Level 1 Microsoft Security Advisory 2524375 Released!


Description: Description: Description: cid:image003.png@01CBE8B2.BD441710
Folks.  Make sure you look at this one.

What is the purpose of this alert?

This alert is to notify you that Microsoft has released Security Advisory 2524375 – Fraudulent Digital Certificates Could Allow Spoofing – on March 23, 2011.

 

Summary

 

Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all web browser users including users of Internet Explorer.

 

Certificates for the following web properties are affected:

 

  • login.live.com
  • mail.google.com
  •  www.google.com
  •  login.yahoo.com (3 certificates)
  • login.skype.com
  • addons.mozilla.org
  • "Global Trustee"

Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used.

 

An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375 (http://support.microsoft.com/kb/2524375).

 

Typically, no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information, including how to manually install this update, see the Suggested Actions section of this advisory.

 

Affected Software

 

This advisory discusses the following software.

 

Affected Software

Windows XP Service Pack 3

Windows XP Professional x64 Edition Service Pack 2

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition Service Pack 2

Windows Server 2003 with SP2 for Itanium-based Systems

Windows Vista Service Pack 1 and Windows Vista Service Pack 2

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1*

Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

 

*Server Core installation affected. This update applies, with the same severity rating, to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation option. For more information on this installation option, see the TechNet articles, Managing a Server Core Installation and Servicing a Server Core Installation. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008 and Windows Server 2008 R2; see Compare Server Core Installation Options.

 

Recommendations

 

Review Microsoft Security Advisory 2524375 for an overview of the issue, details on affected components, suggested actions, frequently asked questions (FAQ), and links to additional resources.

 

Customers who believe they are affected can contact Customer Service and Support. Contact CSS in North America for help with security update issues or viruses at no charge using the PC Safety line (866)PCSAFETY.

 

International customers can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/security/worldwide.aspx

 

Additional Resources

 

Jeffa

Digg This
Comments (0)

Skip to main content