Microsoft Security Advisory (2607712)
Fraudulent Digital Certificates Could Allow Spoofing

Published: August 29, 2011 | Updated: September 06, 2011
Version: 3.0
General Information
Executive Summary
Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store. A fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.
Microsoft is continuing to investigate this issue. Based on preliminary investigation, Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust of the following DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store:

DigiNotar Root CA

DigiNotar Root CA G2

DigiNotar PKIoverheid CA Overheid

DigiNotar PKIoverheid CA Organisatie - G2

DigiNotar PKIoverheid CA Overheid en Bedrijven
For supported releases of Microsoft Windows, typically no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information, including how to manually install this update, see the Suggested Actions section of this advisory.

Microsoft Security Advisory (2607712): Fraudulent Digital Certificates Could Allow Spoofing