Η Microsoft he published a security advisory entitled "Inadequate digital certificates issued could allow forgery" or in English "Improperly Issued Digital Certificates Could Allow Spoofing". The company has chosen this way to announce the countermeasures they are taking for the circulation of fake domains from the certification authority of the National Information Center (NIC), a service of the Government of India.
For unexplained reasons, the NIC in California has released a number of Google domains that allow for forgery and man-in-the-middle attacks if a program trusts the certificates. Google explained that their own products do not trust the Indian Certification Authority (CCA) auditor. Continuing with Google, it drops the ball to Microsoft, indicating that the Trusted Root Store includes CCA on trusted certificates.
The Microsoft vendor reports that her service has trusted the certificates to date to update the Trusted Root Store list for all supported versions of Windows. Note that this means that users still using Windows XP are at risk.
The Microsoft Bulletin lists the domains that were issued illegally. There are Google's 17 domains such as: google.com, m.gmail.com and gstatic.com and 27 domains such as Yahoo!, Yahoo!, Yahoo! and Yahoo!. Finally, fake domain is also static.com, a PaaS cloud (Platform as a Service).
Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
Satya Nadella new Microsoft policy: obsession with the customer
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators