Security Advisory 2798897 released, Certificate Trust List updated

Discussion in 'Security Alerts' started by News, Jan 3, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Today we released Security Advisory 2798897 to notify customers that we are aware of active attacks using a fraudulent digital certificate issued by TURKTRUST Inc. To help protect customers, we have updated the Certificate Trust List (CTL) to remove the trust of the certificates causing this issue, and we encourage customers follow the guidance in Security Advisory 2798897.
    TURKTRUST Inc. incorrectly created two subsidiary Certificate Authorities: (*.EGO.GOV.TR and The *.EGO.GOV.TR subsidiary CA was then used to issue a fraudulent digital certificate to *
    There is no action for customers using versions of Windows Vista and newer who have installed the Certificate Trust List feature, which we released in June. This feature helps protect customers from any potential issues caused by these certificates.
    For Windows XP and Windows Server 2003 customers, or customers who chose not to install the Certificate Trust List feature, also known as Microsoft Knowledge Base Article 2677070, we recommend that this update be applied immediately using update management software, by checking for updates using the Microsoft Update service, or by downloading and applying the update manually.
    For more information and details about the update, please see Security Advisory 2798897.
    Dustin Childs
    Group Manager, Response Communications
    Trustworthy Computing



Share This Page