AAPL Stock: 117.16 ( -1.14 )

Printed from

Microsoft issues patch for fake DigiNotar certificates

updated 01:00 pm EDT, Wed September 7, 2011

Microsoft addresses fake DigiNotar certificates

Microsoft has responded to the recently unveiled hack that saw DigiNotar issue fake security certificates for some high-profiles websites by issuing a patch on Tuesday. The patch only applies to affected versions of Windows Vista and is delivered through Internet Explorer. After the vulnerability was discovered on August 28, Microsoft released a security advisory on August 29 and removed the DigitNotar root certificate from the Microsoft Certificate Trust List.

That initial update showed a warning to users who accessed a site signed by an untrusted DigiNotar root certificate. They could still click on through, however. Now, the software giant took its precautions a step further and won't allow any access to websites that use fake DigiNotar certificates.

Meanwhile, another European Certificate Authority, the UK's GlobalSign, warned that their certificates may also have been faked, as the individual responsible for the fake Comodo certificates claimed he had access four other high-profile Certificate Authorities. GlobalSign on Tuesday said it would temporarily cease issuing certificates until its own investigation is complete.

The fake certificates can be used to phish for victim's information if the attacker has access to local networks, operates the network infrastructure between the victim and a site he or she is trying to access, or hijacks the DNS server used by ISPs. [via WinRumors]

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented