Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Microsoft is updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of a mis-issued third-party digital certificate, which could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. With this action, customers will be automatically be protected against this issue. Additionally, the Enhanced Mitigation Experience Toolkit (EMET) 4.0 and newer versions help mitigate man-in-the-middle attacks by detecting untrusted or improperly issued SSL certificates through the Certificate Trust feature.
For more information, please see Microsoft Security Advisory 2916652.
Thank you,Dustin Childs Group Manager, Response Communications Microsoft Trustworthy Computing