Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing

Microsoft has released a Microsoft security advisory about this issue for IT professionals. This update is released for all supported versions of Microsoft Windows. This update revokes the trust of the following certificates by putting them in the Microsoft Untrusted Certificate Store:

• *.google.com issued by *.EGO.GOV.TR
• e-islem.kktcmerkezbankasi.org issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri
• *.EGO.GOV.TR issued by TURKTRUST Elektronik Sunucu Sertifikasi Hizmetleri

This update replaces update 2728973.

The security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:

Detection and deployment tools and guidance

Systems Management Server

The following table provides the Systems Management Server (SMS) detection and deployment summary for this update.

Update deployment

Affected software

For information about the specific update for your affected software, refer to the appropriate section for the operating system:

All editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012

Reference table

Installation verification

For systems that are not using the automatic updater of revoked certificates, in the Certificates MMC snap-in, verify that the following certificates have been added to the Untrusted Certificates folder:


Note For information about how to view certificates by using the Certificates MMC snap-in, see the MSDN article, How to: View Certificates with the MMC Snap-in.

Windows RT

Updates for Windows RT are available from Windows Update only.

Installation verification

Windows RT contains the automatic updater of revoked certificates (See Microsoft Knowledge Base Article 2677070 ). To validate the newly revoked certificates have been added to the CTL, check the Application log in the Event Viewer for an entry with the following values:

• Source: CAPI2
• Level: Information
• Event ID: 4112
• Description: Successful auto update of disallowed certificate list with effective date: Monday, December 31, 2012 (or later).

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.