Home / bulletins

2982792 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 1.0

Posted on 10 July 2014

Revision Note: V1.0 (July 10, 2014): Advisory published.
Summary: Microsoft is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The SSL certificates were improperly issued by the National Informatics Centre (NIC), which operates subordinate CAs under root CAs operated by the Government of India Controller of Certifying Authorities (CCA), which are CAs present in the Trusted Root Certification Authorities Store. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

Link

 

TOP