM Rational System Architect XT) | Contact architect.support@unicomsi.com for more information. |
| Rational Functional Tester | Fix Central |
| IBM Rational Test Workbench | Fix Central |
| IBM Software Development Toolkit for Linux on Power | Passport Advantage |
| IBM Rational DOORS Next Generation | Refer to the following link for further instructions: http://ift.tt/2e53I8N |
| IBM Rational Team Concert | Refer to the following link for further instructions: http://ift.tt/2e53I8N |
| IBM Rational Host On-Demand (HOD) | Passport Advantage |
| IBM Security AppScan Source | Fix Central |
| IBM Security AppScan Standard | Fix Central |
| IBM System z CHPID Mapping Tool | Resource Link |
| IBM Rational Integration Tester | Fix Central |
| IBM Rational Robot | Fix Central |
| IBM Integration Bus | Fix Central |
from IBM Product Security Incident Response Team http://ift.tt/2eBY4gW