|
Microsoft released an advisory [1] earlier today announcing that they will place a number of DigiNotar root certificates on the "not trusted" list. A blog article further explains how certificate stores can be manipulated manually [2]. One important difference between this most recent advisory, and an earlier advisory [3] is that Windows Mobile 6.x/7/7.5 is no longer listed as affected. The earlier advisory stated that Windows Mobile 6.x and 7 are affected. It didn't mention Windows Mobile 7.5. (thanks to a read for pointing this out)
[1]http://www.microsoft.com/technet/security/advisory/2607712.mspx ------ |
Johannes 4478 Posts ISC Handler Sep 6th 2011 |
| Thread locked Subscribe |
Sep 6th 2011 1 decade ago |
|
... And now that everybody is updated to Firefox v6.0.2, Chrome v13.0.782.220, and applied MS Security Advisory 2607712... updated, we're all comfy and ready to deal with this:
- http://news.yahoo.com/second-firm-warns-concern-dutch-hack-215940770.html Sep. 6, 2011 AMSTERDAM (AP) — "A company that sells certificates guaranteeing the security of websites, GlobalSign, says it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers..." > http://www.globalsign.com/company/press/090611-security-response.html "It's a beautiful day in the neighborhood ..." - Mr. Rodgers . |
Jack 160 Posts |
| Quote |
Sep 6th 2011 1 decade ago |
|
You can download the update from here: http://support.microsoft.com/kb/2607712 - however, it requires Windows Genuine Advantage validation. Maybe they are hoping that people using pirated copies of Windows will get hacked?
|
patermann 35 Posts |
| Quote |
Sep 8th 2011 1 decade ago |
|
You can also just delete the trusted certs from the cert store in Windows.
|
AndrewB 24 Posts |
| Quote |
Sep 8th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
