New Versions of Chrome and Firefox Disable DigiNotar Root

Mozilla has released version 6.01 of its Firefox browser, which now removes the compromised DigiNotar root certificate from the list of trusted roots. The move comes just two days after security researchers discovered that the Dutch company had issued a valid wildcard certificate for Google to an unknown third party.

Mozilla has released version 6.01 of its Firefox browser, which now removes the compromised DigiNotar root certificate from the list of trusted roots. The move comes just two days after security researchers discovered that the Dutch company had issued a valid wildcard certificate for Google to an unknown third party.

Within hours of the discovery, Mozilla officials released a statement saying that they planned to push an update for Firefox soon that would remove DigiNotar from Firefox’s trusted root certificate list. On Tuesday, Google released a new version of Chrome that disables DigiNotar trust in the browser. Microsoft also has removed DigiNotar from the list of trusted roots that Internet Explorer uses.

“Users on a compromised network could be directed to sites using a
fraudulent certificate and mistake them for the legitimate sites. This
could deceive them into revealing personal information such as usernames
and passwords. It may also deceive users into downloading malware if
they believe it’s coming from a trusted site. We have received reports
of these certificates being used in the wild,” Mozilla security  officials said in a blog post on Monday.

Firefox users who have automatic updates enabled should get the new version of the browser soon. To download it manually, click on the Firefox button, then Help, then About Firefox and click on Check for Updates. Users who can’t or don’t want to upgrade right away can remove the DigiNotar root from their browsers by clicking on Options, then Advanced, then Encryption and then selecting the View
Certificates option. Then scroll down to the DigiNotar root CA, click on
it and then click on Delete or Distrust.

In addition to disabling trust for the DigiNotar root, Google also has blacklisted in Chromium nearly 250 certificates issued by the company.

Suggested articles

Discussion

  • Anonymous on

    I'm scared everytime I heard the news about new release which means at least one of my add-on will out of work.

    What a painful experience. It's not I want from firefox.

    Sorry, I have switched to Avant browser, not famous but stable (both in working and release)

     

  • Anonymous on

    This is not a Firefox issue; this is a problem with DigiNotar not performing proper due diligence. Good luck with Avant, but since it relies on IE you will still need to install the (probably automatic) update revoking the DigiNotar root certificate.

  • Anonymous on

    hi! i live in iran and have found evidence of described hack(comparing  IP in detail section at gmail!!) when i want login to yahoo mail (as Https) and enter mail.yahoo.com,after that there will apper a message :"welcome to nginx!!!"

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.