The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure…

  • Archives

  • Meta

Security Breach–Install KB2524375 ASAP

Posted by Mikael Nystrom on March 24, 2011

Today it was revealed that a serious security breach occurred at Comodo, a trusted certificate provider. The breach appears to have come from Iran and several “high value certificates” were obtained.
These X.509 certificates include:

  • login.live.com
  • mail.google.com
  • www.google.com
  • login.yahoo.com (3 certificates)
  • login.skype.com
  • addons.mozilla.org
  • “Global Trustee”

To protect your Windows computer (PC or server) from trusting these high value certificates, download and install KB2524375 Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing from Microsoft as soon as possible. The installation takes only a minute and does not require a restart.
KB2524375 updates both the Computer’s and User’s Untrusted Certificates list to include the compromised certificates.
Here’s what the list looks like before the update:

clip_image002

And here’s what it looks like after the update:

clip_image004

Please take a minute to update your computers now. This update is also being pushed out through Windows Update as I write this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: