Stuxnet rootkit was signed with a legitimate digital certificate from Realtek Semiconductor. The certificate that was used to sign the malware expired on June 11th. Microsoft and Verisign announced that they had worked together with Realtek to revoke the certificate in question. This implies the perpetrators of this attack have been planning their strategy for quite some time. Microsoft has updated their knowledgebase today to include an easy-to-use Fix it download that implements their mitigation advice.”]
Source: https://nakedsecurity.sophos.com/2010/07/20/certified-uncertainty/