3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0

News

Extraordinary Robot
News Feed
#1
Revision Note: V1.0 (December 8, 2015): Advisory published.
Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

Continue reading...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.