Xbox Live certificate keys exposed according to Microsoft
A lot of Xbox customers shill out the extra money for a Live account to improve the gaming experience. With the vast amount of Xbox consoles out there, that is quite a few customers. Now Microsoft is acknowledging that the keys for some of those faithful users have been exposed.
Before you panic, this doesn't necessarily mean you've been hacked, but the possibility is there. In a new security bulletin the company claims that the SSL/TLS digital certificate keys for xboxlive.com were exposed and that this could be used by hackers for man-in-the-middle attacks.
While the issue affects all supported versions of Windows, Microsoft claims it is unaware of any actual attacks. The software giant has taken action to ensure nothing bad happens.
"To help protect customers from potentially fraudulent use of the SSL/TLS digital certificate, the certificate has been deemed no longer valid and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of the certificate", the bulletin reads.
Microsoft has issued an update which covers "Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows 10 Version 1511, and for devices running Windows Phone 8, Windows Phone 8.1, and Windows 10 Mobile".
For now customers don't need to panic or do anything particular to protect themselves. All of the above listed systems will be protected automatically.