Welcome to 2009, folks, where the threats just keep on comin’.

Security researchers say they have found a flaw in Windows that allows crooks to create fake digital certificates. These certificates are used to provide proof that you have a secure connection to a particular Web site.

The bug in the MD5 algorithm has been known for a long time. Microsoft downplayed the danger, however, saying the researchers have not released the attack code, and no actual attacks have been seen using this method.

A newer, more secure is often used today, employing the SHA-1 protocol. These are also called Extended Validation or certificates. When you visit a secure Web site with the latest Internet Explorer or Firefox browser, all or part of the address bar turns green.

Microsoft goes on to say that all the average user needs to do at the moment is keep his Windows updated with the latest patches. Of course, you should be doing this anyway.

Also, be careful when you go to a site that requests personal or sensitive information, such as your banking site. Look the site over carefully, and make sure it has not changed since your last visit.

If it has, be careful and suspicious. Look for the https://… address, the gold padlock, and the green-shaded address bar.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • YahooMyWeb
  • Google Bookmarks
  • Yahoo! Buzz
  • TwitThis
  • Live
  • LinkedIn
  • Pownce
  • MySpace