Microsoft Update KB2524375 to Block Fraudulent Certificates

Privacy 001This update is one you will wish to make sure you have installed, its purpose is to block a set of Certificates that had the digital signature of Comodo as the Certification Authority on them, this could have lead to users going to an unsafe or spoofed website, which had been exploited.

Mozilla the makers of Firefox Browser have also updated Firefox to take into account of these fraudulent certificates, so do update that browser to the latest version.

Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

The following domains are affected by the certificates:

  • login.live.com
  • mail.google.com  
  • login.yahoo.com (3 Certificates)
  • login.skype.com
  • http://www.google.com
  • addons.mozilla.org
  • Global Trustee

You should have already been offered this update over the last few days via Windows Update, but if you have not then run Windows Update or you can visit the download site of KB2524375  – Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing HERE (just choose your Windows version and download and double click the file to install)

Read the full text of the advisory HERE

If you wish to double check to see if you have this update already, just open up Windows Update and click Update History, then look down the list for KB2524375, if you have it then you are ok, if not go to Windows Update or download from the link posted earlier.

Advertisements
This entry was posted in Computer and Internet, Hackers, Internet Explorer, Microsoft, Security, Windows and tagged , , , , . Bookmark the permalink.

Please do leave a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s