Revision Note: V1.0 (June 3, 2012): Advisory published.
Summary: Microsoft is aware of active attacks using three unauthorized digital certificates derived by a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or...
Revision Note: V2.0 (November 16, 2011): Revised to announce the rerelease of the KB2641690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary.
Summary: Microsoft is...
advisory
cybertrust
digicert
digital certificates
encryption
entrust
internet explorer
knowledge base
known issues
man-in-the-middle
microsoft
phishing
revision note
security
spoofing
update
vulnerability
weak keys
windows
Revision Note: V1.0 (November 10, 2011): Advisory published.
Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when...
Revision Note: V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table.
Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted...
advisory
certification authority
comodo
cybersecurity
digital certificates
fraudulent certificates
internet explorer
kin
microsoft
mobile security
non-affected devices
phishing
risk management
security
spoofing
trusted root
update
web browsers
windows mobile
zune
Revision Note: V3.0 (September 6, 2011): Revised to announce the release of an update that addresses this issue.
Summary: Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root...
Revision Note: V3.0 (September 6, 2011): Revised to announce the release of an update that addresses this issue. Advisory Summary:Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root...
Revision Note: V2.0 (August 29, 2011): Revised to correct erroneous advisory number. Advisory Summary:Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported...
Revision Note: V2.0 (August 29, 2011): Revised to correct erroneous advisory number.Summary: Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of...
Revision Note: V1.0 (August 29, 2011): Advisory published. Advisory Summary:Microsoft is aware of at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft...
Revision Note: V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table.Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...
Revision Note: V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...
Revision Note: V4.0 (May 10, 2011): Announced the release of an update for Windows Mobile 6.x devices. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store, on all...
advisory
certificate authority
certification authority
comodo
cybersecurity
digital certificates
fraudulent
internet explorer
man-in-the-middle
phishing
release note
security
spoofing
trusted root
update
vulnerability
windows
windows mobile
windows phone
zune hd
Revision Note: V2.0 (April 19, 2011): Added Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune devices to affected software and devices.Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...
advisory
attacks
authority
certificates
explorer
fraudulent
internet
kin
man-in-the-middle
microsoft
mobile
phishing
security
spoofing
trusted
update
windows
zune
Revision Note: V2.0 (April 19, 2011): Added Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune devices to affected software and devices. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root...
advisory
certification
cybersecurity
digital certificates
fraudulent
internet explorer
kin
malware
microsoft
phishing
security
spoofing
trust
windows mobile
windows phone
zune
Revision Note: V1.0 (March 23, 2011): Advisory published.Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised...
advisory
certification authority
cybersecurity
digital certificates
fraudulent
internet explorer
microsoft
phishing
security
spoofing
trusted root
windows
Revision Note: V1.0 (March 23, 2011): Advisory published. Advisory Summary:Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo...