The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to Chrome end users that exceeds the risk of their continued inclusion.

Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner.

When will this action happen?

Blocking action will begin on approximately November 1, 2024, affecting certificates issued at that point or later.

Blocking action will occur in Versions of Chrome 127 and greater on Windows, macOS, ChromeOS, Android, and Linux. Apple policies prevent the Chrome Certificate Verifier and corresponding Chrome Root Store from being used on Chrome for iOS.

What is the user impact of this action?

By default, Chrome users in the above populations who navigate to a website serving a certificate issued by Entrust or AffirmTrust after October 31, 2024 will see a full page interstitial similar to this one.

Certificates issued by other CAs are not impacted by this action.
How can a website operator tell if their website is affected?

Website operators can determine if they are affected by this issue by using the Chrome Certificate Viewer.

I use Entrust certificates for my internal enterprise network, do I need to do anything?

Beginning in Chrome 127, enterprises can override Chrome Root Store constraints like those described for Entrust in this blog post by installing the corresponding root CA certificate as a locally-trusted root on the platform Chrome is running (e.g., installed in the Microsoft Certificate Store as a Trusted Root CA).

Noteworthy stories that might have slipped under the radar: Korean ISP delivers malware to customers, Temu sued for allegedly spying on users, Microsoft patches a critical Dataverse vulnerability.

https://www.securityweek.com/in-other-news-malware-delivered-by-isp-temu-spying-critical-dataverse-vulnerability/

South Korean ISP delivered malware to 600,000 users

South Korean ISP KT has been accused of delivering malware to 600,000 customers in an attempt to interfere with BitTorrent traffic. The company was likely trying to ease the burden placed by torrent traffic on its network and save costs.

Chinese shopping app Temu allegedly used for spying

The company behind the Chinese shopping app Temu has been sued by the Arkansas Attorney General. The lawsuit, which describes the application as ‘dangerous malware’, claims Temu can collect a lot of data from the devices it’s installed on, and points to the risks of providing information to a Chinese company. In response, Temu denied the accusations and said the lawsuit is based on inaccurate information. The company will defend itself against the claims.

South Korean ISP ‘Infected’ Torrenting Subscribers with Malware
https://torrentfreak.com/south-korean-isp-infected-torrenting-subscribers-with-malware-240625/

News reports from South Korea, reveal that Internet provider KT actively installed malware on the computers of over half a million subscribers. The malware was intended to interfere with BitTorrent traffic, presumably as a network management solution. A police investigation suggests that cost savings likely played a role too, which is not surprising given local file-sharing habits.

Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread as the victim pool widens.
https://www.securityweek.com/microsoft-alerts-more-customers-to-email-theft-in-expanding-midnight-blizzard-hack/

0patch, a service that provides micro security patches without disruptions, announced today that it plans to offer security patches for Windows 10 for at least five years after its official end of life, giving customers a chance to stick to their current devices without significant security compromises. In fact, analysts predict that the end of Windows 10 will trigger a wave of PC upgrades.