Microsoft Releases Diginotar Related Patch and Advisory

Published: 2011-09-06
Last Updated: 2011-09-06 18:47:27 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Microsoft released an advisory [1] earlier today announcing that they will place a number of DigiNotar root certificates on the "not trusted" list. 

A blog article further explains how certificate stores can be manipulated manually [2].

One important difference between this most recent advisory, and an earlier advisory [3] is that Windows Mobile 6.x/7/7.5 is no longer listed as affected. The earlier advisory stated that Windows Mobile 6.x and 7 are affected. It didn't mention Windows Mobile 7.5. (thanks to a read for pointing this out)

 

[1]http://www.microsoft.com/technet/security/advisory/2607712.mspx
[2]http://blogs.technet.com/b/srd/archive/2011/09/04/protecting-yourself-from-attacks-that-leverage-fraudulent-diginotar-digital-certificates.aspx
[3] http://technet.microsoft.com/en-us/security/advisory/2524375

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

3 comment(s)

Comments

... And now that everybody is updated to Firefox v6.0.2, Chrome v13.0.782.220, and applied MS Security Advisory 2607712... updated, we're all comfy and ready to deal with this:

- http://news.yahoo.com/second-firm-warns-concern-dutch-hack-215940770.html
Sep. 6, 2011 AMSTERDAM (AP) — "A company that sells certificates guaranteeing the security of websites, GlobalSign, says it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers..."
> http://www.globalsign.com/company/press/090611-security-response.html

"It's a beautiful day in the neighborhood ..." - Mr. Rodgers
.
You can download the update from here: http://support.microsoft.com/kb/2607712 - however, it requires Windows Genuine Advantage validation. Maybe they are hoping that people using pirated copies of Windows will get hacked?
You can also just delete the trusted certs from the cert store in Windows.

Diary Archives