

Win32/CompromisedCert - TazeTSchnitzel
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Program%3aWin32%2fCompromisedCert#tab=1

======
TazeTSchnitzel
Microsoft's AV products now detect and remove Superfish:
[https://twitter.com/marcwrogers/status/568804376577339392](https://twitter.com/marcwrogers/status/568804376577339392)

~~~
bauer
Thanks for the clarification. I was wondering if antivirus vendors would be
removing superfish. I'm also curious what the process would be for revoking
the root CA centrally. Is that something only the superfish vendor could do?
Would anyone knowledgeable about this care to enlighten me?

~~~
duskwuff
Revoking a certificate requires it to have been created with a functional CRL
/ OCSP configuration. This isn't the case here; there's no way to revoke the
CA short of uninstalling it from every machine it's present on.

------
golem_de
Does Microsoft also remove the Firefox and Chrome certificates?

