Windows Certificate Enrollment Control Vulnerability Patch (Windows XP 64-bit) 5.131.3659.0

• Quick specs
• Price: Free
• Operating system: Windows XP
• Date added: September 17, 2002
• Total Downloads: 6,050
• Downloads last week: 1
• See full specifications

Add to my list Add to my Watch List

Download Now (534.35K)

Tested spyware free

Publisher's description

All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow Web-based certificate enrollments. The control contains a flaw that could enable a Web page, through an extremely complex process, to invoke the control in a way that would delete certificates on a user?s system. An attacker who successfully exploited the vulnerability could corrupt trusted root certificates, EFS encryption certificates, e-mail signing certificates, and any other certificates on the system, thereby preventing the user from using these features.

A new version of the control is available that corrects the vulnerability and can be installed via the patch. As discussed in the Caveats section, customers who operate Web sites that use the Certificate Enrollment Control will need to make minor revisions to their Web applications in order to use the new control. Microsoft Knowledge Base article Q323172 details how to do this. In addition, the patch addresses a similar, but less serious vulnerability discovered in the SmartCard Enrollment control. This control ships with Windows 2000 and Windows XP. A new version of this control is also provided.

Real Player SP

Watch your favorite videos on your favorite devices.

Download Now

More popular Encryption Software downloads

1. 52,623 downloads 1. RoboForm
2. 27,875 downloads 2. Hotspot Shield
3. 26,862 downloads 3. Computer Use Reporter
4. 8,814 downloads 4. Easy File Encryption
5. 8,095 downloads 5. Easy Private Disk
6. See all Encryption Software downloads