U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Microsoft Releases Security Advisory on Fraudulent Digital Certificates

Original release date: January 03, 2013 | Last revised: January 04, 2013

Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects all supported releases of Microsoft Windows.

This update revokes the trust of the fraudulent certificates and places them in the Microsoft Untrusted Certificate Store.

US-CERT encourages users and administrators to review Microsoft Security Advisory 2798897 and follow best-practice security policies to determine if the update should be applied.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top