Xbox Live private keys mistakenly disclosed, says Microsoft
Microsoft statement did not list the source of the leaks but the company said that the leaked keys have so far not been used in any cyber attack.
In the security advisory released Wednesday, Microsoft said it has invalidated the leaked certificate. “To help protect customers from potentially fraudulent use of the SSL/TLS digital certificate, the certificate has been deemed no longer valid and Microsoft is updating the Certificate Trust list (CTL) for all supported releases of Microsoft Windows to remove the trust of the certificate,” reads the advisory. The leaked digital certificate cannot be used to impersonate domains, create new certificates or sign code.
However the biggest concern is that the private keys could be used to mount a in a “man-in-the-middle” attack. Potential hacker could use the leaked Xbox Live private keys to gain access to a secure connection. “Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user,” Microsoft explained. A hacker could intercept messages sent between Microsoft and the Xbox Live user. Information or sensitive data could be stolen via this method.
Posted:
Related Forum: Xbox Forum
Source: http://www.techworm.net/2015/12/xbox-live-users-open-to-hack-as-microsoft-accidentally-leaks-private-keys.html
Related Articles
Comments
DanielPosted:
Index_Addict No idea this had even happened. I guess you could call it news to me
Yeah same for me i didnt have a clue this happened.
agapePosted:
Surprised they didn't send out an email to all of their users.. i wouldn't have seen or known about this unless i looked for it lol
DismissPosted:
DNT Im glad i picked the right console to play on all these years
That made me lol.
Remember when Sony got taken down for a month? Remember when Sony got hacked and thousands of people got their credit card details leaked? Yeah. You have no idea about consoles.
XgifPosted:
I'm just glad Microsoft informed people ahead of time so you can do the procedures on your end to secure your account and such as best as possible. I don't see this issue escalating as they've never had any sort of problem regarding account security that I can recall in my 8 years of playing Xbox Live.
JRMHPosted:
Good thing Microsoft actually knows how to clean it up though. Glad I picked the best console.
SakiPosted:
GT-RSakiFaux25 this is why ps4/sony and pc is better gg ms gg shows how protected their stuff is if hackers can access these types of stuff and no im not a fan boy i prefer all systems the same way as most people plus this is mo
lol
Valve has had a scamming and phishing issue for years now and Sony had like 3 major hackings that had customer credit cards and addresses leaked but some SSL certificates become compromised on MS's side and suddenly it's "gg ms"
I really hope you're being a troll.
You couldn't be more wrong. Well you can because every time I see you comment with your post purchase rationalization nonsense you show just how wrong you can be.
You're taking something I said on an article from weeks ago and bringing it here to prove a point? Really? I said absolutely nothing about "post purchase rationalization" nor did I say PC or PS was better than Xbox. I'm just bringing all 3 platforms issues to light. If you're denying the fact that Valve had issues with people phishing accounts or people getting scammed out of items then you're an even bigger fanboy than I thought.
Latest Downloads
- 01. Supermarket Simulator SaveGame (Quick start, 172 day, 65lvl)(0)
- 02. Caribbean Legend: SaveGame (before the start of the Dutch Gambit)(0)
- 03. Caribbean Legend: SaveGame (Passed the Secret Organization Gambit) [v1.0.0](0)
- 04. Jalopy: SaveGame (Pumped up LaikaGT)(0)
- 05. Assassin's Creed 3: Save Game (Game completed 8%, until Chapter 4)(3)
- 06. Supermarket Simulator: SaveGame (Quick start, 172 day, 65lvl)(0)
- 07. GoreBox: SaveGame (Ancient village of the Paleozoic era)(0)
- 08. Need for Speed: Most Wanted (2005) - SaveGame (0% career, 2 BMWs in the garage)(0)
- 09. [EU] CARX DRIFT RACING ONLINE - PROGRESS SAVE 6 SP DUO (CUSA15633)(5)
- 10. Fallout Shelter Modded Save PC(3)
- 11. Remember Me: SaveGame (The Game done 100%)(0)
- 12. The Long Drive: SaveGame (American pickup)(0)
- 13. Goemon's Great Adventure (US / NTSC) - Nintendo 64 Game Save(2)
- 14. The Long Drive: SaveGame (blue VW Beetle)(0)
- 15. Deadly Creatures | Complete Savegame(1)
Latest Tutorials
- 01. The Redress Of Mira 100% Walkthrough | Trophy & Achievement(532)
- 02. Russian Pinocchio Quick Trophy Guide(639)
- 03. Venatrix Quick Trophy & Achievement Guide(640)
- 04. Call of the Sea 100% Platinum Walkthrough(734)
- 05. Wire Lips 100% Platinum Walkthrough(728)
- 06. The Expanse 100% Platinum Walkthrough | Trophy & Achievement(689)
- 07. Doctor Who: The Edge of Reality - PS4 Platinum P/Thru(612)
- 08. Doctor Who:The Lonely Assassins - 100% Guide(554)
- 09. DAYMARE 1998 PS4 - Full game 100% TROPHY WALKTHROUGH(523)
- 10. Stray Platinum Walkthrough | Trophy & Achievement Guide(529)
- 11. Raji: An Ancient Epic | Complete Gameplay Walkthrough(688)
- 12. Corpse Killer: 25th Anniversary Edition - Longplay(701)
- 13. Song of Horror: Complete Edition Gameplay Walkthrough(447)
- 14. Remoteness 100% All Trophies Walkthrough(701)
- 15. Detective Inspector Mysterious Clues Platinum Walkthrough(591)
"Xbox Live private keys mistakenly disclosed, says Microsoft" :: Login/Create an Account :: 39 comments