Start Updating ctl

Updating ctl

Cryptography is the science of securing information by converting it between its normal, readable state (called plaintext) and one in which the data is obscured (known as ciphertext).

Today, we are updating the Certificate Trust List (CTL) for all supported releases of Microsoft Windows to remove the trust of mis-issued third-party digital certificates.

These certificates could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties.

Does this update address any other digital certificates?

However, there must be a way for the owner of the key to tell the world who the key belongs to. A digital certificate is a tamperproof piece of data that packages a public key together with information about it (who owns it, what it can be used for, when it expires, and so forth). Certificates are used primarily to verify the identity of a person or device, authenticate a service, or encrypt files.

For more information about these certificates, see the Frequently Asked Questions section of this advisory. Please see the Suggested Actions section of this advisory for instructions on applying an update for specific releases of Microsoft Windows. The purpose of this advisory is to notify customers that MCS Holdings improperly issued SSL certificates for multiple sites including Google web properties.

These SSL certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against web properties.

With this update, most customers will be automatically protected against this issue and will not need to take any action.