Microsoft Internet Explorer Security Patch free download, Microsoft Internet Explorer Security Patch download on software download

	Microsoft Internet Explorer Security Patch Web Server Certificate Validation Flaws.
Download

Microsoft Internet Explorer Security Patch Ranking & Summary

Rating:

License:
Update

Publisher Name:
Microsoft

Publisher web site:
http://www.microsoft.com/

Operating Systems:
Windows 95, Windows NT, Windows 2000, Windows 98

Microsoft Internet Explorer Security Patch Tags

Validation

Server Certificate Diagnostic

server-side validation

ReCAPTCHA validation

Server Certificate

Web Services Validation

removing flaws

Microsoft Internet Explorer Security Patch Description

From Microsoft : A patch is available to eliminate two newly discovered vulnerabilities affecting Internet Explorer, both of which could enable an attacker to spoof trusted web sites. The first vulnerability involves how digital certificates from web servers are validated. When CRL checking for such certificates is enabled, it could be possible for any or all of the following checks to no longer be performed: Verification that the certificate has not expired Verification that the server name matches the name on the certificate Verification that the issuer of the certificate is trusted The second vulnerability could enable a web page to display the URL from a different web site in the IE address bar. This spoofing could occur within a valid SSL session with the impersonated site. Both vulnerabilities could be used to convince a user that the attacker??s web site was actually a different one ?? one that the user presumably trusts and would provide sensitive information to. However, as discussed in the Mitigating Factors section below, there would be significant hurdles to exploiting either vulnerability.

Microsoft Internet Explorer Security Patch Related Software