| By Susan Bradley |
The DigiNotar root-certificate debacle was big news and struck at the foundations of our Internet security.
The fallout affects everyone, from Windows PCs to Mac systems, with updates all around.
(You’ll find more on this topic in this week’s Top Story, “The sorry tale of the (un)Secure Sockets Layer,” and in my Sept. 8 Top Story, “Certificate cleanup for most personal computers.”)
More DigiNotar security certificates revoked
The DigiNotar break-in story that broke last week has Microsoft (and everyone else that uses these certificates) scrambling to get out updates.
Update KB 2616676 supersedes KB 2607712 and addresses a larger set of root certificates, as listed below.
- DigiNotar Root CA
- DigiNotar Root CA G2
- DigiNotar PKIoverheid CA Overheid
- DigiNotar PKIoverheid CA Organisatie — G2
- DigiNotar PKIoverheid CA Overheid en Bedrijven
- DigiNotar Root CA issued by Entrust (2 certificates)
- DigiNotar Services 1024 CA issued by Entrust
- DigiNotar Cyber CA issued by GTE CyberTrust (3 certificates)
► What to do: If you still have any of these certificates in your Trusted Certificate Store, installing this update will put them in the Untrusted CS — sufficient to protect you from any potential man-in-the-middle attacks. Install KB 2616676 when offered, or go to the related support article to manually download and run the patch.
A never-ending train of DLL-preloading fixes
Dynamic Link Library (DLL) preloading attacks are a serious threat we’ve been tracking and patching since at least August 2010, based on MS Security Advisory 2269637). This time, the fix prevents attacks on valid rich text–format files (.rtf), text files (.txt), and Word documents (.doc) located in the same network directory as a malicious .dll.
The attacker might obtain the same rights to your computer as you. If you’re running with administrator rights, a hacker could take complete control of your system.