Security Home > Windows 95, 98 & ME

Flaw in Certificate Enrollment Control New

A security vulnerability exists in the ActiveX Certificate Enrollment Control which is included in all versions of Windows. A remote attacker could exploit the flaw to corrupt and modify certificates on the users system.

Issue

All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow web-based certificate enrollments. The control is used to submit PKCS #10 compliant certificate requests, and upon receiving the requested certificate, stores it in the user’s local certificate store.

The control contains a flaw that could enable a web page, through an extremely complex process, to invoke the control in a way that would delete certificates on a user’s system. An attacker who successfully exploited the vulnerability could corrupt trusted root certificates, EFS encryption certificates, email signing certificates, and any other certificates on the system, thereby preventing the user from using these features.

An attack could be carried out through either of two scenarios. The attacker could create a web page the that exploits the vulnerability, and host it on a web site in order to attack users who visited the site. The attacker also could send the page as an HTML mail in order to attack the recipient.

Affected Products

  • Microsoft Windows 98
  • Microsoft Windows 98 Second Edition
  • Microsoft Windows Millennium
  • Microsoft Windows NT 4.0
  • Microsoft Windows 2000
  • Microsoft Windows XP

Download

Software patches are available from the following locations:

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: August 28, 2002

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<