CNet reports: "Two digital certificates have been mistakenly issued in Microsoft's name that could
be used by virus writers to fool people into running harmful programs, the software giant
According to Microsoft, someone posing as a Microsoft employee tricked VeriSign, which hands
out so-called digital signatures, into issuing the two certificates in the software giant's name on
Jan. 30 and Jan. 31.
Such certificates are critical for businesses and consumers who download patches, updates and
other pieces of software from the Internet, because they verify that the software is being supplied from a particular company, such as Microsoft."