Microsoft Working On Patches For Fraudulent SSL Cerifificates on WP7March 25, 2011 1 Comment
Earlier this week Microsoft warned ofÂ fraudulent SSL cerifificates issued by certification authority Comodo. Since then the certificates have been revoked and Microsoft letÂ us in on which domains wereÂ affesÂ The SSL certificates can be used in a few ways to virtually attack the user including phishing scams. In turn this could be in fact WP7′s first Over the Air update as this is a security concern and should be a very small patch.
‘Microsoft is currently working on a Windows Phone 7 update to address the issue on its latest range of smartphones. The company confirmed to WinRumors that mobile devices, applications and servers accessing websites affected by the nine fraudulent certificates are potentially impacted. â€œFraudulent digital certificates are not a Microsoft security vulnerabilityâ€ explained Microsoft Trustworthy Computing manager Bruce Cowper. â€œWe have been working to develop a mitigation update for Windows Phones,â€ added Cowper. Microsoft has not provided a specific time-line for the update saying it will provide â€œadditional guidance as it comes available.â€’
It’s good to hear that Microsoft is already working on a patch. Hopefully bigger updates will get the same treatment in the future.