Feeds Microsoft

Allgemeine Sicherheitsinformationen von Microsoft

  • Handle v4.22, NotMyFault v4.20, Process Explorer v16.25, Sysmon v10.1
    by Mark Russinovich on 15. Juni 2019 at 19:27

    Handle v4.22 This release of Handle fixes a race condition in the driver that could lead to a crash. Notmyfault v4.20 Notmyfaultc now includes a flag that makes it wait until an event named Notmyfault is signaled before proceeding to crash or leak.  Process Explorer v16.25 This update to Process Explorer fixes a potential buffer...

  • Prevent the impact of a Linux worm by updating Exim (CVE-2019-10149)
    by MSRC Team on 15. Juni 2019 at 3:48

    This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91.  Microsoft Azure infrastructure and Services are not affected; only customer’s Linux IaaS instances running a vulnerable version of Exim are affected.  Azure customers running...

  • Sysmon v10.0, Autoruns v13.95, VMMap v3.26
    by Mark Russinovich on 12. Juni 2019 at 3:29

    Sysmon 10.0 This release of Sysmon adds DNS query logging, reports OriginalFileName in process create and load image events, adds ImageName to named pipe events, logs pico process creates and terminates, and fixes several bugs. Autoruns 13.95 This Autoruns update adds support for user Shell folders redirections.   VMMap 3.26 This update to VMMap, a tool...

  • June 2019 security update release
    by MSRC Team on 11. Juni 2019 at 17:00

    Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates.    More information about this month’s security updates can be found on the Security Update Guide.  

  • BlueHat Shanghai 2019: Amplifying the power of defensive partnerships around the world
    by MSRC Team on 31. Mai 2019 at 17:19

    Earlier this week BlueHat Shanghai brought together security researchers and hundreds of cybersecurity professionals from China and across Asia to explore the latest topics in cybersecurity research. Including presentations from Qihoo 360, Baidu, Alibaba and the Chinese Academy of Sciences, BlueHat Shanghai highlighted incredibly talented Chinese researchers and focused on cutting edge topics including container...

  • A Reminder to Update Your Systems to Prevent a Worm
    by MSRC Team on 31. Mai 2019 at 5:53

    On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is ‘wormable’, and that future malware that exploits this vulnerability...

  • Microsoft Launches a New Recognition Program for MAPP Partners
    by MSRC Team on 30. Mai 2019 at 7:30

    There are many dedicated people and organizations who contribute to the protection and security of our common customers. For years, Microsoft has recognized security researchers for helping protect the ecosystem. Now, we’re announcing the launch of a new program to better recognize and thank Microsoft Active Protections Program (MAPP) partners for all they do to...

  • Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
    by MSRC Team on 14. Mai 2019 at 17:05

    Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from...

  • May 2019 Security Update Release
    by MSRC Team on 14. Mai 2019 at 17:00

    Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

  • April 2019 Security Update Release
    by MSRC Team on 9. April 2019 at 17:42

    Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Tags Security Advisory Security Update Update Tuesday

  • Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards
    by MSRC Team on 2. April 2019 at 22:32

    In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research community.   Faster bounty review – As of January 2019,...

  • Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!
    by MSRC Team on 16. März 2019 at 2:56

    The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a Product Security Operations Forum at LocoMocoSec on April 18, 2019. Featuring exceptional speakers...

  • Sysmon v9.0, Autoruns v13.94
    by Mark Russinovich on 19. Februar 2019 at 20:47

    Sysmon 9.0 Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching logic across a set of rules. It also fixes a memory leak in signature verification. Autoruns 13.94 This Autoruns update fixes a bug that prevented the correct display of the target of image hosts such as svchost.exe, rundll32.exe, and...

  • Autoruns v13.93, Handle v4.21, Process Explorer v16.22, SDelete v2.02, Sigcheck v2.71, Sysmon v8.02 and VMMap v3.25
    by Mark Russinovich on 9. Dezember 2018 at 22:58

    Autoruns 13.93 This Autoruns update fixes a bug that prevented UserInitMprLogonScript from being scanned and by-default enables HCKU scanning for the console version. Handle 4.21 This Handle release fixes a race condition that could cause a bluescreen. ProcessExplorer 16.22 This Process Explorer release fixes a race condition that could cause a bluescreen. Sdelete 2.02 SDelete...

