(imported topic written by mgardner28)
Has a fixlet been released to address KB2641690? It looks like Microsoft released this for all OS’s between three and five days ago.
Overview:
Microsoft has released a security Advisory for a fraudulent digital certificate which could allow an attacker to use the
certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all
Web browser users including users of Internet Explorer.
Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust in DigiCert
Sdn. Bhd. The update revokes the trust of the following two intermediate CA certificates:
- Digisign Server ID ? (Enrich), issued by Entrust.net Certification Authority (2048)
- Digisign Server ID (Enrich), issued by GTE CyberTrust Global Root
Patch Number(s):
KB2641690
Thanks,
Mark