spoofing

Original release date: January 17, 2014 | Last revised: March 07, 2014 Systems Affected Certain UDP protocols have been identified as potential attack vectors: DNS NTP SNMPv2 NetBIOS SSDP CharGEN QOTD BitTorrent Kad Quake Network Protocol Steam Protocol Overview A Distributed Reflective...

Link Removed

Revision Note: V1.0 (July 10, 2014): Advisory published. Summary: Microsoft is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The SSL certificates were improperly issued by the National...

Severity Rating: Revision Note: V1.1 (January 14, 2013): Corrected the disallowed certificate list effective date to "Monday, December 31, 2012 (or later)" in the FAQ entry, "After applying the update, how can I verify the certificates in the Microsoft Untrusted Certificates Store?" Summary...

Severity Rating: Revision Note: V1.1 (June 13, 2012): Advisory revised to notify customers that Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices are not affected by the issue. Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived...

Severity Rating: Revision Note: V5.0 (September 19, 2011): Revised to announce the rerelease of the KB2616676 update. See the Update FAQ in this advisory for more information. Summary: Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a...

Link Removed

Revision Note: V1.0 (December 9, 2013): Advisory published. Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was...

Revision Note: V1.0 (November 12, 2013): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes...

Revision Note: V1.0 (November 12, 2013): Advisory published. Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes...

Revision Note: V2.0 (August 10, 2010): Advisory updated to reflect publication of security bulletin. Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-049 to address this issue. For more information about this issue, including...

Revision Note: V1.2 (September 5, 2012): Corrected the common name for the "CN=Microsoft Online Svcs BPOS APAC CA4" certificate issued by Microsoft Services PCA. Summary: Microsoft is aware of Microsoft certificate authorities that are outside our recommended secure storage practices. Upon a...

Severity Rating: Important Revision Note: V1.0 (May 14, 2013): Bulletin published. Summary: This security update resolves one privately reported vulnerability and one publicly disclosed vulnerability in the .NET Framework. The more severe of the vulnerabilities could allow...

Link Removed

Revision Note: V1.0 (January 3, 2013): Advisory published. Summary: Microsoft is aware of active attacks using one fraudulent digital certificate issued by TURKTRUST Inc., which is a CA present in the Trusted Root Certification Authorities Store. This fraudulent certificate could be...

Revision Note: V1.2 (September 11, 2012): Clarified that applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function could be impacted by this update. Examples of these applications and services include but are not limited to encrypted email...

Provides a link to Microsoft Security Advisory (2728973): Unauthorized digital certificates could allow spoofing. Link Removed

Revision Note: V1.0 (July 10, 2012): Advisory published. Summary: Microsoft is aware of Microsoft certificate authorities that are outside our recommended secure storage practices. Upon a routine review, we are placing these certificates in the Untrusted Certificate Store, and...

Revision Note: V1.0 (June 3, 2012): Advisory published. Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived by a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or...

Provides a link to Microsoft Security Advisory (2718704): Unauthorized digital certificates could allow spoofing. Link Removed