Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.1

Discussion in 'Security Alerts' started by News, Apr 19, 2014.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating:
    Revision Note: V2.1 (January 15, 2015): Advisory revised to announce a detection change in update 2917500. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
    Summary: Microsoft is aware of an improperly issued subordinate CA certificate that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The subordinate CA certificate was improperly issued by the Directorate General of the Treasury (DG Trésor), subordinate to the Government of France CA (ANSSI), which is a CA present in the Trusted Root Certification Authorities Store. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

    Continue reading...

Share This Page