Symantec Security Threatcon Status for Today

The ThreatCon is currently at Level 1: Normal.

The ThreatCon is currently at level 1. As a result of new information made available regarding the security breach at DigiNotar, Microsoft has decided to remove trust from all DigiNotar signed certificates from its operating systems. The patch has been issued immediately instead of during Microsoft?s regular patch cycle.

The breach at DigiNotar is larger than originally thought. Information security auditors Fox-IT, who were hired by DigiNotar to perform a third-party analysis on the breach, have released a preliminary report. The report indicates that a total of 531 fraudulent certificates were issued. Furthermore, systems belonging to PKIoverheid have also been breached. PKIoverheid is a certificate authority controlled by DigiNotar that issued certificates for the Dutch government.

Microsoft advisory
http://www.microsoft.com/technet/security/advisory/2607712.mspx

Microsoft blog
http://blogs.technet.com/b/srd/archive/2011/09/04/protecting-yourself-from-attacks-that-leverage-fraudulent-diginotar-digital-certificates.aspx

Prelinary Fox-IT report
http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2011/09/05/diginotar-public-report-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf