News  
 

SystemPro News - 2001-03-23

Hello,

this is an update on the issue of the invalid security certificate issued by Verisign. Two certificate were issued to an unkonwn individual outside of Microsoft. However, the certificate claimed to belong to "Microsoft Corporation". I send email on this issue on March, 23rd. My original mail is available in our news archive at

http://www.windows-expert.net/newsletter-archive/2001-03-23.asp

Recently, Microsoft has made a patch available to detect and block the invalid certificate. To obtain it, please visit

http://www.microsoft.com/technet/security/bulletin/ms01-017.asp

This patch ensures your system connects to Verisign to retrieve the "certificate revocation list". That list contains all certificates revoked for whatever reason. As such, the patch not only solves the current issue with the fraudulent "Microsoft" certificate but also potential similiar security risks with other certificates.

Microsoft strongly recommends installing the patch on all systems (see Microsoft link above for details).

Sincerely,
Rainer Gerhards

WinSyslog
 Home
 Articles
 FAQ
 Windows XP
 Seminars Online
 Forums
 Books
 Links
 Newsletter Archive
 Web Server Check
 Contact Us
 Search
 

 



Printer Version Send this page to a friend

Copyright © 1988-2005 Adiscon GmbH All rights reserved.
Contact us via Secure Web Response | Privacy Policy
Topic Links: syslog