If you follow this blog closely you may have noticed that several browser developers have pushed security updates in the past week (see Mozilla Releases Firefox 3 Security Updates for instance) that block several invalid digital certificates to protect users from attacks exploiting those certificates.
Microsoft is currently pushing out a Windows Update that addresses the situation on Windows. Lets take a closer look at what actually happened before we go into details about that.
Comodo, a certification authority, notified Microsoft and other companies on March 16 that "nine certificates had been signed on behalf of a third party without sufficiently validating its identity".
The following domains are affected by the certificates:
These domains are some of the most visited domains on the Internet.
Microsoft notes that "these certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer".
Comodo has revoked the certificates in the meantime. Microsoft has released a security update for all versions of Windows that moves the fraudulent certificates into the untrusted certificate store of Microsoft Windows.
The update is provided via Windows Update and Microsoft Download. Users with automatic updating enabled will receive the update automatically, a restart of the system is not required after the update has been installed.
Here is how you can verify that the certificates are blocked after you have installed the update. Open an elevated command prompt. Windows 7 users click on Start, select All Programs > Accessories, right-click the Command Prompt program link and select Run as Administrator.
Enter mmc in the command prompt window to launch the Microsoft Management Console. Now follow these steps:
You should now see the affected domain names in the listing. Issued by should read UTN-USERFirst-Hardware.
If you like our content, and would like to help, please consider making a contribution: