DigiNotar is a certification authority that is a member of the Trusted Root Certification Authorities Store. Last week, Dutch authorities and others revealed that of more than 500 SSL certificates in July, including several that could attempt to impersonate Microsoft's update services.

BACKGROUND:

"Based on our investigation, we've deemed all DigiNotar certificates to be untrustworthy and have moved them to the Untrusted Certificate Store," , director of trustworthy computing, on the Microsoft Response Center blog. "Additionally, we have extended our support with this update so all customers using Windows XP, Windows 2003, and all Windows supported third-party are protected."

With 500 spoofed certificates "pwn'd" by the bad guys, Microsoft wasn't the only vendor affected. Last week the TOR Project site, also affected, released a list of all the affected websites in a , and all of the CAs it found to be hosting the hacked certificates. DigiNotar released fake certificates that affected websites and services from Google, Skype, the CIA, Yahoo, , TOR, Facebook, WordPress, Windows Live, Mozilla and a number of others.

Microsoft, Google and Mozilla all acted quickly to revoke the spoofed certificates so their browsers would reject them. On Sunday, Microsoft that the spoofed Microsoft Update certificates could not be used to install malware through Windows Update.