Patch: Certificate Enrollment Control

Microsoft advises of a patch for an ActiveX control known as the Certificate Enrollment Control, which is in all versions of Windows.

The control contains a flaw that could enable a web page to invoke the control in a way that would delete certificates on a user's system. An attacker who exploited the vulnerability could corrupt trusted many certificates on the system, thereby preventing the user from using these features.

For information on obtaining the patch, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments