Security advisory: Fraudulent digital certificates could allow spoofing

From the Microsoft Security Tips Blog:

Microsoft released a security advisory today warning about fraudulent digital certificates that could be used to spoof content, perform phishing attacks, or perform other exploits that could put you at risk.

The best way to protect yourself is to turn on Windows automatic updating.

What are digital certificates?

Digital certificates are used to verify the identity of a website.

We're releasing this advisory because Comodo, a major certification authority, informed Microsoft that several digital certificates have been issued without sufficiently validating their identity. These certificates could be used to spoof the identity of services and trick you into trusting them.

Comodo has revoked these certificates, and they are listed in Comodo's current Certificate Revocation List (CRL). If your computer is up to date, it will recognize that these certificates are invalid.

For more information: