Security Advisory

Microsoft Security Advisory 2641690

Fraudulent Digital Certificates Could Allow Spoofing

Published: November 10, 2011 | Updated: January 19, 2012

Version: 3.0

General Information

Executive Summary

Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when broken, could allow an attacker to use the certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

DigiCert Sdn. Bhd is not affiliated with the corporation DigiCert, Inc., which is a member of the Microsoft Root Certificate Program.

There is no indication that any certificates were issued fraudulently. Instead, cryptographically weak keys have allowed some of the certificates to be duplicated and used in a fraudulent manner.

Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust in DigiCert Sdn. Bhd. The update revokes the trust of the following two intermediate CA certificates:

  • Digisign Server ID - (Enrich), issued by Entrust.net Certification Authority (2048)
  • Digisign Server ID (Enrich), issued by GTE CyberTrust Global Root

Recommendation. Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. Please see the Suggested Actions section of this advisory for more information.

Known Issues. Microsoft Knowledge Base Article 2641690 documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues.

Advisory Details

Issue References

For more information about this issue, see the following references:

References Identification
Microsoft Knowledge Base Article 2641690 

Affected Software and Devices

This advisory discusses the following software and devices.

Affected Software
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1*
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

*Server Core installation affected. This advisory applies to supported editions of Windows Server 2008 or Windows Server 2008 R2 as indicated, whether or not installed using the Server Core installation option. For more information on this installation option, see the TechNet articles, Managing a Server Core Installation and Servicing a Server Core Installation. Note that the Server Core installation option does not apply to certain editions of Windows Server 2008 and Windows Server 2008 R2; see Compare Server Core Installation Options.

Affected Devices
Windows Mobile 6.x
Windows Phone 7
Windows Phone 7.5

Frequently Asked Questions

Why was this advisory revised January 19, 2012?  Microsoft revised this advisory to announce the release of an update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices. For more information, see Microsoft Knowledge Base Article 2641690.

Why was this advisory revised November 16, 2011?  Microsoft revised this advisory to announce the rerelease of the KB2641690 update for Windows XP Professional x64 Edition Service Pack 2 and all supported editions of Windows Server 2003. The rereleased update addresses an issue noted by customers using Windows Server Update Services (WSUS), where the applicability for the update was not properly detected.

Customers of Windows XP Professional x64 Edition Service Pack 2 and all supported editions of Windows Server 2003 should apply the rereleased version of the KB2641690 update to be protected against the use of fraudulent certificates as described in this advisory. Customers of Windows XP Service Pack 3 and supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by this rerelease.

The majority of customers have automatic updating enabled and will not need to take any action because the rereleased KB2641690 update will be downloaded and installed automatically.

What is the scope of the advisory?  The purpose of this advisory is to notify customers that DigiCert Sdn. Bhd has issued 22 certificates with weak 512 bit keys. These weak keys have allowed some of the certificates to be compromised. Microsoft has revoked the trust of this subordinate CA in an update that moves two intermediate CA certificates to the Microsoft Untrusted Certificate Store.

What caused the issue?  Microsoft was notified by Entrust, a CA in the Microsoft Root Certificate Program, that one of their subordinate CAs, DigiCert Sdn. Bhd, issued 22 certificates with weak 512 bit keys. Additionally, this subordinate CA has issued certificates without the appropriate usage extensions or revocation information. This is a violation of the Microsoft Root Certificate Program requirements.

There is no indication that any certificates were issued fraudulently. Instead, cryptographically weak keys allowed some of the certificates to be duplicated and used in a fraudulent manner. Entrust and GTE CyberTrust have revoked the intermediate CA certificates issued to DigiCert Sdn. Bhd. Microsoft is providing an update that revokes the trust of these two intermediate certificates to further protect customers.

How might an attacker duplicate a certificate?  A digital signature can only be created by the person who possesses the certificate’s private key. An attacker can attempt to guess the private key and use mathematical techniques to determine if a guess is correct. The difficulty of successfully guessing the private key is proportional to the number of bits used in the key. Therefore, the larger the key the longer it takes an attacker to guess the private key. Using modern hardware, 512 bit keys can be successfully guessed in a short amount of time.

How might an attacker use fraudulent certificates?  An attacker could use the 512 bit certificates to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

What is Microsoft doing to help with resolving this issue?  Although this issue does not result from an issue in any Microsoft product, we have nevertheless released an update that moves two intermediate certificates issued by Entrust and GTE CyberTrust to the Microsoft Untrusted Certificate Store. Microsoft recommends that customers apply the update immediately.

What is a man-in-the-middle attack?  A man-in-the-middle attack occurs when an attacker reroutes communication between two users through the attacker’s computer without the knowledge of the two communicating users. Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user.

What is a certification authority (CA)?  Certification authorities are the organizations that issue certificates. They establish and verify the authenticity of public keys that belong to people or other certification authorities, and they verify the identity of a person or organization that asks for a certificate.

