Security Breach–Install KB2524375 ASAP

Today it was revealed that a serious security breach occurred at Comodo, a trusted certificate provider. The breach appears to have come from Iran and several “high value certificates” were obtained.
These X.509 certificates include:

  • login.live.com
  • mail.google.com
  • www.google.com
  • login.yahoo.com (3 certificates)
  • login.skype.com
  • addons.mozilla.org
  • “Global Trustee”

To protect your Windows computer (PC or server) from trusting these high value certificates, download and install KB2524375 Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing from Microsoft as soon as possible. The installation takes only a minute and does not require a restart.
KB2524375 updates both the Computer’s and User’s Untrusted Certificates list to include the compromised certificates.
Here’s what the list looks like before the update:


And here’s what it looks like after the update:


Please take a minute to update your computers now. This update is also being pushed out through Windows Update as I write this.

Categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.