The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability announce 15037

SSL: revocation of CCA

Synthesis of the vulnerability

The Government of India Controller of Certifying Authorities certification authority emitted certificates to spoof several Google domains.
Vulnerable software: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, SSL protocol.
Severity of this announce: 2/4.
Consequences of an intrusion: data reading, data creation/edition.
Attacker's origin: internet server.
Creation date: 11/07/2014.
Références of this computer vulnerability: 2982792, VIGILANCE-VUL-15037.

Description of the vulnerability

The Government of India Controller of Certifying Authorities certification authority emitted certificates to spoof several Google domains (VIGILANCE-ACTU-4436).

It is thus recommended to delete this certification authority or to update the Certificate Trust List.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides an application vulnerability workaround. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The technology watch team tracks security threats targeting the computer system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.