Today it was revealed that a serious security breach occurred at Comodo, a trusted certificate provider. The breach appears to have come from Iran and several “high value certificates” were obtained.
These X.509 certificates include:
- login.live.com
- mail.google.com
- www.google.com
- login.yahoo.com (3 certificates)
- login.skype.com
- addons.mozilla.org
- “Global Trustee”
To protect your Windows computer (PC or server) from trusting these high value certificates, download and install KB2524375 Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing from Microsoft as soon as possible. The installation takes only a minute and does not require a restart.
KB2524375 updates both the Computer’s and User’s Untrusted Certificates list to include the compromised certificates.
Here’s what the list looks like before the update:
And here’s what it looks like after the update:
Please take a minute to update your computers now. This update is also being pushed out through Windows Update as I write this.
Categories: Uncategorized