Microsoft has posted an alert saying that an SSL certificate was improperly issued to live.fi which could lead to spoofing content, perform phishing attacks, or perform man-in-the-middle attacks. This issue impacts all version of Windows but thankfully, most consumers do not have much to worry about.
SSL certificates encrypt data between your PC and the host server, when a certificate is issued in error, it means that a third-party could intercept and manipulate your data. Fortunately, Microsoft has a way of quickly resolving issues like these and has already taken steps to update the Certificate Trust list (CTL) for all versions of Windows.
This means that the consumer does not have much to worry about and the company states:
An automatic update of revoked certificates is included in supported editions of Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2012, and Windows Server 2012 R2, and for devices running Windows Phone 8 and Windows Phone 8.1. For these operating systems and devices, customers do not need to take any action as these systems and devices will be automatically protected.
For systems running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 that are using the automatic updater of revoked certificates (see Microsoft Knowledge Base Article 2677070 for details), customers do not need to take any action as these systems will be automatically protected.
The only potential issue is with organizations that are running Windows Server 2003 or those who have automatic updates turned off. If you are in either of those camps, hit the source link below to learn what you need to do protect your system.
Source: Microsoft
6 Comments - Add comment