In the security advisory released Wednesday, Microsoft said it has invalidated the leaked certificate.
The leaked digital certificate cannot be used to impersonate domains, create new certificates or sign code.
However the biggest concern is that the private keys could be used to mount a in a man-in-the-middle attack.
Potential hacker could use the leaked Xbox Live private keys to gain access to a secure connection.
A hacker could intercept messages sent between Microsoft and the Xbox Live user.
Information or sensitive data could be stolen via this method.
An Xbox Live user could give up their password to a hacker via a MiTM attack,ZDNetreported.
Microsoft has recommended that you enable automatic update so that protect yourself.
source: www.techworm.net
