Updating service pack 2
This issue affects all supported releases of Microsoft Windows.
In those cases you should follow the instructions in the message. Certification authorities are the organizations that issue certificates.
For these operating systems or devices, customers do not need to take any action, because the CTL will be updated automatically.
For systems running Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 that are using the automatic updater of revoked certificates (see Microsoft Knowledge Base Article 2677070 for details), customers do not need to take any action, because these systems will be automatically protected.
For more information, please see the MSDN article, Certificate Trust Verification. An attacker could use these certificates to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against the following web properties: What is a man-in-the-middle attack?
A man-in-the-middle attack occurs when an attacker reroutes communication between two users through the attacker’s computer without the knowledge of the two communicating users.