Talk of The Villages Florida - Rentals, Entertainment & More
Talk of The Villages Florida - Rentals, Entertainment & More
#1
|
||
|
||
Phony SSL certificates - update your system
I read this today over coffee and figured I would share with TOTV. No need to panic, but worth making sure your system is updated. In summary someone was able to create 9 phony SSL certificates, some for domain names we know like google, yahoo, etc. You need to update your CRL (certificate revocation list). Microsoft has released an update (KB2524375). I am looking if this automatically takes care of Firefox or Chrome or if they need to be updated separately.
Here is the info at Microsoft: http://www.microsoft.com/technet/sec...y/2524375.mspxFrom the article: SSL Certificates are the Internet equivalent of drivers' licenses, said Paul Turner, the vice president of products and customer solutions at Venafi, an Enterprise Key and Certificate Management firm. The bogus certificates could be used in phishing or man in the middle attacks against organizations that haven't updated their certificate revocation lists, he said. They could also be used to sign applications and plug ins, he said. Full article here: http://threatpost.com/en_us/blogs/ph...-others-032311 Last edited by ajbrown; 03-24-2011 at 08:06 AM. Reason: Added microsoft update info |
|
#2
|
||
|
||
Thank you! My computer alerted me this morning to a new update, which I downloaded. So I just checked the number and it is the fix you mention: KB2524375.
Thank you for alerting us.
__________________
K9-Lovers |
#3
|
||
|
||
Or if you have a router and are vaguely technically cognisant you could just use OpenDNS, free. Info from http://www.opendns.com/solutions/overview/ Solves phishing among other lurgies. Enjoy.
|
Closed Thread |
|
|