diginotarlogo

In a posting from the Microsoft Security Response Center yesterday, Microsoft reports that they have updated Security Advisory 2607712 to delete two DigiNotar certificates from the Certificate Trust List on Windows operating systems and servers.

We are in the process of moving all DigiNotar owned or managed Certificate Authorities to the Untrusted Certificate Store, which will deny access to any websites using DigiNotar certificates.  Microsoft is preparing to release an update to implement these protections.

Microsoft is offering the update to customers worldwide in order to protect them from this breach. At the explicit request of the Dutch government, Microsoft will delay deployment of this update in the Netherlands for one week to give the government time to replace certificates. Dutch customers who wish to install the update can do so by manually visiting Windows Update or following the instructions available at www.microsoft.nl once the security update is released worldwide.

So if your anywhere but the Netherlands the updates are available already from Windows Update or you can grab the downloads directly from the Microsoft Download Center.  Those in the Netherlands can also use this manual method to install these critical updates.

Here is a list of all the updates that were made available there for download today:

You will want to grab these downloads immediately so your not at risk for being spoofed by these improperly obtained certificates for the microsoft.com domain.  You can also take a look at the posting from the Microsoft Security research and Defense blog about protecting yourself from attacks that leverage fraudulent DigiNotar digital certificates.