Microsoft: private keys leaked

[Underseer]

https://www.zdnet.com/article/micro...ot-certificates-then-leaked-the-private-keys/

Whoops.

Microsoft has issued a security advisory today warning that two applications accidentally installed two root certificates on users' computers, and then leaked the private keys for all.

MORE SECURITY NEWS
Best Cyber Monday 2018 deals: Business Bargain Hunter's top picks
UK gov't seizes documents Facebook wanted to keep private in Cambridge Analytica battle
New Linux crypto-miner steals your root password and disables your antivirus
Amazon leaks users' email addresses due to 'technical error'

The software developer's mistake means that malicious third-parties can extract the private keys from the two applications and use them to issue forged certificates to spoof legitimate websites and software publishers for years to come.

So it looks like certificates for software and web sites will be less useful for some years.

On a side note: if the European stereotype of Germans were true, this would never have happened.