Microsoft has warned of a fraudulent digital certificate for all Google domains, which was accidentally issued by a Turkish government department.
The Turkish certificate authority Turktrust incorrectly created two subsidiary Certificate Authorities, *.EGO.GOV.TR and e-islem.kktcmerkezbankasi.org, with the *.EGO.GOV.TR creating a fraudulent digital certificate for *.google.com.
The fraudulent certificate could have been used to intercept SSL traffic as part of a ‘man in the middle' attack, which would spoof Google's encryption certificate and decrypt secure Web sessions to Google Plus and Gmail. Turktrust officials said that there is no evidence that the certificate was used for illicit purposes or that the Turktrust's security was breached.
Microsoft has removed the certificate from its Certificate Trust List, which will mean users of Windows Vista and later who have installed the feature will be protected, but users of Windows XP will have to manually remove the certificate from trusted lists. Google's Chrome security team has also pushed out an update of the browser's certificate revocation metadata to block certificates from the subsidiary CA.
Subscribe to:
Post Comments (Atom)
Related post
- uc browser 9.5 | uc browser 9.5 free download for mobile | uc browser for android
- PicsArt - Photo Studio 3.14.0 | Download PicsArt 3.14.0 Java Mobile App Free
- Top Link Audit Tools for offsite SEO Audit
- Mobo Market 2.0 | Download Mobo Market 2.0 For Mobile Free | android app free download
- Facebook 3.4.1 | Download Facebook 3.4.1 Mobile App Free | Facebook 3.4.1 Software free Download
- My Boy! Free - GBA Emulator 1.5.21 Apk Free Download
- Play KBC 7 : HINDI | Download Play KBC 7 : HINDI Game For Free
- The Sims™ 3 1.5.21 Apk Free Download
- Facebook 3.3.1 | Download Facebook 3.3.1 Mobile App Free | Facebook 3.3.1 Software free Download
- Opera mini 8.5 | Download opera mini 8.5 | Opera mini for Android
No comments:
Post a Comment