You can't trust code signed by M$, says M$ (Score 1)

Lets not forget that you cannot trust code that comes from Microsoft, says Microsoft. (For that matter, you cannot trust Verisign either ... read the security bulletin) Microsoft Security Bulletin MS01-017 http:// www.microsoft.com/technet/security/bulletin/MS01-0 17.mspx Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard Originally posted: March 22, 2001 Updated: June 23, 2003 Summary Who should read this bulletin: All customers using Microsoft® products. Impact of vulnerability: Attacker could digitally sign code using the name "Microsoft Corporation". Recommendation: All customers should install the update discussed below. Affected Software: Microsoft Windows® 95 Microsoft Windows 98 Microsoft Windows Me Microsoft Windows NT® 4.0 Microsoft Windows 2000 Microsoft Windows XP Beta 2