Microsoft have released an emergency bulletin and patch;
Microsoft is aware of active attacks using unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows. [1]
Evaluation: Patch now
LINKS:
[1] Microsoft Security Advisory (2718704) Unauthorized Digital Certificates Could Allow Spoofing (2012-Jun-04) [Microsoft]
[2] Unauthorized digital certificates could allow spoofing KB2718704 (2012-Jun-04) [Microsoft]
[3] Microsoft Emergency Bulletin: Unauthorized Certificate used in “Flame” (2012-Jun-04) [SANS]
[4] Microsoft certification authority signing certificates added to the Untrusted Certificate Store (2012-Jun-03) [Microsoft]
0 Responses to “Microsoft Security Advisory (2718704)”