Scan your Windows Certificate Store for suspicious certificates

Following an event early this year – the Lenovo-Superfish incident, where malicious certificates were injected on to Windows Certificate Store, it became apparent that not everyone knew about this incident and so for those who may not have been aware of this, if you feel the need to scan your Root Certificates on your Windows 7/8/10, then there is a new tool called RCC (Root Certificate Check) that will help you scan your certificate store and root out any suspicious cert.

RCC is a Root Certificate scanner for Windows, that scans your Root Certificates stored by the Windows operating system as well as Mozilla Firefox browser. While most browsers including Internet Explorer, Google Chrome and Opera use the built-in Certificate Store, Fire uses its own Store.

Root Certificates are the primary level of certifications that tell a browser that the communication is genuine. If there is a problem identifying the certificate issuing authority or if the public key is expired or corrupt, you will see a message saying There is a problem with the website’s certificate.

Root Certificate Check RCC

To run the tool, download it from its home page, extract the contents of the zip file and click on the rcc.exe file. The program will start and initiate the scan. The tool checks the certificates against Microsoft Windows Root Certificates Program list of trusted certificates.

If it finds any suspect or changed certificates, it will be displayed in red color. You will have to review them and ensure that they indeed are rogue certificates.

The tool checks Windows OS and Firefox certificate stores currently – but future versions will scan the Java store too, says its developer.

comments powered by Disqus