US-CERT Current Activity
Microsoft Releases Security Advisory on Fraudulent Digital Certificates
Original release date: January 3, 2013
Last revised: --
Microsoft has released Security Advisory 2798897 in response to active
attacks using fraudulent digital certificates issued by TURKTRUST Inc.
These fraudulent certificates could be used to spoof content, perform
phishing attacks, or perform man-in-the-middle attacks. This
vulnerability affects all supported releases of Microsoft Windows.
This update revokes the trust of the fraudulent certificates and places
them in the Microsoft Untrusted Certificate Store.
US-CERT encourages users and administrators to review Microsoft Security
Advisory 2798897 and follow best-practice security policies to determine
if the update should be applied.
Relevant URL(s):
<http://technet.microsoft.com/en-us/security/advisory/2798897>