Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing


View products that this article applies to.

INTRODUCTION

Microsoft has released a Microsoft security advisory about this issue for IT professionals. This update is released for all supported versions of Microsoft Windows. This update revokes the trust of the following certificates by putting them in the Microsoft Untrusted Certificate Store:
  • *.google.com issued by *.EGO.GOV.TR
  • e-islem.kktcmerkezbankasi.org issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri
  • *.EGO.GOV.TR issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri
This update replaces update 2728973.

The security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:

↑ Back to the top


More Information

The following files are available for download from the Microsoft Download Center:


Update for Windows XP and Windows Server 2003 (KB2798897)

Download Download the package now.

Update for Windows Vista, Windows 7, Server 2008, and Server 2008 R2 (KB2798897)

Download Download the package now.

Update for Windows 8 and Windows Server 2012 (KB2798897)

Download Download the package now.

Release Date: January 3, 2013

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

↑ Back to the top


Update Information

Detection and deployment tools and guidance

Systems Management Server

The following table provides the Systems Management Server (SMS) detection and deployment summary for this update.


SoftwareSystem Center Configuration Manager (all supported versions)
Windows XP Service Pack 3Yes
Windows XP Professional x64 Edition Service Pack 2Yes
Windows Server 2003 Service Pack 2Yes
Windows Server 2003 x64 Edition Service Pack 2Yes
Windows Server 2003 with SP2 for Itanium-based SystemsYes
Windows Vista Service Pack 2Yes
Windows Vista x64 Edition Service Pack 2Yes
Windows Server 2008 for 32-bit Systems Service Pack 2Yes
Windows Server 2008 for x64-based Systems Service Pack 2Yes
Windows Server 2008 for Itanium-based Systems Service Pack 2Yes
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1Yes
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1Yes
Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1Yes
Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems Service Pack 1Yes
Windows 8 for 32-bit SystemsYes
Windows 8 for 64-bit SystemsYes
Windows RTYes
Windows Server 2012Yes

Update deployment

Affected software

For information about the specific update for your affected software, refer to the appropriate section for the operating system:

All editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012

Reference table
Deployment
Installing without requiring user interventionFor all supported editions of Windows XP:

rvkroots.exe /q
Installing without restartingFor all supported editions of Windows XP:

rvkroots.exe /r:n
Restart requirement
Restart required?This update does not require a restart. The installer stops the required services, applies the update, and then restarts the services. However, if the required services cannot be stopped for any reason, or if the required files are being used, this update will require a restart. If this behavior occurs, a message appears that advises you to restart.
Removal informationThis update cannot be uninstalled.

Installation verification

For systems that are not using the automatic updater of revoked certificates, in the Certificates MMC snap-in, verify that the following certificates have been added to the Untrusted Certificates folder:


CertificateIssued byThumbprint
*.google.com*.EGO.GOV.TR‎4d 85 47 b7 f8 64 13 2a 7f 62 d9 b7 5b 06 85 21 f1 0b 68 e3
e-islem.kktcmerkezbankasi.orgTURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri‎f9 2b e5 26 6c c0 5d b2 dc 0d c3 f2 dc 74 e0 2d ef d9 49 cb
*.EGO.GOV.TRTURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri‎c6 9f 28 c8 25 13 9e 65 a6 46 c4 34 ac a5 a1 d2 00 29 5d b1
Note For information about how to view certificates by using the Certificates MMC snap-in, see the MSDN article, How to: View Certificates with the MMC Snap-in.

Windows RT

Updates for Windows RT are available from Windows Update only.


Installation verification

Windows RT contains the automatic updater of revoked certificates (See Microsoft Knowledge Base Article 2677070 ). To validate the newly revoked certificates have been added to the CTL, check the Application log in the Event Viewer for an entry with the following values:
  • Source: CAPI2
  • Level: Information
  • Event ID: 4112
  • Description: Successful auto update of disallowed certificate list with effective date: Monday, December 31, 2012 (or later).

↑ Back to the top


FILE INFORMATION

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.
For all supported versions of Windows
File nameFile versionFile sizeDateTimePlatform
Advpack.dll6.0.2600.091,13631-May-201223:54x86
Disallowedcert.sstNot Applicable83,06731-Dec-201223:59Not Applicable
Updroots.exe5.2.3790.44566,65601-Jun-201218:48x86
W95inf16.dll4.71.704.02,27231-May-201223:55Not Applicable
W95inf32.dll4.71.16.04,60831-May-201223:55x86

↑ Back to the top


Applies to:

↑ Back to the top

Keywords: kblangall, kbmustloc, kbsurveynew, kbsecvulnerability, kbsecreview, kbexpertiseinter, kbinfo, kbsecadvisory, kbsecurity, kb

↑ Back to the top

Article Info
Article ID : 2798897
Revision : 3
Created on : 4/13/2020
Published on : 4/13/2020
Exists online : False
Views : 554