locked
Twitter RRS feed

  • Question

  • Why does EMET give me constant pop up warnings about Twitter.com or analytics.twitter.com when I have never used twitter?
    Tuesday, May 13, 2014 7:23 PM

All replies

  • I see these also.  I notice there is a Tweet button on the page. Maybe someone can confirm this guess but I would gather that in the certificate chain, there is one that has been revoked and someone has a sight referencing the revoked certificate.   Another possibility is the analytics.twitter.com is a represented by a self-signed certificate.

    R, J

    Wednesday, May 14, 2014 10:26 AM
  • The Certificate Trust Pinning rules are not dynamically updated. Some certificates have been renewed (due to the OpenSSL bug) or have expired like those from the YahooCA. Normally the certificate trust pinning rule will expire before the certificate expires as happened with the YahooCA. When a certificate is revoked the certificate trust pinning rule is not expired and the certificates hash in the rule do not match the hash of the new certificates....

    To solve this problem Microsoft has released a update 1 for EMET 4.1 with some improvements and a new set of certificate trust pinning rules. For more information browse to Continuing with Our Community Driven, Customer Focused Approach for EMET. If you don't want to update to EMET 4.1 update 1 there is also a update available for EMET Certificate Trust default rules in the form a Microsoft Fix it 51012

    Regards,


    W. Spu

    • Proposed as answer by W. Spu Friday, May 30, 2014 4:26 PM
    Wednesday, May 14, 2014 1:42 PM