What is the procedure for revoking a certificate?  There is a standard procedure that should allow a certificate authority to prevent certificates from being accepted if they are used. Every certificate issuer periodically generates a Certificate Revocation List (CRL), which lists all the certificates that should be considered invalid. Every certificate should provide a piece of data called the CRL Distribution Point (CDP) that indicates the location where the CRL can be obtained.

An alternative way for Web browsers to validate the identity of a digital certificate is by using the Online Certificate Status Protocol (OCSP). OCSP allows interactive validation of a certificate by connecting to an OCSP responder, hosted by the Certificate Authority (CA) which signed the digital certificate. Every certificate should provide a pointer to the OCSP responder location through the Authority Information Access (AIA) extension in the certificate. In addition, OCSP stapling allows the Web server itself to provide an OCSP validation response to the client.

OCSP validation is enabled by default on Internet Explorer 7 and later versions of Internet Explorer on supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. On these operating systems, if the OCSP validation check fails, the browser will validate the certificate by contacting the CRL Location.

Some network deployments may prevent online OCSP or CRL updates so Microsoft has released an update for all versions of Microsoft Windows that adds these certificates to the Microsoft Untrusted Certificate Store. Moving these certificates to the Microsoft Untrusted Certificate Store ensures these fraudulent certificates are not trusted in all network deployment scenarios.

For more information on certificate revocation checking, see the TechNet article, Certificate Revocation and Status Checking.

How do I know if I’ve encountered an invalid certificate error?  When Internet Explorer encounters an invalid certificate, users are presented with a Web page that says, "There is a problem with this website’s security certificate." Users are encouraged to close the Web page and navigate away from the site when this warning message appears.

Users are only presented this message when the certificate is determined to be invalid, for instance when the user has Certificate Revocation List (CRL) or Online Certificate Status Protocol (OCSP) validation enabled. OCSP validation is enabled by default on Internet Explorer 7 and later versions of Internet Explorer on supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

After applying the update, how can I verify the certificates in the Microsoft Untrusted Certificates Store?  For information on how to view certificates, see the MSDN article, How to: View Certificates with the MMC Snap-in.

In the Certificates MMC snap-in, verify that the following certificates have been added to the Untrusted Certificates folder:

Certificate Issued by Thumbprint
Digisign Server ID - (Enrich) Entrust.net Certification Authority (2048) ‎ 8e 5b d5 0d 6a e6 86 d6 52 52 f8 43 a9 d4 b9 6d 19 77 30 ab
Digisign Server ID (Enrich) GTE CyberTrust Global Root ‎51 c3 24 7d 60 f3 56 c7 ca 3b af 4c 3f 42 9d ac 93 ee 7b 74

Suggested Actions

For supported releases of Microsoft Windows

The majority of customers have automatic updating enabled and will not need to take any action because the KB2641690 update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871.

For administrators and enterprise installations, or end users who want to install the KB2641690 update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service. For more information on how to manually apply the update, see Microsoft Knowledge Base Article 2641690.

For Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices

For information about the update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices, see Microsoft Knowledge Base Article 2641690.

Additional Suggested Actions

  • Protect your PC

    We continue to encourage customers to follow our Protect Your Computer guidance of enabling a firewall, getting software updates and installing antivirus software. Customers can learn more about these steps by visiting Protect Your Computer.

    For more information about staying safe on the Internet, visit Microsoft Security Central.

  • Keep Microsoft Software Updated

    Users running Microsoft software should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit Microsoft Update, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have automatic updating enabled and configured to provide updates for Microsoft products, the updates are delivered to you when they are released, but you should verify that they are installed.

Other Information

Microsoft Active Protections Program (MAPP)

To improve security protections for customers, Microsoft provides vulnerability information to major security software providers in advance of each monthly security update release. Security software providers can then use this vulnerability information to provide updated protections to customers via their security software or devices, such as antivirus, network-based intrusion detection systems, or host-based intrusion prevention systems. To determine whether active protections are available from security software providers, please visit the active protections Web sites provided by program partners, listed in Microsoft Active Protections Program (MAPP) Partners.

Feedback

Support

  • Customers in the United States and Canada can receive technical support from Security Support. For more information about available support options, see Microsoft Help and Support.
  • International customers can receive support from their local Microsoft subsidiaries. For more information about how to contact Microsoft for international support issues, visit International Support.
  • Microsoft TechNet Security provides additional information about security in Microsoft products.

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

  • V1.0 (November 10, 2011): Advisory published.
  • V2.0 (November 16, 2011): Revised to announce the rerelease of the KB2641690 update. See the Update FAQ in this advisory for more information. Also, added link to Microsoft Knowledge Base Article 2641690 under Known Issues in the Executive Summary.
  • V3.0 (January 19, 2012): Revised to announce the release of an update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices.

Built at 2014-04-18T13:49:36Z-07:00