  • Sigcheck 2.70, BgInfo v4.26, and VMMap v3.22
    by Mark Russinovich on 21. Oktober 2018 at 13:08

    Sigcheck v2.70 Windows WinVerifyTrust function reports signed MSI files that have malware appended to them as signed, so Sigcheck now indicates when appended content is present. BgInfo v4.26 BgInfo now honors AppLocker scripting policy. VMMap v3.22 This release of VMMap fixes bugs that excluded copy-on-write pages from the private bytes total and that double counted...

  • Sysmon v8.0, Autoruns v13.90
    by Mark Russinovich on 5. Juli 2018 at 23:33

    Sysmon v8.0 This update to Sysmon adds rule tagging, which results in tags appearing in event log entries they generate. It also greatly expands the command-line length logged, fixes a GUID printing bug for parent process GUIDs, and prints friendly registry path names for rename operations. Autoruns 13.90 Autoruns, a comprehensive Windows autostart entry point...

  • RAMMap v1.51
    by Mark Russinovich on 1. Juni 2018 at 13:25

    RAMMap v1.51 This update to RAMMap fixes an incompatibility with the latest version of Windows 10.

  • Sysmon v7.03
    by Mark Russinovich on 14. Mai 2018 at 17:05

    Sysmon v7.03 This update to Sysmon fixes a service executable crash that could result from long file names, and does not hash files larger than 2GB to avoid causing performance issues with SQL Server's large alternate data streams it places on database files.

  • Sysmon v7.02
    by Mark Russinovich on 30. April 2018 at 4:12

    Sysmon v7.02 This update to Sysmon, an advanced security logging service, fixes memory leaks in its thread and process tracking callbacks.

  • Process Monitor v3.50, Autoruns v13.82, Du v1.61, SDelete v2.01
    by Mark Russinovich on 17. Februar 2018 at 15:28

    Process Monitor v3.50 Process Monitor now includes a /runtime switch to control headless capture duration, correctly shows picoprocesses, displays details for file system APIs introduced in Windows 10, and includes numerous minor improvements and bug fixes. Autoruns v13.82 This Autoruns release shows Onenote addins and fixes several bugs. Du v1.61 This update to Disk Usage...

  • 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
    on 9. Januar 2018 at 18:00

    Revision Note: V3.0 (January 9, 2018): Microsoft has released an update for all supported editions of Microsoft Excel that allows users to set the functionality of the DDE protocol based on their environment. For more information and to download the update, see ADV170021.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for Microsoft Office applications. This advisory provides guidance on what users can do to ensure that these applications are properly secured when processing Dynamic Data Exchange (DDE) fields.

  • 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
    on 12. Dezember 2017 at 18:00

    Revision Note: V1.0 (December 12, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for the AD DS (Active Directory Domain Services) account used by Azure AD Connect for directory synchronization. This advisory also provides guidance on what on-premises AD administrators can do to ensure that the account is properly secured.

  • 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
    on 8. August 2017 at 17:00

    Revision Note: V1.0 (August 8, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for applications developed with the Microsoft Internet Explorer layout engine, also known as the Trident layout engine. This advisory also provides guidance on what developers and individuals can do to ensure that their applications hosting the WebBrowser Control are properly secured.

  • 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
    on 27. Juni 2017 at 17:00

    Revision Note: V1.0 (June 27, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to inform customers that a new version of Azure Active Directory (AD) Connect is available that addresses an Important security vulnerability.

  • 4025685 - Guidance related to June 2017 security update release - Version: 1.0
    on 13. Juni 2017 at 17:00

    Revision Note: V1.0 (June 13, 2017): Advisory publishedSummary: Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures. Some of the releases are new, and some are for older platforms that we are making publicly available today.

  • 4022344 - Security Update for Microsoft Malware Protection Engine - Version: 1.2
    on 12. Mai 2017 at 17:00

    Severity Rating: CriticalRevision Note: V1.2 (May 12, 2017): Added entries into the affected software table. This is an informational change only.Summary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft.

  • 4022345 - Identifying and correcting failure of Windows Update client to receive updates - Version: 1.3
    on 12. Mai 2017 at 17:00

    Severity Rating: CriticalRevision Note: V1.3 (May 12, 2017): Updated FAQ to clarify the update that needs to be installed: “the current cumulative update”. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information related to an uncommon deployment scenario in which the Windows Update Client may not properly scan for, or download, updates.

  • 4021279 - Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege - Version: 1.1
    on 10. Mai 2017 at 17:00

    Revision Note: V1.1 (May 10, 2017): Advisory revised to include a table of issue CVEs and their descriptions. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information about vulnerabilities in the public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.

