Microsoft warns of fraudulent digital certificates, issues patch


Microsoft warns of fraudulent digital certificates, issues patch Staff

Microsoft has issued a security advisory warning users of fraudulent digital certificates that could be used for spoofing and performing phishing attacks. Nine fraudulent certificates were signed by Comodo Inc., on behalf of a third part without sufficiently validating its identity. Comodo Inc. is a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows.

Since digital certificates are used to verify the authenticity of a website, the certificates could potentially be used to perform phishing attacks, man-in-the-middle attacks, and content spoofing against users of any Web browser,. The certificates are known to affect several Web properties, including,,, (three certificates),, and "Global Trustee”. These certificates were issued through a breached registration authority (RA), causing improperly authentication of the applicant. The attackers’ IP address has been traced back to Tehran, Iran by Comodo. This might have been a state sponsored attack, according to Comodo.

According to the advisory, Comodo Inc. has already revoked the fraudulent certificates as of last week, as well as listed them in Comodo’s current Certificate Revocation List (CRL). Apart from this, browsers with online certificate status protocol (OCSP) enabled will interactively validate these certificates, and block them.

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

The vulnerability affects users on all versions of Windows. Microsoft has a released a critical update (KB2524375) available through Windows Update as well as at the Microsoft Download Center, to address this issue for all supported Windows versions. In addition, patches have also been issued by vendors of all major browsers. Get more information about the update here.