"In response, we updated Chrome's certificate revocation metadata immediately to block that intermediate CA, and then alerted ANSSI and other browser vendors. Our actions addressed the immediate problem for our users"
According to the, the inspection of SSL traffic on their own networks can help organizations prevent data leaks or discover malicious connections initiated by malware.
It could be a critical threat if one such signed certificate was ever fall into the wrong hands. Microsoft warned that, "An attacker could use these certificates to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against a large number of Google-owned domains, including google.com and youtube.com."
NSA is also alleged to have used man-in-the-middle attacks through unauthorized certificates against Google in the past. Google said, "We're now working to bring this extra protection to more users who are not signed in."