Emet is freaking out a bit on various Facebook “like” pages tonight. 

Which reminds me I need to update to EMET 4.5 on this computer.

 

..and the answer is

EMET 4 “EMET detected that the SSL certificate for “*.facebook.com” is not trusted…”:
http://social.technet.microsoft.com/Forums/en-US/bd051940-fd66-4211-a576-42111ae00db5/emet-4-emet-detected-that-the-ssl-certificate-for-facebookcom-is-not-trusted?forum=emet

Update from 4.0 to 4.1

or

(unconfirmed) adjust the rules as proposed by Tekmark here http://social.technet.microsoft.com/Forums/security/en-US/home?forum=emet

“The message is about the new Configure Certificate Trust – the FacebookCA rule is set to expire on 12/30/2013.

If you open up EMET 4.0, click on TRUST ( CONFIGURE CERTIFICATE TRUST) –> Click on the Pinning Rules Tab –> Under Rule Expiration for FacebookCA  you can change the rule to expire next month or later and the message will go away.  You can set it to when the YahooCA rule will expire on 3/13/2014 if you like and you won’t receive the message anymore. 

Not sure if the default template rules will be updated automatically or if they need to be manually updated. The Certificate stuff is all new to Emet 4.0 and I have yet to read up on all the configuration settings, etc.

You might not be on facebook but many websites incorporate facebook logins and like buttons on them, thus is why you see the EMET message since the default template rule for FacebookCA expired today.”

 

3 Responses to EMET detected that the SSL certificate for "*.facebook.com"

  1. Hi Susan, I think you mean update to EMET 4.1 not 4.5
    Net has a new 4.5, EMET latest version is 4.1 as far as I know

  2. Facebook Sux says:

    I too have been getting this warning but here’s the twist. I don’t have a Facebook account and this popup appears on sites that don’t have any visible links to FB and don’t show any indications of javascript or trackers as listed by NoScript or Ghostery

    My meager understandings (and paranoia) of things interweb related makes me think that some sites, knowingly or not, have some of connectivity with FB and probably our good friends at certain governmental agencies.

    If anyone can shed some light on this I would sincerely appreciate it.

    And people wonder why I loathe FB

  3. bradley says:

    They have social links on their pages.