It appears that recently an attacker or a group of attackers gained access to the certificate management infrastructure of the Dutch Certificate Authority (CA) ‘DigiNotar’. The attacker issued several certificates for high profile sites. These certificates can be used to intercept information on communication paths that are usually trusted for their integrity and authenticity. It is highly advised to install all available browser and operating system updates and to remove the compromised DigiNotar CA certificate.
Who is affected?
All systems using SSL/TLS and having DigiNotar Root CA installed.
Prerequisite for a successful attack
A man-in-the-middle situation must be created to successfully exploit the situation. This can be achieved by getting control over the local machine, the local network, the transient network to the destination or the domain name service.
All system components dealing with SSL/TLS should be updated as soon as possible. Operating system vendors and browser vendors started updating their products. If you really want to be on the safe side, remove the DigiNotar CA certificate from your certificate store.
The attacker claimed to have access to other Certification Authorities. We currently expect to receive more information in the future. Please check back to this website regularly.
If you have a question, issue or suspicion regarding this or other security topics, don’t hesitate to contact us.