Como excluir certificados DigiNotar

No dia 06/09/2011 a Microsoft publicou um alerta de segurança em relação aos certificados da DigiNotar, conforme abaixo.

Executar uma das duas ações abaixo evita problemas com os certificados frudulentos possivelmente emitidos.

1) Atualizar a lista de Autoridades Certificadores através do Windows Update ou no link:

http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe

ou

2) Remover os certificados das CAs usando os comandos abaixo:

certutil -delstore authroot “c0 60 ed 44 cb d8 81 bd 0e f8 6c 0b a2 87 dd cf 81 67 47 8c”

certutil -delstore authroot “43 d9 bc b5 68 e0 39 d0 73 a7 4a 71 d8 51 1f 74 76 08 9c c3”

certutil -delstore authroot “b5 33 34 5d 06 f6 45 16 40 3c 00 da 03 18 7d 3b fe f5 91 56”

certutil -delstore authroot “5d e8 3e e8 2a c5 09 0a ea 9d 6a c4 e7 a6 e2 13 f9 46 e1 79”

certutil -delstore authroot “40 aa 38 73 1b d1 89 f9 cd b5 b9 dc 35 e2 13 6f 38 77 7a f4”

 

Após a execução de cada um deles, deve aparecer a mensagem “Deleting Certificate xx”. Provavelmente os três últimos certificados não devem estar instalados.

 

 

Outras informações: http://blogs.technet.com/b/srd/archive/2011/09/04/protecting-yourself-from-attacks-that-leverage-fraudulent-diginotar-digital-certificates.aspx

 

 

 

Alert – Microsoft Security Advisory 2607712 Revised

==================================

SUMMARY

==================================

Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store. A fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

Microsoft is continuing to investigate this issue. Based on preliminary investigation, Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust of the following DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store:

• DigiNotar Root CA

• DigiNotar Root CA G2

• DigiNotar PKIoverheid CA Overheid

• DigiNotar PKIoverheid CA Organisatie – G2

• DigiNotar PKIoverheid CA Overheid en Bedrijven

For supported releases of Microsoft Windows, typically no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information, including how to manually install this update, see the Suggested Actions section of this advisory.

==================================

KNOWN ISSUES

==================================

Microsoft Knowledge Base Article 2607712 documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues.

==================================

AFFECTED SOFTWARE AND DEVICES

==================================

The security advisory discusses the following software and devices.

———————————-

Affected Software

———————————-

• Windows XP Service Pack 3

• Windows XP Professional x64 Edition Service Pack 2 • Windows Server 2003 Service Pack 2 • Windows Server 2003 x64 Edition Service Pack 2 • Windows Server 2003 with SP2 for Itanium-based Systems • Windows Vista Service Pack 2 • Windows Vista x64 Edition Service Pack 2 • Windows Server 2008 for 32-bit Systems Service Pack 2* • Windows Server 2008 for x64-based Systems Service Pack 2* • Windows Server 2008 for Itanium-based Systems Service Pack 2 • Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 • Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 • Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1* • Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

*Server Core installation affected. This advisory applies to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation option. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008 and Windows Server 2008 R2.

———————————-

Non-Affected Devices

———————————-

• Windows Mobile 6.x

• Windows Phone 7

• Windows Phone 7.5

==================================

RECOMMENDATIONS

==================================

Review Microsoft Security Advisory 2607712 for an overview of the issue, details on affected components, suggested actions, frequently asked questions (FAQs), and links to additional resources.

==================================

ADDITIONAL RESOURCES

==================================

• Microsoft Security Advisory 2607712 – Fraudulent Digital Certificates Could Allow Spoofing: http://www.microsoft.com/technet/security/advisory/2607712.mspx

• Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc/

• Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc/

• Microsoft Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd/

==================================

REGARDING INFORMATION CONSISTENCY

==================================

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

Microsoft CSS Security Team

Esse post foi publicado em Segurança, Windows 2008, Windows 7, Windows Server, Windows Vista, Windows XP. Bookmark o link permanente.

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s