Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Out-of-band patch: MS warns of hack attempt on major sites

Microsoft issued a warning today that nine fraudulent digital certificates were issued by root certificate authority, Comodo Group. Although the certificates were quickly revoked, their initial release still poses a threat to browser users, including users of Internet Explorer. This is not a security flaw in Microsoft software, the company says, but it released a security update for Windows all the same.

The nine fake certificates affect the following Web sites, Microsoft says:

  • (Windows Live)
  • (3 certificates)
  • “Global Trustee”

Fraudulent certificates give hackers the ability to spoof content, phish, or insert themselves in man-in-the-middle attacks, collecting information that users think is being sent over a secure link from browser to Web site.

via Network World.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: