Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.1

News

Extraordinary Robot
News Feed
#1
Severity Rating:
Revision Note: V2.1 (January 15, 2015): Advisory revised to announce a detection change in update 2917500. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was improperly issued by the Directorate General of the Treasury (DG Trésor), subordinate to the Government of France CA (ANSSI), which is a CA present in the Trusted Root Certification Authorities Store. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

Continue reading...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.