No Image

3123479 – Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program – Version: 1.0

2016-01-12 KENNETH 0

Revision Note: V1.0 (January 12, 2016): Advisory published.Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing as of January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. Source: ms-security

No Image

MS16-006 – Critical: Security Update for Silverlight to Address Remote Code Execution (3126036) – Version: 1.0

2016-01-12 KENNETH 0

Severity Rating: CriticalRevision Note: V1.0 (January 12, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application. An attacker would have no way to force users to visit a compromised website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email or instant message that takes users to the attacker’s website. Source: ms-security