man-in-the-middle

  1. Unauthorized Digital Certificates Could Allow Spoofing - Version: 1.1

    Severity Rating: Revision Note: V1.1 (June 13, 2012): Advisory revised to notify customers that Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices are not affected by the issue. Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived...
    • News
    • Thread
    • access denied active attacks browser security certificate cybersecurity digital certificates extended security updates internet explorer man-in-the-middle microsoft phishing revision note security security advisory spoofing vulnerability web security windows phone
    • Replies: 0
    • Forum: Security Alerts

  2. Microsoft Security Advisory (2916652): Improperly Issued Digital Certificates Could Allow...

    Revision Note: V1.0 (December 9, 2013): Advisory published. Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was...
    • News
    • Thread
    • advisory certificate digital certificates man-in-the-middle microsoft phishing security spoofing trusted root windows
    • Replies: 0
    • Forum: Security Alerts

  3. Microsoft Security Advisory (2880823): Deprecation of SHA-1 Hashing Algorithm for Microsoft...

    Revision Note: V1.0 (November 12, 2013): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes...
    • News
    • Thread
    • advisory algorithms attack certificate code signing digital security hashing man-in-the-middle microsoft phishing policy change revision note root certificate security sha1 spoofing ssl v1.0 x.509
    • Replies: 0
    • Forum: Security Alerts

  4. Microsoft Security Advisory (2880823): Deprecation of SHA-1 Hashing Algorithm for Microsoft...

    Revision Note: V1.0 (November 12, 2013): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes...
    • News
    • Thread
    • advisory attack certificate code signing cybersecurity digital certificates hashing man-in-the-middle microsoft phishing policy policy change root certificate security sha1 spoofing ssl vulnerability x.509
    • Replies: 0
    • Forum: Security Alerts

  5. Microsoft Security Advisory (2862973): Update for Deprecation of MD5 Hashing Algorithm for...

    Revision Note: V1.0 (August 13, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 that restricts the use of certificates...
    • News
    • Thread
    • advisory attack certificate deprecation hashing information man-in-the-middle md5 microsoft phishing root certificate safety security technology update vulnerability windows 7 windows 8 windows server windows vista
    • Replies: 0
    • Forum: Security Alerts

  6. Microsoft Security Advisory (2862973): Update for Deprecation of MD5 Hashing Algorithm for...

    Revision Note: V1.0 (August 13, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 that restricts the use of certificates...
    • News
    • Thread
    • advisory attack certificate cybersecurity encryption hashing man-in-the-middle md5 microsoft phishing protocol root certificate security threats update vulnerability windows 7 windows 8 windows server windows vista
    • Replies: 0
    • Forum: Security Alerts

  7. Microsoft Security Advisory (2661254): Update For Minimum Certificate Key Length - Version: 2.0

    Revision Note: V2.0 (October 9, 2012): Revised advisory to rerelease the KB2661254 update for Windows XP and to announce that the KB2661254 update for all supported releases of Microsoft Windows is now offered through automatic updating. Customers who previously applied the KB2661254 update do...
    • News
    • Thread
    • advisory attack certificate key length man-in-the-middle microsoft phishing security update windows xp
    • Replies: 0
    • Forum: Security Alerts

  8. Microsoft Security Advisory (2661254): Update For Minimum Certificate Key Length - Version: 2.0

    Revision Note: V2.0 (October 9, 2012): Revised advisory to rerelease the KB2661254 update for Windows XP and to announce that the KB2661254 update for all supported releases of Microsoft Windows is now offered through automatic updating. Customers who previously applied the KB2661254 update do...
    • News
    • Thread
    • advisory automatic certificate key length man-in-the-middle microsoft phishing security update windows xp
    • Replies: 0
    • Forum: Security Alerts

  9. Microsoft Security Advisory (2798897): Fraudulent Digital Certificates Could Allow Spoofing - Versio

    Revision Note: V1.0 (January 3, 2013): Advisory published. Summary: Microsoft is aware of active attacks using one fraudulent digital certificate issued by TURKTRUST Inc., which is a CA present in the Trusted Root Certification Authorities Store. This fraudulent certificate could be...
    • News
    • Thread
    • advisory attack certificate fraud man-in-the-middle microsoft phishing security spoofing turktrust windows
    • Replies: 0
    • Forum: Security Alerts

  10. Security Advisory 2743314 released

    Today, we published Security Advisory 2743314, which provides guidance that will help protect customers from a technique that could allow a man-in-the middle attack to obtain a user’s domain credentials when VPN is configured to use PPTP and MSCHAPv2. Customers concerned with this...
    • News
    • Thread
    • advisory credentials cybersecurity data security guidance man-in-the-middle microsoft mschapv2 msrc network security pptp risk management security tech updates threat mitigation trustworthy computing user protection vpn
    • Replies: 0
    • Forum: Security Alerts

  11. Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing - Versio

    Revision Note: V2.0 (November 16, 2011): Revised to announce the rerelease of the KB2641690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary. Summary: Microsoft is...
    • News
    • Thread
    • advisory cybertrust digicert digital certificates encryption entrust internet explorer knowledge base known issues man-in-the-middle microsoft phishing revision note security spoofing update vulnerability weak keys windows
    • Replies: 0
    • Forum: Security Alerts

  12. Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing - Versio

    Revision Note: V1.0 (November 10, 2011): Advisory published. Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when...
    • News
    • Thread
    • advisory digital certificates internet explorer man-in-the-middle microsoft phishing security spoofing weak encryption windows
    • Replies: 0
    • Forum: Security Alerts

  13. Microsoft Security Advisory (2524375): Fraudulent Digital Certificates Could Allow Spoofing - 5/10/2

    Revision Note: V4.0 (May 10, 2011): Announced the release of an update for Windows Mobile 6.x devices. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store, on all...
    • News
    • Thread
    • advisory certificate certification comodo cybersecurity digital certificates fraud internet explorer man-in-the-middle phishing release notes security spoofing trusted root update vulnerability windows windows phone zune hd
    • Replies: 0
    • Forum: Security Alerts

  14. Microsoft Security Advisory (2524375): Fraudulent Digital Certificates Could Allow Spoofing

    Revision Note: V2.0 (April 19, 2011): Added Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune devices to affected software and devices.Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...
    • News
    • Thread
    • advisory attack authority certificate explorer fraud internet kin man-in-the-middle microsoft mobile phishing security spoofing trust update windows zune
    • Replies: 0
    • Forum: Security Alerts

  15. Microsoft Security Advisory (2524375): Fraudulent Digital Certificates Could Allow Spoofing - 3/23/2

    Revision Note: V1.0 (March 23, 2011): Advisory published. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo...
    • News
    • Thread
    • advisory comodo digital certificates internet explorer man-in-the-middle microsoft phishing security spoofing trust store
    • Replies: 0
    • Forum: Security Alerts