You are currently offline, waiting for your internet to reconnect

Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

INTRODUCTION
Microsoft has released a Microsoft security advisory about this issue for IT professionals. This update is released for all supported versions of Microsoft Windows. This update revokes the trust of the following certificates by putting them in the Microsoft Untrusted Certificate Store:
  • *.google.com issued by *.EGO.GOV.TR
  • e-islem.kktcmerkezbankasi.org issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri
  • *.EGO.GOV.TR issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri
This update replaces update 2728973.

The security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:
More information
The following files are available for download from the Microsoft Download Center:

Update for Windows XP and Windows Server 2003 (KB2798897)

DownloadDownload the package now.

Update for Windows Vista, Windows 7, Server 2008, and Server 2008 R2 (KB2798897)

DownloadDownload the package now.

Update for Windows 8 and Windows Server 2012 (KB2798897)

DownloadDownload the package now.

Release Date: January 3, 2013

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
Update Information

Detection and deployment tools and guidance

Systems Management Server

The following table provides the Systems Management Server (SMS) detection and deployment summary for this update.
SoftwareSystem Center Configuration Manager (all supported versions)
Windows XP Service Pack 3Yes
Windows XP Professional x64 Edition Service Pack 2Yes
Windows Server 2003 Service Pack 2Yes
Windows Server 2003 x64 Edition Service Pack 2Yes
Windows Server 2003 with SP2 for Itanium-based SystemsYes
Windows Vista Service Pack 2Yes
Windows Vista x64 Edition Service Pack 2Yes
Windows Server 2008 for 32-bit Systems Service Pack 2Yes
Windows Server 2008 for x64-based Systems Service Pack 2Yes
Windows Server 2008 for Itanium-based Systems Service Pack 2Yes
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1Yes
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1Yes
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1Yes
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1Yes
Windows 8 for 32-bit SystemsYes
Windows 8 for 64-bit SystemsYes
Windows RTYes
Windows Server 2012Yes

Update deployment

Affected software

For information about the specific update for your affected software, refer to the appropriate section for the operating system:

All editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012

Reference table
Deployment
Installing without requiring user interventionFor all supported editions of Windows XP:
rvkroots.exe /q
Installing without restartingFor all supported editions of Windows XP:
rvkroots.exe /r:n
Restart requirement
Restart required?This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationThis update cannot be uninstalled.

Installation verification

For systems that are not using the automatic updater of revoked certificates, in the Certificates MMC snap-in, verify that the following certificates have been added to the Untrusted Certificates folder:
CertificateIssued byThumbprint
*.google.com*.EGO.GOV.TR‎4d 85 47 b7 f8 64 13 2a 7f 62 d9 b7 5b 06 85 21 f1 0b 68 e3
e-islem.kktcmerkezbankasi.orgTURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri‎f9 2b e5 26 6c c0 5d b2 dc 0d c3 f2 dc 74 e0 2d ef d9 49 cb
*.EGO.GOV.TRTURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri‎c6 9f 28 c8 25 13 9e 65 a6 46 c4 34 ac a5 a1 d2 00 29 5d b1
Note For information about how to view certificates by using the Certificates MMC snap-in, see the MSDN article, How to: View Certificates with the MMC Snap-in.

Windows RT

Updates for Windows RT are available from Windows Update only.

Installation verification

Windows RT contains the automatic updater of revoked certificates (See Microsoft Knowledge Base Article 2677070).To validate the newly revoked certificates have been added to the CTL, check the Application log in the Event Viewer for an entry with the following values:
  • Source: CAPI2
  • Level: Information
  • Event ID: 4112
  • Description: Successful auto update of disallowed certificate list with effective date: Monday, December 31, 2012 (or later).
FILE INFORMATION
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For all supported versions of Windows

File nameFile versionFile sizeDateTimePlatform
Advpack.dll6.0.2600.091,13631-May-201223:54x86
Disallowedcert.sstNot Applicable83,06731-Dec-201223:59Not Applicable
Updroots.exe5.2.3790.44566,65601-Jun-201218:48x86
W95inf16.dll4.71.704.02,27231-May-201223:55Not Applicable
W95inf32.dll4.71.16.04,60831-May-201223:55x86
Properties

Article ID: 2798897 - Last Review: 01/11/2013 22:59:00 - Revision: 4.0

Windows 7 Service Pack 1, Windows 7 Enterprise, Windows 7 Professional, Windows 7 Ultimate, Windows 7 Home Premium, Windows 7 Home Basic, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Standard, Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Datacenter, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows XP Service Pack 3

  • kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability KB2798897
Feedback
dy>