Gelöschte SSL-Zertifikate durch Sicherheitsloch in ActiveX |
||
---|---|---|
#0
| ||
29.08.2002, 12:01
Ehrenmitglied
Beiträge: 1148 |
||
|
||
29.08.2002, 12:29
Ehrenmitglied
Beiträge: 2283 |
#2
Title: Flaw in Certificate Enrollment Control Could Allow
Deletion of Digital Certificates (Q323172) Date: 28 August 2002 Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Millennium Microsoft Windows NT 4.0 Microsoft Windows 2000 Microsoft Windows XP Impact: Denial of service Max Risk: Critical Bulletin: MS02-048 Microsoft encourages customers to review the Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/MS02-048.asp. - ---------------------------------------------------------------------- Issue: ====== All versions of Windows ship with an ActiveX control known as the Certificate Enrollment Control, the purpose of which is to allow web-based certificate enrollments. The control is used to submit PKCS #10 compliant certificate requests, and upon receiving the requested certificate, stores it in the user's local certificate store. The control contains a flaw that could enable a web page, through an extremely complex process, to invoke the control in a way that would delete certificates on a user's system. An attacker who successfully exploited the vulnerability could corrupt trusted root certificates, EFS encryption certificates, email signing certificates, and any other certificates on the system, thereby preventing the user from using these features. An attack could be carried out through either of two scenarios. The attacker could create a web page the that exploits the vulnerability, and host it on a web site in order to attack users who visited the site. The attacker also could send the page as an HTML mail in order to attack the recipient. A new version of the control is available that corrects the vulnerability, and can be installed via the patch. A patch is available for all other Windows systems, as discussed in the Patch Availability section below. Internet Explorer 5 or later is a prerequisite to installing the patch. As discussed in the Caveats section, customers who operate web sites that use the Certificate Enrollment Control will need to make minor revisions to their web applications in order to use the new control. Microsoft Knowledge Base article Q323172 details how to do this. In addition, the patch addresses a similar, but less serious vulnerability discovered in the SmartCard Enrollment control. This control ships with Windows 2000 and Windows XP. A new version of this control is also provided. Mitigating Factors: ==================== - - The web site-based attack vector could not be exploited if ActiveX controls were disabled in the Security Zone associated with the attacker's site. - - The mail-based attack vector could not be exploited if the recipient's email client handles HTML mail in the Restricted Sites Zone. Outlook Express 6 and Outlook 2002 open mail in this zone by default. Outlook 98 and 2000 open HTML mail in the Restricted Sites Zone if the Outlook Email Security Update has been installed. - - The vulnerability would not enable certificates on smart cards to be corrupted, even if the smart card were in the system at the time of an attack. Risk Rating: ============ - Internet systems: Low - Intranet systems: Low - Client systems: Critical Patch Availability: =================== - A patch is available to fix this vulnerability. Please read the Security Bulletin at http://www.microsoft.com/technet/security/bulletin/ms02-048.asp for information on obtaining this patch. __________ powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ... |
|
|
||
29.08.2002, 12:30
Ehrenmitglied
Beiträge: 2283 |
#3
Download locations for this patch Patches for all Windows platforms will be available from Windows Update on August 29, 2002. For users who want to download the patches immediately, please refer to the following locations:
Microsoft Windows 98: http://www.microsoft.com/windows98/downloads/contents/WUCritical/q323172/default.asp Microsoft Windows 98 Second Edition: http://www.microsoft.com/windows98/downloads/contents/WUCritical/q323172/default.asp Microsoft Windows Me: http://download.microsoft.com/download/WINME/PATCH/24421/WINME/EN-US/323172USAM.EXE Microsoft Windows NT 4.0: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41747 Microsoft Windows NT 4.0, Terminal Server Edition: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41361 Microsoft Windows 2000: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41568 Microsoft Windows XP: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41598 Microsoft Windows XP 64-bit Edition: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=41598 __________ powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ... |
|
|
Zitat
__________
So wird mein Post von allen gelesen..