Home / bulletins

Microsoft Security Advisory (2728973): Unauthorized Digital Certificates Could Allow Spoofing - Version: 1.2

Posted on 06 September 2012

Revision Note: V1.2 (September 5, 2012): Corrected the common name for the "CN=Microsoft Online Svcs BPOS APAC CA4" certificate issued by Microsoft Services PCA.
Summary: Microsoft is aware of Microsoft certificate authorities that are outside our recommended secure storage practices. Upon a routine review, we are placing these certificates in the Untrusted Certificate Store, and replacing them with new certificate authorities that meet our high standard of public-key infrastructure (PKI) management. We are unaware of any misuse of the certificate authorities, but are taking pre-emptive action to protect customers. This issue affects all supported releases of Microsoft Windows.

Link

 

TOP