Microsoft has not said exactly what the now-untrusted certificates were used for, but company officials said there were a total of 28 certificates affected by the move. Many of the affected certificates are listed simply as “Microsoft Online Svcs”. However, the company said that it was confident that none of them had been compromised or used maliciously. The move to revoke trust in these certificates is a direct result of the investigation into the Flame malware and how the attackers were able to forge a Microsoft certificate and then use it to impersonate a Windows Update server.

via Microsoft Revokes Trust in 28 of Its Own Certificates | threatpost.