Security 10816 Published by

Computerworld reports that the hacker who calls himself "Comodohacker" said this week that he could have used digital certificates stolen from a Dutch firm to issue fake updates to Windows PCs.



Comodohacker, who claims to be a 21-year-old Iranian, has taken credit for several attacks against certificate authorities, or CAs, the organizations and companies authorized to issue SSL (secure socket layer) certificates. In two of those attacks -- of Comodo in March and more recently of DigiNotar -- certificates were fraudulently generated.

Among the 531 certificates stolen in the hack of Dutch-based DigiNotar were several that could be used to impersonate Microsoft's update services.
  Hacker claims he can exploit Windows Update