Security Advisory 2916652 released, Certificate Trust List updated

Discussion in 'Security Alerts' started by News, Dec 14, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Microsoft is updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of a mis-issued third-party digital certificate, which could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this action, customers will be automatically be protected against this issue. Additionally, the Enhanced Mitigation Experience Toolkit (EMET) 4.0 and newer versions help mitigate man-in-the-middle attacks by detecting untrusted or improperly issued SSL certificates through the Certificate Trust feature.

    For more information, please see Microsoft Security Advisory 2916652.

    Thank you,
    Dustin Childs
    Group Manager, Response Communications
    Microsoft Trustworthy Computing


    Continue reading...

Share This Page