You probably know Microsoft issued security advisory KB2718704 to revoke Microsoft certificates present in the certificate chain of a signed Flame component.
Here are some screenshots of the signature of this Flame component (WuSetupV.exe).
Before revocation:
After revocation:
Didier Stevens 