Windows 10: Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Ompal Yadav · Mar 29, 2022

Hi,We are getting below vulnerability in Windows Server 2012 2012R2 and Server 2016 while scanning through Qualys agentMicrosoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040Solutions:n automatic updater of untrusted certificates is available for Windows Create a Group Policy or change an existing Group Policy in the Local Group Policy Editor. Solution- Open gpedit.msc and follow the below steps. Computer Configuration\Windows Settings\Security Settings\Public Key Policies In the details pane, double-click Certificate Path Validation Settings. Click the Network Retr

:)

John_L. · Mar 29, 2022

Microsoft Security Advisory (2524375) - Fraudulent Digital Certificates Could Allow Spoofing

Update 7.0.7392.0
http://www.microsoft.com/windowsphone/en-us/howto/wp7/basics/update-history.aspx

Fix for fraudulent third-party digital certificates. This update includes a critical fix to an industry-wide issue with nine untrusted digital certificates that were issued by one root certificate authority. These third-party
digital certificates are used to access popular websites and email portals. Although this is not a Microsoft security vulnerability, these untrusted certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against
all web browser users. This update moves the affected certificates to the "Untrusted Publishers" certificate store on Windows Phone, which helps ensure that these fraudulent certificates are not inadvertently used. For more info, see
Microsoft Security Advisory (2524375).

You can also keep up to date by visiting the Windows Phone site:
http://www.microsoft.com/windowsphone/en-us/howto/wp7/new-features.aspx

Brink · Mar 29, 2022

Inadvertently Disclosed Digital Certificates Could Allow Spoofing

Microsoft is publishing this advisory to notify customers of two inadvertently disclosed digital certificates that could be used to spoof content and to provide an update to the Certificate Trust List (CTL) to remove user-mode trust for the certificates. The disclosed root certificates were unrestricted and could be used to issue additional certificates for uses such as code signing and server authentication. More details are here: Certificate Management Vulnerability in Sennheiser HeadSetup and the CVE is here: CVE-2018-17612.

The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Customers who installed this software may be vulnerable, and should visit HeadSetup Update for an updated version of the HeadSetup & HeadSetup Pro software.

As a precaution, Microsoft has updated the Certificate Trust List to remove user-mode trust for these certificates. Customers who have not installed Sennheiser HeadSetup software have no action to take to be protected. Customers who have installed Sennheiser HeadSetup software should update that software via the links above.

Security Updates

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see the Microsoft Support Lifecycle.

[table][tr]Product Platform Article Download Impact Severity Supersedence [/tr] [tr][td]Windows 10 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1607 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1607 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1703 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1703 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for 64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 7 for 32-bit Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 7 for x64-based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 8.1 for 32-bit systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 8.1 for x64-based systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows RT 8.1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for 32-bit Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for Itanium-Based Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for x64-based Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for x64-based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 R2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 R2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2016[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2016 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2019[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2019 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server, version 1709 (Server Core Installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server, version 1803 (Server Core Installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [/table]

Mitigations

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

Acknowledgements

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.

See acknowledgements for more information.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

[table][tr]Version Date Description [/tr] [tr][td]1.0[/td] [td]11/27/2018[/td] [td]Information published.[/td] [/tr] [/table]
Click to expand...

Source: https://portal.msrc.microsoft.com/en...sory/ADV180029

Brink · Mar 29, 2022

Inadvertently Disclosed Digital Certificates Could Allow Spoofing

Microsoft is publishing this advisory to notify customers of two inadvertently disclosed digital certificates that could be used to spoof content and to provide an update to the Certificate Trust List (CTL) to remove user-mode trust for the certificates. The disclosed root certificates were unrestricted and could be used to issue additional certificates for uses such as code signing and server authentication. More details are here: Certificate Management Vulnerability in Sennheiser HeadSetup and the CVE is here: CVE-2018-17612.

The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Customers who installed this software may be vulnerable, and should visit HeadSetup Update for an updated version of the HeadSetup & HeadSetup Pro software.

As a precaution, Microsoft has updated the Certificate Trust List to remove user-mode trust for these certificates. Customers who have not installed Sennheiser HeadSetup software have no action to take to be protected. Customers who have installed Sennheiser HeadSetup software should update that software via the links above.

Security Updates

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see the Microsoft Support Lifecycle.

[table][tr]Product Platform Article Download Impact Severity Supersedence [/tr] [tr][td]Windows 10 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1607 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1607 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1703 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1703 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for 64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1709 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1803 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for 32-bit Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for ARM64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 10 Version 1809 for x64-based Systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 7 for 32-bit Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 7 for x64-based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 8.1 for 32-bit systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows 8.1 for x64-based systems[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows RT 8.1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for 32-bit Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for Itanium-Based Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for x64-based Systems Service Pack 2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for x64-based Systems Service Pack 1[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 R2[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2012 R2 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2016[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2016 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2019[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server 2019 (Server Core installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server, version 1709 (Server Core Installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [tr][td]Windows Server, version 1803 (Server Core Installation)[/td] [td][/td] [td][/td] [td][/td] [td]Spoofing[/td] [td]Moderate[/td] [td][/td] [/tr] [/table]

Mitigations

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

Acknowledgements

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.

See acknowledgements for more information.

Disclaimer

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

[table][tr]Version Date Description [/tr] [tr][td]1.0[/td] [td]11/27/2018[/td] [td]Information published.[/td] [/tr] [/table]
Click to expand...

Source: https://portal.msrc.microsoft.com/en...sory/ADV180029

Windows 10: Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040 - Similar Threads - Microsoft Improperly Issued

Microsoft Spoof Phishing?

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability KB3123040

Digital signing certificate

CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability Security Vulnerability Published:...

CVE-2019-1460 - Outlook for Android Spoofing Vulnerability

digital certificate not showing

CVE-2019-1105 - Outlook for Android Spoofing Vulnerability

Inadvertently Disclosed Digital Certificates Could Allow Spoofing