Skip to main content
MSRC

Month Archives: September 2011

Advanced Notification for the September 2011 Bulletin Release

Thursday, September 08, 2011

Hello everyone, As we do each month, we’re providing advanced notification on the release of five Important security bulletins, addressing 15 vulnerabilities, to help protect customers using Microsoft Windows and Office. As usual, the bulletin release is scheduled for the second Tuesday of the month, September 13, at approximately 10 a.

Read More

Microsoft updates Security Advisory 2607712

Tuesday, September 06, 2011

Today we’re updating Security Advisory 2607712, to announce that based on our investigation, we’ve deemed all DigiNotar certificates to be untrustworthy and have moved them to the Untrusted Certificate Store. Additionally, we have extended our support with this update so all customers using Windows XP, Windows Server 2003, and all Windows supported third-party applications are protected.

Read More

More on Microsoft’s response to the DigiNotar compromise

Sunday, September 04, 2011

This blog post was updated Sept. 5, 2011 below. Microsoft’s investigation into the scope and impact of the DigiNotar compromise has continued over the holiday weekend. We’ve now confirmed that spoofed certificates for *.microsoft.com and *.windowsupdate.com are among those issued by the Dutch firm. Users of Vista and later operating systems have been protected since we released Security Advisory 2607712 on August 29.

Read More

Protecting yourself from attacks that leverage fraudulent DigiNotar digital certificates

Sunday, September 04, 2011

Last week, we released Security Advisory 2607712, notifying customers that fraudulent digital certificates had been issued by certificate authority DigiNotar. We’d like to follow up on that notification in this blog post by explaining more about the potential risks and actions you can take to protect yourself from any potential attacks that would leverage those fraudulent certificates.

Read More