All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow Web-based certificate enrollments. The control contains a flaw that could enable a Web page, through an extremely complex process, to invoke the control in a way that would delete certificates on a user?s system. An attacker who successfully exploited the vulnerability could corrupt trusted root certificates, EFS encryption certificates, e-mail signing certificates, and any other certificates on the system, thereby preventing the user from using these features.
A new version of the control is available that corrects the vulnerability and can be installed via the patch. As discussed in the Caveats section, customers who operate Web sites that use the Certificate Enrollment Control will need to make minor revisions to their Web applications in order to use the new control. Microsoft Knowledge Base article Q323172 details how to do this. In addition, the patch addresses a similar, but less serious vulnerability discovered in the SmartCard Enrollment control. This control ships with Windows 2000 and Windows XP. A new version of this control is also provided.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Microsoft Point of Service for .NET v1.11 Microsoft Point of Service (POS) for .NET is a class library that is part of Microsoft Windows Embedded for Point of Service. The class library provides .NET applications with a simple and consistent interface for communicating with Point of Service (POS).
Microsoft CRM 3.0 Upgrade Advisor Wizard The Microsoft CRM 3.0 Upgrade Advisor is a diagnostic tool that you can use to determine if your Microsoft CRM 1.2 installation can be upgraded to Microsoft CRM 3.0. This tool generates a report that indicates whether your Microsoft CRM 1.2 implementation
Security Update for Excel 2000 (KB936511) A security vulnerability exists in Microsoft Excel 2000 that could allow remote code execution. This update resolves that vulnerability. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on
Security Update for PowerPoint 2002 (KB905758) A security vulnerability exists in Microsoft PowerPoint 2002 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability. This version is the first release on CNET Download.com.What is new in this rele
Facilities Management Web Browser for Visio Facilities Management Web Browser for Visio is a preview version of the Microsoft Visio Facilities Management (FM) Web Browser application. You can use the FM Web Browser to publish facilities drawings and related information on your intranet for fast and
Microsoft Office Live Code Sample: Time Card Microsoft Office Live Code Sample: Time Card installs the Time Card sample code for Microsoft Office Live which is designed to track and record time spent on tasks included in an Office Live Project Manager application. With Microsoft Office Live Code Samp
HealthVault for Windows 8 HealthVault for Windows helps you take control of your health and keep your most important health information at your fingertips. Set health goals, track progress, and discover trends. It features track progress towards your health goals, manage your weigh
Microsoft Exchange Server 2003 Migration Wizard for Lotus Notes The Microsoft Exchange Server 2003 Migration Wizard for Lotus Notes supports the migration of Lotus Domino R5 and R6 mailboxes and associated Domino directory information to Microsoft Exchange Server 2003 and Windows Server 2003 Active Directory. This tool
TextCrypt TextCrypt is a cross-platform security product that allows the user to encrypt messages and protect their privacy. No matter what operating system you choose, TextCrypt keeps your information safe and secure. TextCrypt uses the industry standard Rijndael
Roadkil's Cipher Text Roadkil's Cipher Text encrypts plain text so you can send it to other people without worrying about 3rd parties reading it. Data is encrypted using a password provided by you and unless you have the password it cannot be recovered.
Desktop USB Security Key This application installs to any USB thumb drive and adds extra security when the user is away from their PC or laptop. First, take out the USB Drive and the PC will go into locked windows mode and also lock the keyboard. Upon return to PC or laptop, inser
SFV Ninja SFV Ninja is a checksum calculator which can create and compare checksums. It supports MD5, SHA-1 and SHA-256 formats. It has two verification modes. The first will verify all files in the list like any typical SFV application. The second mode will only ve
StealthNetWall From the developer: ""The StealthNetWall(TM) firewall is a true IP Packet filter. It will prevent PINGS and Trace Routes to your computer. It is simple to install, and there is no complicated configuration needed to protect you from the hackers on the In
Real Password Protector 2005 Real Password Protector 2005 password anti-peeking program provides every computer with strong protection against most types of keylogging programs (software keyloggers), both known and unknown, currently in use or being developed at the present moment. It
HTML-Protector 2005 Protect your site from thieves. Hide your PayPal links. Encrypt e-mail links and stop spam. Lock pages in your site. Automatically break your pages out of frames. Password protect any page.
The brand new HTML-Protector 2004 software will completely sec
KDT Password Protect Files Instantly secure your PC by password-protecting important files and directories with KDT Soft Password Protect Files. With a neat, easy-to-understand interface, this small software application enables users to protect both individual files and directories
My MSN Password Recovery My MSN Password Recovery is the program to recover MSN Messenger passwords. The program supports all versions of the MSN Messenger. My MSN Password Recovery lets you recover your MSN Messenger password that has been saved to auto-login to your MSN Messenge
VB AntiCrack VB AntiCrack is used to make it more difficult to crack your programs written in Visual Basic 6.0. Most crackers will not be able to crack your program because they will not find a single text strings in your EXE file, which will make searching for the cod
Supported Operating Systems:
Windows XP |
Comments on :
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10