  • 4010323 - Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11 - Version: 1.0
    on 9. Mai 2017 at 17:00

    Revision Note: V1.0 (May 9, 2017): Advisory published.Summary: Beginning May 9, 2017, Microsoft released updates to Microsoft Edge and Internet Explorer 11 to block sites that are protected with a SHA-1 certificate from loading and displays an invalid certificate warning. This change will only impact SHA-1 certificates that chain to a Microsoft Trusted Root CA where the end-entity certificate or the issuing intermediate uses SHA-1. Manually-installed enterprise or self-signed SHA-1 certificates will not be impacted, although we recommend that all customers quickly migrate to SHA-2. For more information, please see Windows Enforcement of SHA1 Certificates.

  • 3123479 - SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
    on 14. März 2017 at 17:00

    Revision Note: V2.0 (March 14, 2017): Advisory rereleased to announce that the changes described in this advisory have been reverted as of November 2016. This is an informational change only.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program.

  • 4010983 - Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service - Version: 1.0
    on 27. Januar 2017 at 18:00

    Revision Note: V1.0 (January 27, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications correctly.

  • 3214296 - Vulnerabilities in Identity Model Extensions Token Signing Verification Could Allow Elevation of Privilege - Version: 1.0
    on 10. Januar 2017 at 18:00

    Revision Note: V1.0 (January 10, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public version of Identity Model Extensions 5.1.0. This advisory also provides guidance on what developers can do to help ensure that their apps are updated correctly.

  • 3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0
    on 13. September 2016 at 17:00

    Revision Note: V1.0 (September 13, 2016): Advisory published.Summary:

  • 3181759 - Vulnerabilities in ASP.NET Core View Components Could Allow Elevation of Privilege - Version: 1.0
    on 13. September 2016 at 17:00

    Revision Note: V1.0 (September 13, 2016): Advisory published.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.0.0. This advisory also provides guidance on what developers can do to help ensure that their applications are updated correctly.

  • 3179528 - Update for Kernel Mode Blacklist - Version: 1.0
    on 9. August 2016 at 17:00

    Revision Note: V1.0 (August 9, 2016): Click here to enter text.Summary: Microsoft is blacklisting some publically released versions of securekernel.exe. This advisory includes a list of hashes for specific operating systems that are on the blacklist

  • 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
    on 18. Mai 2016 at 17:00

    Revision Note: V2.0 (May 18, 2016): Advisory updated to provide links to the current information regarding the use of the SHA1 hashing algorithm for the purposes of SSL and code signing. For more information, see Windows Enforcement of Authenticode Code Signing and Timestamping.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

  • 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
    on 10. Mai 2016 at 17:00

    Revision Note: V1.0 (May 10, 2016): Advisory published.Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first flight of application_data records using the attacker’s chosen cipher suite from the client’s list. To avoid downgrade attacks, TLS clients only allow FalseStart when their strongest cipher suites are negotiated.

  • 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1
    on 22. April 2016 at 17:00

    Revision Note: V1.1 (April 22, 2016): Added FAQs and additional information to clarify that only standalone mouse devices are affected. This is an informational change only.Summary: Microsoft is announcing the availability of an update to improve input filtering for certain Microsoft wireless mouse devices. The update enhances security by filtering out QWERTY key packets in keystroke communications issued from receiving USB wireless dongles to wireless mouse devices. This improvement is part of ongoing efforts to improve the effectiveness of security in Windows and Microsoft devices. For more information, see Microsoft Knowledge Base Article 3152550.

  • 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
    on 10. Februar 2016 at 18:00

    Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of Visual Studio 2013, Visual Studio 2015, ASP.NET MVC5, and ASP.NET MVC6. This advisory also provides guidance on what developers can do to help ensure that the controls and components that they have built are not subject to the vulnerability.

  • 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0
    on 9. Februar 2016 at 18:00

    Revision Note: V5.0 (February 9, 2016): Rereleased advisory to announce the release of update 3126593 to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default. See Updates Related to this Advisory for details.Summary: Microsoft is announcing the availability of updates for supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 that improve credential protection and domain authentication controls to reduce credential theft.

  • 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
    on 12. Januar 2016 at 18:00

    Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016.

  • 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0
    on 12. Januar 2016 at 18:00

    Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is announcing the availability of an update to improve interoperability between Schannel-based TLS clients and 3rd-party TLS servers that enable RFC5077-based resumption and that send the NewSessionTicket message in the abbreviated TLS handshake. The update addresses an issue in schannel.dll that could cause RFC5077 session ticket-based resumption to fail and subsequently cause WinInet-based clients (for example, Internet Explorer and Microsoft Edge) to perform a fallback to a lower TLS protocol version than the one that would have been negotiated otherwise. This improvement is part of ongoing efforts to bolster the effectiveness of encryption in Windows.

