Patch: Certificate Enrollment Control

Microsoft advises of a patch for an ActiveX control known as the Certificate Enrollment Control, which is in all versions of Windows.

The control contains a flaw that could enable a web page to invoke the control in a way that would delete certificates on a user's system. An attacker who exploited the vulnerability could corrupt trusted many certificates on the system, thereby preventing the user from using these features.

For information on obtaining the patch, click here.

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments

Market Place