informa
/
Attacks/Breaches
Quick Hits

Microsoft Warns Of Phony Windows Live Digital Certificate

Unauathorized SSL certificate for 'live.fi' could be used for man-in-the-middle, phishing attacks, Microsoft says.

Microsoft is now revoking and blacklisting a newly discovered phony SSL certificate for the domain 'live.fi' that could be used to spoof content and wage phishing and man-in-the-middle attacks, the software company said today. The 'live.fi' domain is Windows Live.

Comodo, the certificate authority that inadvertently issued the phony cert, has revoked it. Microsoft says it's not aware of any attacks using the phony cert, which cannot be used to impersonate domains, sign code, nor issue other certificates. All versions of Windows are affected, and automatic updates will pull the phony cert. 

"A certificate was improperly issued due to a misconfigured privileged email account on the live.fi domain. An email account was able to be registered for the live.fi domain using a privileged username, which was subsequently used to request an unauthorized certificate for that domain," Microsoft said in a security advisory released late last night.

For details, see the Microsoft advisory here.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5