[BigFix-Announcements-Japan] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Patches for Windows (Japanese)'
autonotify at us.ibm.com
autonotify at us.ibm.com
Thu Apr 7 02:31:04 PDT 2011
Fixlet Site - 'Patches for Windows (Japanese)'
Current Version: 411 Published: Thu, 07 Apr 2011 00:05:50 GMT
New Fixlets:
============
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows XP SP3 (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437501
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Server 2003 SP2 (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437503
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375. Typically, no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information, including how to manually install this update, see the Suggested Actions section of this advisory.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Vista SP1/SP2 (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437505
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Server 2008 Gold/SP2 (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437507
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows 7 Gold/SP1 (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437509
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows XP SP2 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437511
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Server 2003 SP2 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437513
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. An update is available for all supported versions of Windows to help address this issue. For more information about this update, see Microsoft Knowledge Base Article 2524375. Typically, no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information, including how to manually install this update, see the Suggested Actions section of this advisory.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Vista SP1/SP2 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437515
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Server 2008 Gold/SP2 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437517
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows 7 Gold/SP1 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437519
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
***************************************************************
Title: Security Advisory 2524375: Fraudulent Digital Certificates Could Allow Spoofing - Windows Server 2008 R2 Gold/SP1 (x64) (Japanese)
Severity: <Unspecified>
Fixlet ID: 252437521
Fixlet Link: http://www.microsoft.com/technet/security/advisory/2524375.mspx
Fixlet Description: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. These certificates affect the following Web properties: • login.live.com • mail.google.com • www.google.com • login.yahoo.com (3 certificates) • login.skype.com • addons.mozilla.org • "Global Trustee" Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.
More information about the BigFix-Announcements-Japan
mailing list