On Tuesday, Microsoft issued an out-of-band security advisory warning of a problem with some digital certificates that were improperly issued from the MSC Holdings Certification Authority. This could affect users of all currently supported Windows operating systems, along with all other major operating systems.
The bad news is that these certificates could be used for a variety of nefarious purposes, including the spoofing of content. An attacker could also use one of these spoofed certificates to implement a phishing attack or a man-in-the-middle (MITM) attack. The good news is that the certificates can’t be used to sign code nor to issue other certificates.
So how did this happen and why are Windows users affected? The MCS Holdings CA issued SSL/TLS website certificates to some entities that are not the owners of those sites identified in the certificates. MCS apparently stored the private key in a proxy that was given the same authority as a public CA, something that is a violation of secure CA practices.
Some of those sites for which certificates were issued are Google sites, and certificates might also have been issued to additional sites (not known at this time). The affected sites include the following: google.com, google.com.eg, g.doubleclick.net, gstatic.com, www.google.com, www.gmail.com and .googleapis.com. An attacker could use the certificates to spoof the content of any of these sites or to attack the sites using MITM methods by intercepting traffic sent between users and the spoofed web site. There would be no warning dialog box and the impersonation would be undetectable by users.
The MCS Holdings CA is an Egypt-based certification authority that is subordinate to the China Internet Information Center (CNNIC). That’s where the problem comes in: CNNIC’s root certificate is in the root certificate store in Windows and other OSes. All major web browsers trust the root certificate; however, certificate pinning can prevent some browsers from accepting the Google site certificates. Certificate pinning (a.k.a. SSL pinning) checks the web site’s certificate against a stored copy of the validation information and if they don’t match, rejects the certificate. Chrome contains validation data for the google.com certificate and so Chrome browsers rejected the improper certificate.
The CNNIC root certificate is just one out of many that are trusted by the major operating systems. A CA that is subordinate to any of those root CAs can be compromised in this way and issue certificates that will then be trusted and can put unsuspecting users at risk.
Google blocked the MCS Holdings certificate in Chrome, and Mozilla announced they would revoke the intermediate MCS Holdings certificate in Firefox v37. Microsoft is updating the Certificate Trust List (CTL) in the Windows operating systems’ root certificate stores. Most Windows client and server operating systems are using the automatic updater of revoked certificates, which is included in Windows 8/8.1, RT/RT 8.1, Server 2012/2012 R2 and Windows Phone 8 and 8.1. If you’re running Vista, Windows 7, or Server 2008/2008 R2, you can install the automatic updater of revoked certificates, which is available for download on Microsoft’s Support web site. Those who are using the automatic updater don’t need to take any further action. The CTL will be automatically updated.
For more information, including instructions on how to verify that the CTL has been updated, see Microsoft Security Advisory 3050995.