Back in March we reported on some fraudulent SSL certificates that could make WP7 users vulnerable to phishing/spoofing attacks, and the possibility that MS would be releasing a security update to fix it. According to SlashGear, sources have revealed that MS plans to roll out the update on May 3. It is still unknown whether the patch will come in the form of an OTA push or through Zune software updates.
The fake certificates were brought to light by Comodo, who issued them without fully verifying their validity, and affect nine different websites. Comodo has since revoked the certs in question, while Microsoft posted a bulletin for desktop users of Internet Explorer. The sites affected are:
login.live.com
mail.google.com
www.google.com
login.yahoo.com (3 certificates)
login.skype.com
addons.mozilla.org
“Global Trustee”
Source: wpcentral.com
No comments:
Post a Comment