Posts Tagged ‘spoof’

D-Link’s Digital Certificate Disclosure could Allow Spoofing

Thursday, October 1st, 2015

Here’s a potential security hole that most of us should probably be concerned about, but fortunately, there’s an easy way to check to see if you’re vulnerable.

D-Link Corporation disclosed four digital certificates recently inadvertently that attackers could use to spoof content. While the certificates cannot be used to issue others or impersonate domains, they can be used to sign code which attackers could use to (better) disguise malware as legitimate software. Microsoft has released a security advisory and an update to remove the affected digital certificates from supported versions of Windows. D-Link has revoked the certificates in the meantime as well.