I have a user where SSL sites suddenly started throwing up certificate errors.
One of the sites that was failing, I manually installed the root certificate from digicert website.
For systems running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 that are using the automatic updater of certificate trust lists (see Microsoft Knowledge Base Article 2677070 for details), customers do not need to take any action as these systems will be automatically protected. The purpose of this advisory is to notify customers that the private keys for several unconstrained digital certificates from Dell Inc. The unconstrained certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against Dell customers.
One of the certificates could be used to issue other certificates, impersonate other domains, or sign code. The issue was caused by the inadvertent disclosure of private key information for two cryptographic certificates from Dell Inc.
I suspect this problem only applies to Windows PC in a domain network environment.
The default domain policy doesn't allow user to install additional certificate to Trusted Root Certification Authorities, but the worst thing is if you tried Windows 7 will still say "Import Successfull" anyway.
Using Windows 7, I'm going to: However, the import is NOT successful.
In those cases you should follow the instructions in the message. Certification authorities are the organizations that issue certificates.
They establish and verify the authenticity of public keys that belong to people or other certification authorities, and they verify the identity of a person or organization that asks for a certificate. A trust must exist between the recipient of a signed message and the signer of the message.
This issue affects all supported releases of Microsoft Windows.
Microsoft is not currently aware of attacks related to this issue.