|
Systems Affected
• Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Service Pack 2
• Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista Service Pack 2
• Windows Vista x64 Edition Service Pack 2
• Windows Server 2008 for 32-bit and x64 bit Systems Service Pack 2
• Windows Server 2008 for Itanium-based Systems Service Pack 2
• Windows 7 for 32-bit and x64 bit Systems Service Pack 1
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
• Windows 8 for 32-bit and x64 bit Systems
• Windows 8.1 for 32-bit and x64 bit Systems
• Windows RT 8 and 8.1
• Windows Server 2012 and 2012 R2
• Windows Server 2008 for 32-bit and x64 bit Systems Service Pack 2
• (Server Core Installation)
• Windows Server 2008 R2 for x64-based Systems (Server Core Installation)
• Windows Server 2012 and 2012 R2 (Server Core Installation)
• Windows Phone 8 and 8.1
Threat Level
Overview
Certain SSL certificates have been unauthorizedly got issued through National Informatics Centre-CA (NIC-CA). These certificates could be exploited by remote attackers to spoof content, perform phishing attacks or perform man-in-the-middle attacks.
Description
A remote attacker could use these certificates to spoof content, perform phishing attacks or man-in-the-middle attacks against web properties.
Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove untrusted certificates.
Impact
Solution/ Workarounds
Apply appropriate updates as mentioned in Microsoft Security Advisory 2982792
References
http://www.cert-in.org.in/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
