CERT mailing list archives
Current Activity - Microsoft Releases Security Advisory on Fraudulent Digital Certificates
From: Current Activity <us-cert () us-cert gov>
Date: Thu, 3 Jan 2013 16:57:00 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Current Activity Microsoft Releases Security Advisory on Fraudulent Digital Certificates Original release date: January 3, 2013 Last revised: -- Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects all supported releases of Microsoft Windows. This update revokes the trust of the fraudulent certificates and places them in the Microsoft Untrusted Certificate Store. US-CERT encourages users and administrators to review Microsoft Security Advisory 2798897 and follow best-practice security policies to determine if the update should be applied. Relevant URL(s): <http://technet.microsoft.com/en-us/security/advisory/2798897> ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/current/#microsoft_releases_security_advisory_on For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUOX+mXdnhE8Qi3ZhAQII2Af/VGHyllSwK2M5dONJyF6urWx2MYrDsjxh K6+oilwSAhrzZWn8b+H5rQyE4l4tQ/KQJPLUkRgFRKVhT/cveFosbd49Fbh6MbbE YJVnL/P090o3aOBq6781RSAJHcW3m3tf9GifVvH6EH6BrxnUJnqzNkn/pJl82zXq ixkjUun+7d42xMHdtazx6jpML9IhHmGsCAYCaKXiDgKGxFLm7D0LnxFaryZH4vjF cH5t9Mg//RLxxYPhwh3K8TR3+y7oFyMhqP67UeJ/KeX72w62TlaF5sBx+VJXuzHH 2Bm9dl0/gZ1iQkN8WrhAZzSPoF0Lx+iE6tlBg2kQC2uni44WnVprXA== =/V3u -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Microsoft Releases Security Advisory on Fraudulent Digital Certificates Current Activity (Jan 03)