Home page logo
/

cert logo CERT mailing list archives

Current Activity - Microsoft Releases Security Advisory on Fraudulent Digital Certificates
From: Current Activity <us-cert () us-cert gov>
Date: Thu, 3 Jan 2013 16:57:00 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Awareness System

US-CERT Current Activity
Microsoft Releases Security Advisory on Fraudulent Digital Certificates

Original release date: January 3, 2013
Last revised: --

Microsoft has released Security Advisory 2798897 in response to active
attacks using fraudulent digital certificates issued by TURKTRUST Inc.
These fraudulent certificates could be used to spoof content, perform
phishing attacks, or perform man-in-the-middle attacks. This
vulnerability affects all supported releases of Microsoft Windows.

This update revokes the trust of the fraudulent certificates and places
them in the Microsoft Untrusted Certificate Store.

US-CERT encourages users and administrators to review Microsoft Security
Advisory 2798897 and follow best-practice security policies to determine
if the update should be applied.

Relevant URL(s):
<http://technet.microsoft.com/en-us/security/advisory/2798897>


____________________________________________________________________

   Produced by US-CERT, a government organization.
____________________________________________________________________

This product is provided subject to this Notification:
http://www.us-cert.gov/privacy/notification.html

Privacy & Use policy:
http://www.us-cert.gov/privacy/

This document can also be found at
http://www.us-cert.gov/current/#microsoft_releases_security_advisory_on

For instructions on subscribing to or unsubscribing from this
mailing list, visit http://www.us-cert.gov/cas/signup.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBUOX+mXdnhE8Qi3ZhAQII2Af/VGHyllSwK2M5dONJyF6urWx2MYrDsjxh
K6+oilwSAhrzZWn8b+H5rQyE4l4tQ/KQJPLUkRgFRKVhT/cveFosbd49Fbh6MbbE
YJVnL/P090o3aOBq6781RSAJHcW3m3tf9GifVvH6EH6BrxnUJnqzNkn/pJl82zXq
ixkjUun+7d42xMHdtazx6jpML9IhHmGsCAYCaKXiDgKGxFLm7D0LnxFaryZH4vjF
cH5t9Mg//RLxxYPhwh3K8TR3+y7oFyMhqP67UeJ/KeX72w62TlaF5sBx+VJXuzHH
2Bm9dl0/gZ1iQkN8WrhAZzSPoF0Lx+iE6tlBg2kQC2uni44WnVprXA==
=/V3u
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • Current Activity - Microsoft Releases Security Advisory on Fraudulent Digital Certificates Current Activity (Jan 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]