Microsoft warns: Fraudulent digital certificates issued for high-value

Page 1 of 2 12 LastLast

    Microsoft warns: Fraudulent digital certificates issued for high-value


    Last Updated: 23 Mar 2011 at 15:24
    Microsoft today warned that Comodo has issued nine fraudulent digital certificates to a third party whose identity could not be sufficiently validated, a scenario that could allow attackers to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web surfers.

    According to the Microsoft advisory, the fraudulent Web certificates affect the Microsoft Live service, Google’s mail system, Yahoo and Skype log-ins.

    • login.live.com
    • mail.google.com
    • Google
    • login.yahoo.com (3 certificates)
    • login.skype.com
    • addons.mozilla.org
    • “Global Trustee”

    The fact that valid HTTPS certificates for high-value web sites were issued to attackers is a worrying development (see essay from the Tor Project), especially since Comodo is a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows.

    Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used.

    UPDATE: Attack originated in Iran
    Comodo has published a blog post and an incident report with a claim that the attack originated from IP addresses in Iran.

    “The attacker was well prepared and knew in advance what he was to try to achieve. He seemed to have a list of targets that he knew he wanted to obtain certificates for, was able quickly to generate the CSRs for these certificates and submit the orders to our system so that the certificates would be produced and made available to him,” Comodo said.
    Read More:


    Microsoft warns: Fraudulent digital certificates issued for high-value websites | ZDNet

    EDIT: An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375.
    Borg 386's Avatar Posted By: Borg 386
    23 Mar 2011



  1. Posts : 6,668
    Windows 7 x64
       #1

    Ouch, comodo seems to have really dropped the ball on that one.
      My Computer


  2. Posts : 878
    Windows 7 Ultimate x64 SP1
       #2

    Thank you for valuable information!
      My Computer


  3. Posts : 1,849
    Windows 7 x86/x64, Server 2008r2, Web Server 2008
       #3

    I can honesty see this becoming more prevalent in the coming years.
      My Computer


  4. Posts : 826
    Windows 7 Professional 64 Bit SP1
       #4

    Incidents like this really dent my trust in these apparently respectable third party companies. I'll probably end up only being able to trust Microsoft and its security software when dealing with the Window's OS.
      My Computer


  5. Posts : 6,668
    Windows 7 x64
       #5

    I lost my trust in comodo years ago, when I put it on three completely different systems and it immediately rendered all of them bsod making piles of garbage until I scrubbed it back off again.

    It's quite possible MS will cut them off after this anyhow. It represents a serious problem for people using IE because of the way it handles sites presenting a proper certificate.
      My Computer


  6. Posts : 826
    Windows 7 Professional 64 Bit SP1
       #6

    I didn't know about Comodo until I seen people recommending it here. Because of those recommendations I installed their firewall, but I found it to be over complicated in some areas and it was crashing some of the programs I use for work I restored a full system image to make sure that all of the HIPS hooks it probably installed into the kernel were gone.

    In a way these developments are interesting, as Microsoft is being taken more serious in regards to security and protecting its end users. And it is all of those third party companies-- Sun with its Java, Adobe with its Flash/Reader and now Comodo being seen as the bad guys :)

    Maguscreed said:
    I lost my trust in comodo years ago, when I put it on three completely different systems and it immediately rendered all of them bsod making piles of garbage until I scrubbed it back off again.

    It's quite possible MS will cut them off after this anyhow. It represents a serious problem for people using IE because of the way it handles sites presenting a proper certificate.
      My Computer


  7. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #7

    Years ago on more than one forum I mentioned it was about time Microsoft got more serious about security because they had the money and personal to do the job. They were in the position to work with countries and industry to get the job done. I must say they have taken the ball and run with it. I think they are doing a upstanding job. Finding and repairing security problems. Helping shut down Botnets, torrents, ect.
      My Computer


  8. Posts : 6,668
    Windows 7 x64
       #8

    Layback Bear said:
    Years ago on more than one forum I mentioned it was about time Microsoft got more serious about security because they had the money and personal to do the job. They were in the position to work with countries and industry to get the job done. I must say they have taken the ball and run with it. I think they are doing a upstanding job. Finding and repairing security problems. Helping shut down Botnets, torrents, ect.
    I agree with everything there but one item.

    I don't think torrents are inherently bad, even though people use them for illegal purposes, they have their legitimate place as does all p2p. P2P represents a great method for sharing of free, open source, and creative commons materials.

    The real problem is the people in charge of the torrent sites tend to not really care what they are hosting as long as they are making money off their ads and what not.

    I'm not for demonizing the entire concept of p2p because of it though. People freaked out a long time ago over a similar device that allowed people access to information on a unheard of scale. It was called the printing press.
      My Computer


  9. Posts : 16,130
    7 X64
       #9

    That's odd - WU said it was up to date - but didn't have that update.
      My Computers


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:19.
Find Us