SSL Man-in-the-middle (MITM) Attacks Using DigiNotar CA Certificate (*.google.com)To Target Users

Google Online Security blog informed "attempted SSL man-in-the-middle (MITM) attacks against Google users," whereby someone tried to get between them and encrypted Google services.Heather Adkins, Information Security Manager said that the "people affected were primarily located in Iran. The attacker used a fraudulent SSL certificate issued by DigiNotar, a root certificate authority that should not […]

Google Online Security blog informed "attempted SSL man-in-the-middle (MITM) attacks against Google users," whereby someone tried to get between them and encrypted Google services.

Heather Adkins, Information Security Manager said that the "people affected were primarily located in Iran. The attacker used a fraudulent SSL certificate issued by DigiNotar, a root certificate authority that should not issue certificates for Google (and has since revoked it)."

"Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate," he said.

Adkins informed that to further "protect the safety and privacy of our users, we plan to disable the DigiNotar certificate authority in Chrome while investigations continue."

And, "we recommend that users, especially those in Iran, keep their web browsers and operating systems up to date and pay attention to web browser security warnings."

Mozilla also acknowledged the issue in a blog post and moved quickly to protect its users. According to Mozilla:

"Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it's coming from a trusted site. We have received reports of these certificates being used in the wild."

"Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates."

Users can also manually disable the DigiNotar root through the Firefox preferences (see step below):

  1. At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP) and then click Options.
  2. Click on the Advanced panel
  3. Select the Encryption tab
  4. Click View Certificates
  5. In the Certificate Manager window, select the Authorities tab
  6. Scroll down to DigiNotar and select the DigiNotar Root CA
  7. Click Delete or Distrust...
  8. Click OK to confirm the deletion

Update:

Microsoft's Security Response Center issued a Security Advisory 2607712, to address at least one fraudulent digital certificate issued by DigiNotar, a root certificate authority.

In a blog post MSRC said that "We continue to work with the certificate authority to understand the scope of this issue, and have taken steps to further help protect customers by removing the DigiNotar root certificate from the list of trusted root certificates on Windows. Web sites with certificates issued by DigiNotar will no longer be trusted by Windows Vista and above. This protection is automatic and no customer action is required."

"Customers should continue to utilize Internet Explorer's Security Status bar located on the right side of the address bar to verify that the site being visited is valid and secure," the MSRC team suggested.

Update 1:

Microsoft just posted an update about the fraudulent DigiNotar digital certificates. According to Security Research & Defense blog, "All versions of Windows are affected by this attack. However, when a user initiates an HTTPS SSL connection via IE on Vista, Windows 7, or Windows Server 2008 and encounters a new root certificate, the Windows certificate chain verification software checks a list of valid root certificates, which is hosted on Windows Update." As of August 29th, this Certificate Trust List (CTL) on Microsoft Update has been revised to remove DigiNotar from the list of trusted Certificate Authorities so that any certificates issued by DigiNotar are no longer trusted for HTTPS conversations," informed Jonathan Ness, MSRC Engineering.

"XP and Windows Server 2003 don't have the same Microsoft Update check mechanism. Instead, these versions of Windows rely on a static list of trusted root certificate authorities. This list is updated through the non-security update "Update for Root Certificates (KB 931125)". DigiNotar wasn't initially included as a trusted root certificate in Windows XP, so if you've never installed this update, you are not vulnerable to any certificates issued by them.

However, any XP or Server 2003 system that installed this update as of Nov. 2008 or later would have DigiNotar added as a trusted root certificate. Administrators of these systems can follow the steps in the "What you can do to protect yourself" section below to take proactive actions to remove DigiNotar as a trusted root Certificate Authority until Microsoft releases an update that fully addresses this problem," informed Ness.

"Windows Phone devices are unaffected. No Windows Mobile devices have a DigiNotar certificate in the Trusted Root Certificate Store," added Ness.

The steps for both removing the DigiNotar root from the trusted root CA store and clearing the cache are listed below:

  1. Remove the DigiNotar Root from the trusted root CA store
    • Click Start, click Start Search, type mmc, and then press ENTER.
    • On the File menu, click Add/Remove Snap-in
    • Under Available snap-ins, click Certificates, and then click Add
    • Under This snap-in will always manage certificates for, click Computer account, and then click Next
    • Click Local computer, and click Finish
    • If you have no more snap-ins to add to the console, click OK
    • In the console tree, double-click Certificates
    • Double-click the Trusted Root Certification Authorities store and click on Certificates to view all certificates in the store
    • Select the two DigiNotar Root CA certificates. You can confirm the right certificates by checking their thumbprints which should be "c0 60 ed 44 cb d8 81 bd 0e f8 6c 0b a2 87 dd cf 81 67 47 8c" and "?43 d9 bc b5 68 e0 39 d0 73 a7 4a 71 d8 51 1f 74 76 08 9c c3"
    • Right-click the certificates and select Delete
      In step 3 of group policy instructions, choose the root CA in question here - DigiNotar Root CAs with thumbprints "c0 60 ed 44 cb d8 81 bd 0e f8 6c 0b a2 87 dd cf 81 67 47 8c" and "43 d9 bc b5 68 e0 39 d0 73 a7 4a 71 d8 51 1f 74 76 08 9c c3".
  2. Clear the cache to remove any older cached CTL. The simplest way to do so is to use "certutil -urlcache * delete".

Update 2: Added more information from Microsoft

Microsoft is continuing to investigate this issue. Based on preliminary investigation, Microsoft is providing an update for all supported releases of Microsoft Windows that revokes the trust of the following DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store:

  • DigiNotar Root CA
  • DigiNotar Root CA G2
  • DigiNotar PKIoverheid CA Overheid
  • DigiNotar PKIoverheid CA Organisatie - G2
  • DigiNotar PKIoverheid CA Overheid en Bedrijven

For supported releases of Microsoft Windows, typically no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically.

For more information, including how to manually install this update--read the audit report how bad the security was at the Dutch Certificate Authority Diginotar was embedded below in read only mode:

DigiNotar public report version 1

Download Patches: