Vigil@nce - SSL: revocation of CCA
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
The Government of India Controller of Certifying Authorities
certification authority emitted certificates to spoof several
Google domains.
Impacted products: Windows 2003, Windows 2008, Microsoft Windows
2012, Windows 7, Windows 8, Windows RT, Windows Vista, SSL/TLS
Severity: 2/4
Creation date: 11/07/2014
DESCRIPTION OF THE VULNERABILITY
The Government of India Controller of Certifying Authorities
certification authority emitted certificates to spoof several
Google domains (VIGILANCE-ACTU-4436).
It is thus recommended to delete this certification authority or
to update the Certificate Trust List.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/SSL-revocation-of-CCA-15037