AusCERT Week in Review for 2nd September 2011

Date: 02 September 2011 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=14792 Greetings, In stark contrast to the last few weeks, there have been a couple of particularly newsworthy events this week. One of these events has sparked quite a number of security bulletins and updates - the issuing of fraudulent certificates by the Dutch certificate authority, DigiNotar. In response to the DigiNotar breach, numerous vendors have removed DigiNotar's root certificate from their products: - Microsoft released a bulletin stating that they had removed the DigiNotar root certificate from the Microsoft Certificate Trust List, which is used by Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 to validate certificate trust. They also stated that they will be releasing an update to address the issue on Windows XP and Windows Server 2003. - Debian released two bulletins, one for NSS, stating that the DigiNotar root certificate had been disabled by default in the NSS crypto libraries. The other bulletin stated that Debian had disabled the DigiNotar root certificate by default in its ca-certificates bundle. - Mozilla released updates for Firefox, Thunderbird and Seamonkey specifically to revoke the root certificate for DigiNotar. - Redhat also released a bulletin regarding the updates for Firefox, Thunderbird and Seamonkey. The other particularly newsworthy event of the week, was the announcement of the compromise of a number of kernel.org's servers. Kernel.org became aware of the compromise on August 28th, but have stated that they believe that their source code repositories were unaffected. Have a great weekend! Jonathan