About this tag
Discussions on WindowsForum.com about weak keys focus on a specific security incident involving DigiCert Sdn. Bhd., a Malaysian subordinate certification authority that issued 22 certificates with weak 512-bit keys. These weak keys could be broken, allowing attackers to spoof content, conduct phishing, or perform man-in-the-middle attacks. Microsoft responded by revoking trust in the affected certificates and releasing updates through Windows Update to protect users. The tag covers the technical details of weak encryption keys, their exploitation risks, and Microsoft's remediation steps, including updates to the untrusted certificate store.
-
Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing - Versio
Revision Note: V2.0 (November 16, 2011): Revised to announce the rerelease of the KB2641690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary. Summary: Microsoft is...- News
- Thread
- advisory cybertrust digicert digital certificates encryption entrust internet explorer knowledge base known issues man-in-the-middle microsoft phishing revision note security spoofing update vulnerability weak keys windows
- Replies: 0
- Forum: Security Alerts
-
Untrusted Certificate Store to be updated
Hi everyone, This post is to notify customers that Microsoft will revoke trust in an Intermediate Certificate Authority, DigiCert Sdn. Bhd. (Digicert Malaysia) in an update to be released through Windows Update. DigiCert Sdn. Bhd is a Malaysian subordinate CA under Entrust and Verizon (GTE...- News
- Thread
- authentication ca security certificate compromise digicert encryption intermedia malicious software malware microsoft response revocation root program security threats trust update vulnerability weak keys
- Replies: 0
- Forum: Security Alerts