About this tag
The turktrust tag covers discussions about a 2013 security incident involving fraudulent digital certificates issued by TURKTRUST Inc., a certificate authority (CA) trusted by Microsoft Windows. Microsoft released Security Advisory 2798897 to address active attacks where a fraudulent certificate was used for spoofing, phishing, or man-in-the-middle attacks. The advisory details how TURKTRUST incorrectly created two subsidiary CAs, leading to the compromise. Microsoft updated the Certificate Trust List (CTL) to revoke trust for the affected certificates. Topics include certificate trust, CA misissuance, and Windows security updates.
-
Security Advisory 2798897 released, Certificate Trust List updated
Hello, Today we released Security Advisory 2798897 to notify customers that we are aware of active attacks using a fraudulent digital certificate issued by TURKTRUST Inc. To help protect customers, we have updated the Certificate Trust List (CTL) to remove the trust of the certificates causing...- News
- Thread
- advisory attack certificate communication customers digital fraud management protection security software trustlist trustworthy turktrust update windows server windows vista windows xp
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2798897): Fraudulent Digital Certificates Could Allow Spoofing - Versio
Revision Note: V1.0 (January 3, 2013): Advisory published. Summary: Microsoft is aware of active attacks using one fraudulent digital certificate issued by TURKTRUST Inc., which is a CA present in the Trusted Root Certification Authorities Store. This fraudulent certificate could be...- News
- Thread
- advisory attack certificate fraud man-in-the-middle microsoft phishing security spoofing turktrust windows
- Replies: 0
- Forum: Security Alerts