  • 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0
    on 5. Januar 2016 at 18:00

    Revision Note: V53.0 (January 5, 2016): Added the 3133431 update to the Current Update section.Summary: Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10; the update is also available for Adobe Flash Player in Microsoft Edge on all supported editions of Windows 10. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge.

  • 3057154 - Update to Harden Use of DES Encryption - Version: 1.1
    on 8. Dezember 2015 at 18:00

    Revision Note: V1.1 (December 8, 2015): Advisory updated to include more information about disabling DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. The update allows DES to be used between client and server to address scenarios in which DES is still required for application compatibility reasons.Summary: Microsoft is announcing the availability of an update to harden scenarios in which Data Encryption Standard (DES) encryption keys are used with accounts to ensure that domain users, services, and computers that support other encryption types are not vulnerable to credential theft or elevation of privilege attacks. DES is considered a weak cipher due to well-known brute force and faster than brute force attacks. The cryptographic algorithm has also been removed from the standard [RFC 6649]. To further protect our users, Microsoft has disabled DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. However, this update does allow DES to be used between client and server to address scenarios in which DES is still required for application compatibility reasons. The improvement is part of ongoing efforts to bolster the effectiveness of encryption in Windows and still support legacy line-of-business (LOB) applications.

  • 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0
    on 8. Dezember 2015 at 18:00

    Revision Note: V1.0 (December 8, 2015): Advisory published.Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

  • 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0
    on 30. November 2015 at 18:00

    Revision Note: V1.0 (November 30, 2015): Advisory published.Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate other domains, or sign code. In addition, these certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against Dell customers. This issue affects all supported releases of Microsoft Windows. Microsoft is not currently aware of attacks related to this issue.

  • 3108638 - Update for Windows Hyper-V to Address CPU Weakness - Version: 1.0
    on 10. November 2015 at 18:00

    Revision Note: V1.0 (November 10, 2015): Advisory published.Summary: Microsoft is announcing the availability of a security update for Windows Hyper-V to protect against a denial of service condition that can be triggered with certain central processing unit (CPU) chipsets. Although the weakness resides in the chipset, Microsoft is issuing this security update to protect customers. The update prevents guests on a Hyper-V system from triggering a weakness in the CPU that could allow instructions from a Hyper-V guest to place its Hyper-V host's CPU into an unresponsive state, leading to a denial of service condition for the guest operating systems running on the affected host. Successful exploitation of the CPU weakness would require kernel-mode code execution privileges on the guest operating system.

  • 3042058 - Update to Default Cipher Suite Priority Order - Version: 1.1
    on 13. Oktober 2015 at 17:00

    Revision Note: V1.1 (October 13, 2015): Advisory revised to announce that the Default Cipher Suite Prioritization update (3042058), originally released May 12, 2015 via the Microsoft Download Center (DLC) only, is now also available via Microsoft Update (MU) and Windows Server Update Services (WSUS). This is an update offering venue change only. There were no changes to the update files. Customers who have already successfully installed the update do not need to take any action.Summary: On May 12, 2015, Microsoft announced the availability of an update to cryptographic cipher suite prioritization in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The update added additional cipher suites to the default list on affected systems and improved cipher suite priority ordering. The improvements were in keeping with ongoing efforts to bolster the effectiveness of encryption in Windows operating systems.

  • 2960358 - Update for Disabling RC4 in .NET TLS - Version: 2.0
    on 13. Oktober 2015 at 17:00

    Revision Note: V2.0 (October 13, 2015): Advisory revised to broaden the affected software list to include Windows 10 systems that are running .NET Framework 3.5 applications and systems with .NET Framework 4.6 installed that are running .NET Framework 4.5/4.5.1/4.5.2 applications, and to provide customers running these configurations with steps for manually disabling RC4 in TLS. See the Affected Software and Suggested Actions sections of this advisory for more information.Summary: On May 13, 2014, Microsoft announced the availability of an update for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.

  • 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 2.0
    on 13. Oktober 2015 at 17:00

    Revision Note: V2.0 (October 13, 2015): Advisory revised to notify customers that an update is available that modifies the Code Integrity component in Windows to extend trust removal for the four digital certificates addressed by this advisory to also preclude kernel-mode code signing.Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other certificates or impersonate other domains, but could be used to sign code. This issue affects all supported releases of Microsoft Windows.