- Joined
- Jun 27, 2006
- Location
- Chicago, IL
Hello - Today we're releasing Link Removed due to 404 Error, to address nine fraudulent digital certificates issued by Comodo Group Inc, a root certificate authority. Comodo has since revoked the digital certificates. This is not a Microsoft security vulnerability; however, one of the certificates potentially affects Windows Live ID users via login.live.com. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against end users. We are unaware of any active attacks.
We have taken steps to further help protect customers by developing a mitigation update. We recommend customers download the update to help protect against inadvertent use of the fraudulent digital certificates. Customers should continue to utilize Internet Explorer's Security Status bar located on the right side of the address bar to verify that the site being visited is valid and secure.
The Microsoft mitigation will be made available through the Microsoft Download Center and the Windows Update Service. For customers who use Windows Automatic Updates, the update will occur automatically.
The video below provides additional viewpoints on the mitigation and explains why you should prioritize installation as soon as possible.
If you have not done so already, we highly recommend customers register for our comprehensive alerts. Sign up here: Microsoft Technical Security Notifications
Thanks,
Bruce Cowper
Group Manager, Trustworthy Computing
Link Removed due to 404 Error
More...
We have taken steps to further help protect customers by developing a mitigation update. We recommend customers download the update to help protect against inadvertent use of the fraudulent digital certificates. Customers should continue to utilize Internet Explorer's Security Status bar located on the right side of the address bar to verify that the site being visited is valid and secure.
The Microsoft mitigation will be made available through the Microsoft Download Center and the Windows Update Service. For customers who use Windows Automatic Updates, the update will occur automatically.
The video below provides additional viewpoints on the mitigation and explains why you should prioritize installation as soon as possible.
If you have not done so already, we highly recommend customers register for our comprehensive alerts. Sign up here: Microsoft Technical Security Notifications
Thanks,
Bruce Cowper
Group Manager, Trustworthy Computing
Link Removed due to 404 Error
More...
