Features
-
License:
Free
-
Editor's Rating:
Not rated
- Average User Rating:
-
Downloads:
6,023
- Operating Systems:
Windows XP
- Additional Requirements:
Windows XP
- Limitations:
No limitations
- Date Added:
September 17, 2002
Publisher's description of Windows Certificate Enrollment Control Vulnerability Patch (Windows XP 64-bit)
From Microsoft:All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow Web-based certificate enrollments. The control contains a flaw that could enable a Web page, through an extremely complex process, to invoke the control in a way that would delete certificates on a user?s system. An attacker who successfully exploited the vulnerability could corrupt trusted root certificates, EFS encryption certificates, e-mail signing certificates, and any other certificates on the system, thereby preventing the user from using these features.
A new version of the control is available that corrects the vulnerability and can be installed via the patch. As discussed in the Caveats section, customers who operate Web sites that use the Certificate Enrollment Control will need to make minor revisions to their Web applications in order to use the new control. Microsoft Knowledge Base article Q323172 details how to do this. In addition, the patch addresses a similar, but less serious vulnerability discovered in the SmartCard Enrollment control. This control ships with Windows 2000 and Windows XP. A new version of this control is also provided.
- See more CNET content tagged:
- Microsoft Corp.,
- Microsoft Windows,
- certificate,
- control,
- vulnerability
More popular Encryption Software downloads
- 58,873 downloads 1. RoboForm
- 10,761 downloads 2. SuperEncryptor
- 5,756 downloads 3. Folder Lock
- 2,546 downloads 4. Eraser
- 2,154 downloads 5. RAR Password Cracker
- See all Encryption Software downloads
User reviews
Write your own review Be the first one to review Windows Certificate Enrollment Control Vulnerability Patch (Windows XP 64-bit) 5.131.3659.0 and share your experience with the CNET community!
Submit your review
You must be 13 years of age or older to submit personal information to CNET Networks. In compliance with the Children's Online Privacy Protection Act of 1998, CNET Networks does not accept name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET Networks, Inc. (CNET) and may be used at CNET Networks' sole discretion. Ratings and written comments are generally posted within two to four business days in batch groups, not in real time. However, CNET Networks reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET Networks, are responsible for the contents of your submission.
CNET Networks is not responsible for the content of the publisher's descriptions or user reviews on this site. We encourage you to determine whether this product or your intended use is legal. We do not encourage or condone the use of any software in violation of applicable laws. CNET Download.com does not sell, resell, or license any of the products listed on the site. We cannot be held liable for issues that arise from the download or use of these products.
%20-%20Free%20software%20downloads%20and%20reviews%20-%20CNET%20Download.com&srcUrl=http://download.cnet.com/Windows-Certificate-Enrollment-Control-Vulnerability-Patch-Windows-XP-64-bit/3000-2092_4-10150465.html){kind=small}