3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0

Discussion in 'Security Alerts' started by News, Dec 9, 2015.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Revision Note: V1.0 (December 8, 2015): Advisory published.
    Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

    Continue reading...

Share This Page