Follow us:

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

September 7, 2011 at 8:29 AM

Microsoft deems all DigiNotar certificates untrustworthy, releases updates

Microsoft has deemed all DigiNotar certificates to be untrustworthy and has created updates for supported versions of Windows that blocks access to website resources containing digital certificates issued by the Dutch company.

DigiNotar is a company that issues digital certificates guaranteeing the security of websites.

“Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar,” Microsoft said in a security advisory. “A fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.”

Microsoft’s most recent update, issued Tuesday, moves all DigiNotar SSL (secure socket layer) certificates to Windows’ block list, dubbed the Untrusted Certificate Store, according to Computerworld. Microsoft’s Internet Explorer uses that list to bar the browser from reaching sites secured with dubious certificates.

Microsoft says all its customers and Windows supported third-party applications are protected.

The problem has been industry-wide. Google and Mozilla have also updated their browsers to block all DigiNotar certificates, while Apple has been silent on the issue, Computerworld says.

The DigiNotar hack attack came to light last week and is believed to have allowed the Iranian government to spy on thousands of Iranian citizens’ communications with Google email during the month of August, according to The Associated Press.

Meanwhile, another company that issues such certificates, GlobalSign, said Tuesday it is suspending issuing new certificates while it investigates whether it may have been targeted by hackers.

Comments

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


The Seattle Times

The door is closed, but it's not locked.

Take a minute to subscribe and continue to enjoy The Seattle Times for as little as 99 cents a week.

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Subscriber login ►
The Seattle Times

To keep reading, you need a subscription upgrade.

We hope you have enjoyed your complimentary access. For unlimited seattletimes.com access, please upgrade your digital subscription.

Call customer service at 1.800.542.0820 for assistance with your upgrade or questions about your subscriber status.

The Seattle Times

To keep reading, you need a subscription.

We hope you have enjoyed your complimentary access. Subscribe now for unlimited access!

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Activate Subscriber Account ►