In its response to security researchers’ claims of a method to launch undetected attacks on users’ PC by creating forged digital certificates, Microsoft Corp. has asserted that it is not expected to pose any significant threat to users.
Microsoft in its security advisory recognized the exploit of bugs in ‘MD5 hashing algorithm’, so as to create fake digital certificates that serve as a testimony for safe and secured connection between users and websites.
Downplaying the threat to the users, Microsoft said, “This new disclosure does not increase risk to customers significantly, as the researchers have not published the cryptographic background to the attack, and the attack is not repeatable without this information”.
In addition, the software giant notified that it hasn’t observed any attacks that have been described the group of security researchers from the US, the Netherlands, Germany, and Switzerland.
While most of the vendors that issue security certificates have upgraded to the latest SHA-1 algorithm, and dumped MD5 algorithm for creating digital certificates, Microsoft added.
Earlier, during the 25th annual Chaos Communication Congress in Berlin, a consortium of researchers had demonstrated the way to create fake digital license of RapidSSL, a firm frequently used by browsers to differentiate genuine websites from malicious ones, and the method was illustrated on around 200 PlayStation 3 gaming consoles.
Go To Page 2 for our comments and more related links
Continued on next page Tags: Crack, Encryption, Hacking, Microsoft
Add Your Comment
Follow on Twitter
More Articles
News
Hot Topics
Office web is the latest addition to Microsoft's Office business suite and is set to be the company's most revolutionary version.
Microsoft's 14th version of its award winning, multi-billion dollar cash cow business suite, is the company's most ambitious to date.
Spotify is certainly one of the most popular online music websites in the world which is a feat for a service that was officially launched only in February 2009
Comments