More critical security flaws in Windows

Attackers can delete digital certificates

Nick Farrell

vnunet.com, 30 Aug 2002

Microsoft has found another critical security flaw in all its versions of Windows released since Windows 98.

The flaw allows attackers to delete digital certificates. On its website the Microsoft said that an infiltrator abusing the flaw could launch an attack via email or a website to gain unauthorised entry into a system and delete the certificates.

Advertisement

Deleting certificates would stop a user from being able to encrypt or sign emails.

Microsoft said: "Through this vulnerability, an attacker could potentially delete digital certificates on a user's system, thereby preventing the user from having access to certain functions."

The company has rated the security flaw as "critical", and has made a patch available on its technical website.

The versions of Windows that are vulnerable include Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000 and Windows XP.

According to Microsoft, Internet Explorer software can be reconfigured to defend against an attack.

The company launched a 'trustworthy computing' campaign earlier this year to improve the security of all its software.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Security expert breaks Windows

Report identifies 'unfixable flaws' in operating system

Microsoft puts trust in security wizards

A Guide to Windows' Flaws and Vulnerabilities, by Bill Gates

Gates warned over security promise

Microsoft must keep its word over 'trustworthy computing'

Gates's trust push arouses suspicion

Microsoft's conversion to "trustworthy computing" has less to do with protecting enterprise networks than easing the strain on the company's developers, according to a US security consultant

Related whitepapers

Related jobs

Most watched

Summit: Views From the Valley

V3.co.uk's US office weighs in on the information overload crisis

John Chambers speaks on collaboration

Cisco boss talks up new offerings

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

Summit video: Intel discusses processors designed for data overload (part one of two)

Intel explains how its Xeon processors can handle data-intensive apps

fujitsu logo

Unite calls off Fujitsu strike

Talks between the two sides will extend into the new...

Richard Thomas

Summit: Q&A Richard Thomas, former Information Commissioner

Thomas speaks out on government databases and data privacy

Symantec office

Summit: Symantec makes the case for smarter storage

Company talks up unified approach

Primary Navigation