3050995 - Improperly Issued Digital Certificates Could Allow Spoofing - Version: 2.0

Posted on Thursday March 26, 2015

Revision Note: V2.0 (March 26, 2015): Advisory rereleased to announce that the update for supported editions of Windows Server 2003 is now available. See Microsoft Knowledge Base Article 3050995 for more information and download links.
Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The improperly issued certificates cannot be used to issue other certificates, impersonate other domains, or sign code. This issue affects all supported releases of Microsoft Windows. Read the bulletin here.