Find a Question:
Microsoft warns of fake SSL certificate for Windows Live
Microsoft has warned of a fake SSL certificate that is useful for Finnish domain for Windows Live. Attackers could use the false certificate to establish a reliable man in the middle attack.
The erroneous certificate was issued for the domain Live.fi that indeed owned by Microsoft for the Windows Live services on the software maker. According to Microsoft’s fake SSL certificate can not be used to generate other certificates or certifying code. However, an attacker can use the certificate, if he can intercept a user’s connection to a false website and serve as example intercept login information. The user can not see that what is going on, because the certificate is correct apparently.
Microsoft has its own certificate revocation list updated, so users of Internet Explorer and Chrome on Windows should no longer be affected. Firefox manages its own certificates, and Chrome on other operating systems; it is unclear whether the forged certificate is made inaccessible to those configurations. Microsoft says it has no evidence that an attack has taken place through the false certificate.Viewing:-154
Answer this Question
You must be Logged In to post an Answer.
Not a member yet? Sign Up Now »
Star Points Scale
Earn points for Asking and Answering Questions!