Announcement

Collapse
No announcement yet.

Digital certificate flaw found in over a dozen programs!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Digital certificate flaw found in over a dozen programs!

    Microsoft has issued a security alert for a group of programs on both the Windows and Macintosh platforms.
    They include:
    Microsoft Windows 98
    Microsoft Windows 98 Second Edition
    Microsoft Windows Me
    Microsoft Windows NT® 4.0
    Microsoft Windows NT 4.0, Terminal Server Edition
    Microsoft Windows 2000
    Microsoft Windows XP
    Microsoft Office for Mac
    Microsoft Internet Explorer for Mac
    Microsoft Outlook Express for Mac

    Learn how this flaw could affect you
    Excerpt:
    "Microsoft issued a security alert, calling the flaw "critical." The flaw affects how more than a dozen Microsoft products, including programs for Windows and the Macintosh, handle digital certificates, which are used to certify the authenticity of a Web site or of software code.

    The flaw could let a Web site with a valid certificate issue a second, invalid one, which could enable unauthorized access to a computer as well as, among other things, the theft of user passwords or credit card numbers.

    "You're on my site and I say, 'Click here to go to Amazon.com.' But I don't really take you to Amazon.com. I can pretend to be Amazon.com and get you to enter in your credit card number," explained Gartner analyst John Pescatore.

    Experts were quick to point out that, so far, it is unlikely anyone has taken advantage of the flaw , but they also say that the implications of the flaw could be widespread, since it affects one of Windows' key security-authentication mechanisms, called CryptoAPI, which is also used by many non-Microsoft programs that run on Windows. Analysts also warned that the problem, if exploited, could undermine consumers' confidence in conducting transactions over the Web. "

    Download the patches for this flaw

  • #2
    This will be automatically installed by my weekly Windows update, no?
    Learn by teaching
    Take responsibility for learning

    Comment


    • #3
      This will be automatically installed by my weekly Windows update, no?
      I can't answer that -- I tried to find the info on Microsoft's website, but failed. I'm sure that your weekly update will inform you whether it includes this patch, tho.

      Microsoft's FAQ says:

      "You just need to apply the patch for the version of Windows you’re using." No patch is available yet for Windows 2000, or for MAC programs affected -- "will be available shortly".

      NOTE: After I installed the patch, I found that a soft boot didn't work, so had to hard boot to get system working.

      Comment


      • #4
        I use Win2000, so no automatic update for me.

        And thanks for bringing this to our attention.
        Learn by teaching
        Take responsibility for learning

        Comment


        • #5
          I have XP with the auto updates. Will this be included do you think?
          DJ

          Comment


          • #6
            I hear the XP Service Pack 1 will be released Monday. I wonder if it will be in there?
            Learn by teaching
            Take responsibility for learning

            Comment


            • #7
              DJ -- I don't know since I use Win98Se. The XP update area won't speak to me since they know I'm "beneath their level".

              Comment


              • #8
                I would go there right now and not wait for my computer to find the update.

                Here's a paranoid question:
                Since the flaw takes you to another site other than where you wanted to go, how do you know that you are really at Microsoft's site downloading the "patch'?

                Comment


                • #9
                  Originally posted by DJ Dubovsky
                  I have XP with the auto updates. Will this be included do you think?
                  DJ
                  I have XP and received this fix in an automatic update yesterday (9/5).

                  Jim

                  Comment


                  • #10
                    Thanks very much for passing that on CJ. I just downloaded the patch, just in case. My wife had her card stolen not long ago. I think there was $35.00 charged to it from a porno site. Our bank just sent out statements that they would no longer cover that type of loss.

                    Ed

                    Comment


                    • #11
                      Ed, your bank did WHAAT!! I may need to look at the "fine print", but my cards have offered coverage up to a certain amount for years, and did cover a situation similar to your wife's. (I was upset only because the police wouldn't consider ME as a victim, but only the credit card company, so I couldn't file a report even though I thought that I might know who used my card).

                      Is this bank a large national bank, or a regional bank?

                      Comment

                      Related Topics

                      Collapse

                      • CJ Swartz
                        Credit card theft feared in Windows flaw
                        by CJ Swartz
                        Digital certificate flaw found in over a dozen programs!___________________
                        Microsoft has issued a security alert for a group of programs on both the Windows and Macintosh platforms.
                        They include:
                        Microsoft Windows 98
                        Microsoft Windows 98 Second Edition
                        Microsoft...
                        09-06-2002, 02:50 PM
                      • PeteyB
                        Windows Vista
                        by PeteyB
                        In a humorous manner, David Pogue reviews Microsoft's Vista's

                        http://video.on.nytimes.com/?fr_stor...405a4991&rf=bm
                        12-19-2006, 09:46 PM
                      • d_kendal
                        I can't take any more of XP!!
                        by d_kendal
                        I've really had it with windows (and it's not because
                        I'm inexperienced - I've used 3.1, 95, 98, and XP) I've had sooo many problems and it hasn't really helped deleting everything and reloading Windows, so I give up. I'm very soon switching to Linux (Mandrake 8.2).
                        When I first bought...
                        03-27-2002, 03:13 PM
                      • skydog
                        Windows vs Apple
                        by skydog
                        I need to upgrade my computer. I currently use Windows XP. Over the years I've been told that Apple is the way to go for those who are into photography, video, graphic design, etc. Is this still true? Is there still a strong differential between an Apple and the Windows format?

                        ...
                        04-02-2007, 04:49 PM
                      • plugsnpixels
                        Windows 8 DP
                        by plugsnpixels
                        You can now download the Developer's Preview of Windows 8 here. This is a screenshot of my installation on a Mac using Parallels 6 (you can only do a clean install so PC users might not want to try this!)....
                        09-13-2011, 10:35 PM
                      Working...
                      X