Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crypto certificates impersonating Google & Yahoo pose threat to Windows users


  • Please log in to reply
8 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,112 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:35 PM

Posted 10 July 2014 - 03:30 PM

Crypto certificates impersonating Google and Yahoo pose threat to Windows users

People using Internet Explorer and possibly other Windows applications could be at risk of attacks that abuse counterfeit encryption certificates recently discovered masquerading as legitimate credentials for Google, Yahoo, and possibly an unlimited number of other Internet properties.

...The result is that IE and other apps that rely on Windows to know which certificates to trust have no reliable way of detecting the bogus credentials at the moment. Worse still, at this early stage in the investigation, there's no way of knowing just how many certificates were fraudulently issued...


Microsoft Security Advisory 2982792: Improperly Issued Digital Certificates Could Allow Spoofing

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,684 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:07:35 AM

Posted 10 July 2014 - 08:34 PM

Update and Read more.

 

Emergency Windows update revokes dozens of bogus Google, Yahoo SSL certificates

 

How safe and secure is that unpatched XP system now?


Edited by NickAu1, 10 July 2014 - 10:08 PM.


#3 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:04:35 PM

Posted 11 July 2014 - 11:32 PM

 

How safe and secure is that unpatched XP system now?

YEAH... well.... Um.... SO....  LOL

I like the bugs, it keeps me up at night when my brain says no sleep for you.


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#4 JohnC_21

JohnC_21

  • Members
  • 22,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:35 PM

Posted 12 July 2014 - 04:11 PM

Update and Read more.

 

Emergency Windows update revokes dozens of bogus Google, Yahoo SSL certificates

 

How safe and secure is that unpatched XP system now?

As long as you are on Firefox or Chrome, an XP user is not vulnerable.

 

http://www.cso.com.au/article/549594/google_blocks_bogus_digital_certificates_issued_india/
 

The NIC held intermediate digital certificates, which were trusted by the Indian CCA, Langley wrote. Indian CCA certificates are trusted by most programs runnings on Windows, including Internet Explorer and Chrome, Langley wrote.

Firefox is not affected because it uses its own list of trusted certificates that doesn't include the Indian CCA ones, he wrote. Also, Chrome, Chrome OS, Android, iOS and OS X are not affected.

Chrome running on Windows would not have been fooled by the certificates due to a security measure Google uses called public-key pinning, he wrote. Google has also updated Chrome's CRLSet, a list of certificates that are trusted.

 

 



#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:04:35 PM

Posted 21 July 2014 - 10:38 AM

redwolf, your post has been removed.

 

This technique posted in the Softpedia  bypasses restrictions by tricking MS into thinking you have a different version of XP than you actually do. It's as simple as that. MS made this unbelievably simple to accomplish, but that doesn't make it legal.
 
Even though the information is widely available on the internet we cannot allow it here.
 
 

http://www.bleepingcomputer.com/forum-rules/
 
No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.

 

#6 avatarwayne

avatarwayne

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 22 July 2014 - 04:43 PM

I don't know if this is my problem, however, I am looking for a scan program that i can use in the safe mode.  Can anyone offer any suggestions?  This sounds like what is going on.  I have an uninstalled yahoo toolbar and many offers to download new programs like skpye, IE, etc.



#7 redwolfe_98

redwolfe_98

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina, USA
  • Local time:05:35 PM

Posted 24 July 2014 - 02:32 PM

I am looking for a scan program that i can use in the safe mode.  Can anyone offer any suggestions?

 

I have an uninstalled yahoo toolbar and many offers to download new programs like skpye, IE, etc.

refer to this forum for help:

 

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/



#8 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,112 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:35 PM

Posted 24 July 2014 - 03:06 PM

I am looking for a scan program that i can use in the safe mode.  Can anyone offer any suggestions?
 
I have an uninstalled yahoo toolbar and many offers to download new programs like skpye, IE, etc.

refer to this forum for help:
 
http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Start a new topic in the above forum for individual assistance.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 softeyes

softeyes

  • Members
  • 1,504 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:35 PM

Posted 28 July 2014 - 01:43 PM

For systems running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2, and that do not have the automatic updater of revoked certificates installed, this update is not available.

 

 

How would I determine if I have the automatic updater of revoked certificates installed? Windows 7 Ultimate.

Thank you!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users