DRS Georgia

Revision Note: V3.0 (January 19, 2012): Revised to announce the release of an update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices.
Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when broken, could allow an attacker to use the certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

Revision Note: V2.0 (January 10, 2012): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-006 to address this issue. For more information about this issue, including download links for an available security update, please review MS12-006. The vulnerability addressed is the SSL/TLS Information Disclosure Vulnerability - CVE-2011-3389.

Revision Note: V2.0 (December 29, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-100 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-100. The vulnerability addressed is the Collisions in HashTable May Cause DoS Vulnerability - CVE-2011-3414.

Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-087. The vulnerability addressed is the TrueType Font Parsing Vulnerability - CVE-2011-3402.

Revision Note: V13.0 (December 13, 2011): Added the following Microsoft Security Bulletins to the Updates relating to Insecure Library Loading section: MS11-099, "Cumulative Security Update for Internet Explorer;" and MS11-094, "Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution."
Summary: Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries.

Revision Note: V5.0 (September 19, 2011): Revised to announce the rerelease of the KB2616676 update. See the Update FAQ in this advisory for more information.
Summary: Microsoft is aware of active attacks using at least one fraudulent digital certificate issued by DigiNotar, a certification authority present in the Trusted Root Certification Authorities Store. A fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

Revision Note: V1.0 (August 9, 2011): Advisory published.
Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory.

Revision Note: V5.0 (July 6, 2011): Announced the release of an update for Zune HD devices and moved Zune devices to the Non-Affected Devices table.
Summary: Microsoft is aware of nine fraudulent digital certificates issued by Comodo, a certification authority present in the Trusted Root Certification Authorities Store, on all supported releases of Microsoft Windows, Windows Mobile 6.x, Windows Phone 7, Microsoft Kin, and Zune HD devices. Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

Revision Note: V2.0 (June 30, 2011): Announced that the Office File Validation Add-in described in Microsoft Knowledge Base Article 2501584 is available through the Microsoft Update service.
Summary: Microsoft is announcing the availability of the Office File Validation feature for supported editions of Microsoft Office 2003 and Microsoft Office 2007. The feature, previously only available for supported editions of Microsoft Office 2010, is designed to make it easier for customers to protect themselves from Office files that may contain malformed data, such as unsolicited Office files received from unknown or known sources, by scanning and validating files before they are opened.

Revision Note: V1.0 (April 12, 2011): Advisory published.
Summary: Microsoft is announcing the availability of an update to winload.exe to address an issue in driver signing enforcement. While this is not an issue that would require a security update, this update addresses a method by which unsigned drivers could be loaded by winload.exe. This technique is often utilized by malware to stay resident on a system after the initial infection.