About this tag
The Entrust tag covers discussions about fraudulent digital certificates issued by subordinate certification authorities under Entrust and GTE CyberTrust. Topics include Microsoft security advisories and updates that add fraudulent certificates to the Windows Untrusted Certificate Store to protect users from spoofing, phishing, and man-in-the-middle attacks. Specific incidents involve DigiCert Sdn. Bhd. issuing certificates with weak 512-bit keys and DigiNotar root certificates cross-signed by Entrust. These threads focus on certificate security, Microsoft's response to compromised CAs, and updates to Windows certificate trust mechanisms.
-
Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing - Versio
Revision Note: V2.0 (November 16, 2011): Revised to announce the rerelease of the KB2641690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary. Summary: Microsoft is...- News
- Thread
- advisory cybertrust digicert digital certificates encryption entrust internet explorer knowledge base known issues man-in-the-middle microsoft phishing revision note security spoofing update vulnerability weak keys windows
- Replies: 0
- Forum: Security Alerts
-
More on DigiNotar Certificates, and September Bulletins
In an effort to protect customers, last week we released Security Advisory 2607712 along with a non-security update to add fraudulent DigiNotar certificates to the Windows Untrusted Certificate Store. Today, we are releasing another update (2616676), adding six additional DigiNotar root...- News
- Thread
- advisory bulletin certificate consumer protection cybertrust deployment diginotar enhancements entrust microsoft monthly release pkioverheid root ca security testing untrusted store update webcast windows
- Replies: 0
- Forum: Security Alerts