Forged certificates for Google were found in the wild, signed by a certificate that’s present in (only) the Microsoft Root Store.