FYI...
- http://news.yahoo.com/second-firm-wa...215940770.html
Sep. 6, 2011 AMSTERDAM (AP) — "A company that sells certificates guaranteeing the security of websites, GlobalSign, says it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers. GlobalSign, the Belgian-based subsidiary of Japan's GMO Internet Inc., is one of the oldest and largest such companies globally. It said in a statement Tuesday it does not know whether it has actually been hacked, but is taking threats by an anonymous hacker seriously in the wake of an attack on a smaller Dutch firm, DigiNotar, that came to light last week. The DigiNotar attack is believed to have allowed the Iranian government to spy on thousands of Iranian citizens' communications with Google email during the month of August."
> http://www.globalsign.com/company/pr...-response.html
___
Microsoft Security Advisory (2607712)... updated
Fraudulent Digital Certificates Could Allow Spoofing
- https://www.microsoft.com/technet/se...y/2607712.mspx
Updated: September 06, 2011 - "Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar... For supported releases of Microsoft Windows, typically no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically...
Suggested Actions... Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. For more information on how to manually apply the update, see Microsoft Knowledge Base Article 2607712*..."
Fraudulent digital certificates could allow spoofing
* http://www.microsoft.com/technet/sec...y/2607712.mspx
September 6, 2011
- https://blogs.technet.com/b/msrc/arc...y-2607712.aspx
6 Sep 2011