Hypothetical threat watch

New malware exploits USB, but isn't really that scary

Microsoft News

Microsoft issues security advisory affecting all versions of Windows, Windows Phone

General News

UK government set to rush through emergency surveillance legislation

General News

UK officials follow US counterparts by banning electronics that have no charge from boarding flights

Microsoft News

Microsoft restores control of seized domains to No-IP

Windows 8 Apps+Games

1Password for Windows gets much needed 4.0 update

Windows Phone News

More reports of changes to Cortana suggests a Microsoft update is inbound

Editorials

Using strong passwords and keeping your online self secure

General News

First smartphone 'kill switch' bill in the US passed by… Minnesota

Apps

Secure your passwords and critical information with Enpass Password Manager

General News

Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Apps

John McAfee's Chadder aims to keep your messages private, lands on Windows Phone before iOS

Windows

Microsoft issues security patch for Internet Explorer

Microsoft News

Microsoft issues warning about limited, targeted attack vulnerability in Internet Explorer

Games

Rail Rush celebrates Easter with the latest update

How To

Get secure by encrypting your PC with Microsoft BitLocker for Windows 8 Pro

Microsoft News

Microsoft Store giving away $100 credit; simply trade up your Windows XP dinosaur (US and Canada Only)

Microsoft News

Microsoft says it's really time to dump Windows XP thru this clever infograph

Windows 8 Apps+Games

Windows 8 app update roundup: Music, Video, and Evernote receive new features and performance tweaks

Editorials

So, you want to adopt BYOD?

< >
7

Microsoft gearing up for SSL cert update to Windows Phone?

While far from exciting, as it won't bring any new features, Microsoft is rumored to be working on an update to fix fraudulent SSL certificates in a hacking attempt that took aim at many web browser. Microsoft just published a security advisory on the issue to address the bogus SSL certs. As Bruce Cowper, manager of the Microsoft Trustworthy group states:

This is not a Microsoft security vulnerability; however, one of the certificates potentially affects Windows Live ID users via login.live.com...These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against end users. We are unaware of any active attacks.

Microsoft has since patched Internet Explorer against the attack is reportedly mulling over an update, even possibly an over-the-air (OTA) one for Windows Phone, though nothing is certain at this point. No time line was given either. It will be interesting to see if Microsoft utilizes the OTA update capability for Windows Phone, a feature which was originally thought to be used for adding copy/paste but has since taken a back seat due to reliability concerns.

Edit: For those curious about SSL certs and how they work, see VeriSign

Source: WinRumors

0
loading...
0
loading...
20
loading...
0
loading...

Comments

There are 7 comments. Sign in to comment

Physboy says:

I thought the OTA was attempted for use on Pre-NoDo update, & Zune was going to be used for actual NoDo???

Physboy says:

Bottom line though, is all this talk about updates to the WP7 device is moot as there are NO updates which are actually occuring at all. Oh, but there are plenty of NEW phones w/ the updated OS!Can you say Windows Mobile??

KCMike says:

Mama nooooooooooo!!

1jaxstate1 says:

LOL! On the floor laughing.

1jaxstate1 says:

LOL, stop posting anything about a update. The natives will get riled up!

michael.ball says:

Just update our phones via the Zune software and bypass the carriers altogether like Apple has done since Day 1. That way, Microsoft has control of the update process and isn't held hostage by uncaring carriers like AT&T who can't seem to get updates out of "Testing" status.

...so we won't be getting this one till like november, right?