Advertisement
GStreamer Conference 2013, 22-23 Oct, Edinburgh
GStreamer, Embedded Linux, Android, VoD, Smooth Streaming, DRM, RTSP, HEVC, PulseAudio, OpenGL. Register now to attend.
| |||||||||||||
Fraudulent SSL certificates in the wildFraudulent SSL certificates in the wildPosted Mar 23, 2011 18:33 UTC (Wed) by sumC (subscriber, #1262)Parent article: Fraudulent SSL certificates in the wild
From a MS security advisory that came today.
http://www.microsoft.com/technet/security/advisory/252437...
"Executive Summary
Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.
These certificates affect the following Web properties:
login.live.com
mail.google.com
www.google.com
login.yahoo.com (3 certificates)
login.skype.com
addons.mozilla.org
"Global Trustee"
Comodo has revoked these certificates, and they are listed in Comodos current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used."
(Log in to post comments)
|
|||||||||||||