digital certificates

  1. 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (September 24, 2015): Advisory published. Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other...
    • News
    • Thread
    • certificate management code signing content protection cybersecurity d-link digital certificates impersonation incident notification information disclosure microsoft microsoft support security advisory security risks spoofing technical note threat awareness update v1.0 vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  2. 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (September 24, 2015): Advisory published. Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other...
    • News
    • Thread
    • code signing d-link digital certificates information disclosure microsoft security security advisory spoofing version 1.0 vulnerability windows update
    • Replies: 0
    • Forum: Security Alerts

  3. TA15-120A: Securing End-to-End Communications

    Original release date: April 30, 2015 Systems Affected Networked systems Overview Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject...
    • News
    • Thread
    • authentication browser security certificate certificate pinning communication cyberattack dane data security digital certificates encryption mitm attack network notary network security privacy ssl systems affected threat mitigation tls vulnerability web security
    • Replies: 0
    • Forum: Security Alerts

  4. 3050995 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (March 24, 2015): Advisory published. Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The...
    • News
    • Thread
    • advisory digital certificates man-in-the-middle microsoft phishing security spoofing vulnerability windows update
    • Replies: 0
    • Forum: Security Alerts

  5. 3046310 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (March 16, 2015): Advisory published. Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...
    • News
    • Thread
    • advisory cybersecurity digital certificates man-in-the-middle microsoft phishing revision note spoofing ssl update vulnerability windows security
    • Replies: 0
    • Forum: Security Alerts

  6. 3046310 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (March 16, 2015): Advisory published. Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...
    • News
    • Thread
    • advisory cybersecurity digital certificates man-in-the-middle microsoft phishing spoofing ssl certificates vulnerability windows security
    • Replies: 0
    • Forum: Security Alerts

  7. Security Advisory 2982792 released, Certificate Trust List updated

    Today, we are updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of mis-issued third-party digital certificates. These certificates could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties...
    • News
    • Thread
    • advisory attack certificate digital certificates mitigation phishing security ssl certificates trust update windows server
    • Replies: 0
    • Forum: Security Alerts

  8. Microsoft security advisory: Improperly issued digital certificates could allow spoofing

    Link Removed
    • News
    • Thread
    • advisory digital certificates microsoft security spoofing
    • Replies: 0
    • Forum: Knowledge Base (KB)

  9. 2982792 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (July 10, 2014): Advisory published. Summary: Microsoft is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The SSL certificates were improperly issued by the National...
    • News
    • Thread
    • certificate cybersecurity digital certificates man-in-the-middle microsoft phishing security advisory spoofing ssl vulnerability
    • Replies: 0
    • Forum: Security Alerts

  10. Compatibility Issues Affecting Signed Microsoft Binaries - Version: 2.0

    Severity Rating: Revision Note: V2.0 (December 11, 2012): Added the KB2687627 and KB2687497 updates described in MS12-043, the KB2687501 and KB2687510 updates described in MS12-057, the KB2687508 update described in MS12-059, and the KB2726929 update described in MS12-060 to the list of...
    • News
    • Thread
    • binaries compatibility corecomponents digital certificates digital signature extended security updates installation kb updates microsoft patch management revision note security severity rating softwarebinaries timestamp uninstall update v2.0 windows issues
    • Replies: 0
    • Forum: Security Alerts

  11. Fraudulent Digital Certificates Could Allow Spoofing - Version: 1.1

    Severity Rating: Revision Note: V1.1 (January 14, 2013): Corrected the disallowed certificate list effective date to "Monday, December 31, 2012 (or later)" in the FAQ entry, "After applying the update, how can I verify the certificates in the Microsoft Untrusted Certificates Store?" Summary...
    • News
    • Thread
    • attack digital certificates fraud microsoft phishing root certification security spoofing untrusted store update
    • Replies: 0
    • Forum: Security Alerts

  12. Unauthorized Digital Certificates Could Allow Spoofing - Version: 1.1

    Severity Rating: Revision Note: V1.1 (June 13, 2012): Advisory revised to notify customers that Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices are not affected by the issue. Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived...
    • News
    • Thread
    • access denied active attacks browser security certificate cybersecurity digital certificates extended security updates internet explorer man-in-the-middle microsoft phishing revision note security security advisory spoofing vulnerability web security windows phone
    • Replies: 0
    • Forum: Security Alerts

  13. Microsoft security advisory: Improperly issued digital certificates could allow spoofing

    Link Removed
    • News
    • Thread
    • advisory digital certificates microsoft security spoofing
    • Replies: 0
    • Forum: Knowledge Base (KB)

  14. Microsoft Security Advisory (2916652): Improperly Issued Digital Certificates Could Allow...

    Revision Note: V1.0 (December 9, 2013): Advisory published. Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was...
    • News
    • Thread
    • advisory certificate digital certificates man-in-the-middle microsoft phishing security spoofing trusted root windows
    • Replies: 0
    • Forum: Security Alerts

  15. Microsoft Security Advisory (2880823): Deprecation of SHA-1 Hashing Algorithm for Microsoft...

    Revision Note: V1.0 (November 12, 2013): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes...
    • News
    • Thread
    • advisory attack certificate code signing cybersecurity digital certificates hashing man-in-the-middle microsoft phishing policy policy change root certificate security sha1 spoofing ssl vulnerability x.509
    • Replies: 0
    • Forum: Security Alerts

  16. Microsoft Security Advisory (2854544): Updates to Improve Cryptography and Digital Certificate...

    Revision Note: V1.1 (August 13, 2013): Added the 2862966 and 2862973 updates to the Available Updates and Release Notes section. Summary: Microsoft is announcing the availability of updates as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Microsoft...
    • News
    • Thread
    • advisory cryptography digital certificates infrastructure microsoft security threats update windows
    • Replies: 1
    • Forum: Security Alerts

  17. Microsoft Security Advisory (2854544): Update to Improve Cryptography and Digital Certificate...

    Revision Note: V1.0 (June 11, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Over the course of months, Microsoft will continue to announce additional...
    • News
    • Thread
    • advisory cryptography digital certificates handling infrastructure microsoft security threats update windows
    • Replies: 0
    • Forum: Security Alerts

  18. Microsoft Security Advisory (2728973): Unauthorized Digital Certificates Could Allow Spoofing...

    Revision Note: V1.2 (September 5, 2012): Corrected the common name for the "CN=Microsoft Online Svcs BPOS APAC CA4" certificate issued by Microsoft Services PCA. Summary: Microsoft is aware of Microsoft certificate authorities that are outside our recommended secure storage practices. Upon a...
    • News
    • Thread
    • advisory certificate digital certificates microsoft pki revision note security spoofing untrusted store windows
    • Replies: 0
    • Forum: Security Alerts

  19. Microsoft Security Advisory (2749655): Compatibility Issues Affecting Signed Microsoft...

    Revision Note: V2.0 (December 11, 2012): Added the KB2687627 and KB2687497 updates described in MS12-043, the KB2687501 and KB2687510 updates described in MS12-057, the KB2687508 update described in MS12-059, and the KB2726929 update described in MS12-060 to the list of available rereleases...
    • News
    • Thread
    • advisory binaries compatibility digital certificates installation microsoft security uninstall update windows
    • Replies: 0
    • Forum: Security Alerts

  20. Microsoft Security Advisory (2854544): Update to Improve Cryptography and Digital Certificate...

    Revision Note: V1.0 (June 11, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Over the course of months, Microsoft will continue to announce additional...
    • News
    • Thread
    • advisory cryptography digital certificates infrastructure microsoft security threats update windows
    • Replies: 0
    • Forum: Security Alerts