Articles
Blogs
Kits
Forums
LeeIt has been nine weeks since a hacker showed how to spoof authentication certificates on almost any site but Microsoft still have not patched the problem.
“There are thousands of products on Windows right now that are still vulnerable to this SSL attack, and if someone were to publicly publish a targeted null prefix certificate, they’d be in trouble. Basically, everything that runs on Windows would be vulnerable with that one certificate,” said a white-hat hacker.
A company spokesman wrote to The Register which read, “Microsoft is investigating a possible vulnerability in Windows presented during Black Hat.”
Source: The Register
That is what I find so annoying about Microsoft. If this was for instance a WordPress flaw that became apparent it would have been resolved in double quick time.