Microsoft Security Advisory – Improperly Issued Digital Certificates Could Allow Spoofing

Number: AV15-027
Date: 24 March 2015

Purpose

The purpose of this advisory is to bring attention to the Microsoft Security Advisory 3050995 – Improperly Issued Digital Certificates Could Allow Spoofing.

Assessment

Microsoft digital certificates have been improperly issued from a subordinate CA, MCS Holdings, which could be used to spoof content, perform phishing attacks, and/or perform man-in-the-middle attacks. The improperly issued certificates cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows.

Suggested action

Users of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2, and for devices running Windows Phone 8 and Windows Phone 8.1 should take no specific action, as the Certificate Trust List (CTL) will be updated automatically.

Users of Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 should use the automatic updater of revoked certificate published by Microsoft : (https://support.microsoft.com/en-us/kb/2677070)

Microsoft is working on an update for Windows Server 2003 users.

References

Security Advisory 3050995 : https://technet.microsoft.com/library/security/3050995
Automatic Updater: https://support.microsoft.com/en-us/kb/2677070       

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.
http://www.publicsafety.gc.ca/cnt/ntnl-scrt/cbr-scrt/_fl/CCIRCPublicPGPKey.txt

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: ps.communications-communications.sp@canada.ca

Date modified: