This list of trusted entities (called subjects) is called a certificate trust list (CTL).
For more information, please see the MSDN article, Certificate Trust Verification. An attacker could use these certificates to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against the following web properties: What is a man-in-the-middle attack?
For more information about these certificates, see the Frequently Asked Questions section of this advisory. Please see the Suggested Actions section of this advisory for instructions on applying an update for specific releases of Microsoft Windows. The purpose of this advisory is to notify customers that MCS Holdings improperly issued SSL certificates for multiple sites including Google web properties.
These SSL certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against web properties.
Does this update address any other digital certificates?
Yes, in addition to addressing the certificates described in this advisory, this update is cumulative and includes digital certificates described in previous advisories: What is cryptography?
If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.
You might, however, see a message telling you that a certificate is expired or invalid.So, each recipient of a signed message decides if the issuer of the signer's certificate is trustworthy.Crypto API has implemented a methodology to allow application developers to create applications that automatically verify certificates against a predefined list of trusted certificates or roots.In those cases you should follow the instructions in the message. Certification authorities are the organizations that issue certificates.They establish and verify the authenticity of public keys that belong to people or other certification authorities, and they verify the identity of a person or organization that asks for a certificate. A trust must exist between the recipient of a signed message and the signer of the message.
Search for updating ctl:
The subordinate CA may also have been used to issue certificates for other, currently unknown sites, which could be subject to similar attacks. The issue was caused by MCS Holdings, a subordinate CA, improperly issuing domain certificates to entities other than their owners.