Microsoft Internet Explorer NULL Byte CA SSL Certificate Validation Security Bypass Vulnerability

The vendor released an update. Please see the references for details.

UPDATE (October 30, 2009): The updates released by Microsoft as part of this security bulletin may cause service malfunctions on some systems, including Live Communications Server 2005, Office Communications Server 2007, and the evaluation release of Office Communicator 2007. Microsoft has released an application ('ocsasnfix.exe') that addresses this bug. Please see the updated knowledge base article 974571 in the references for more information.


Privacy Statement
Copyright 2010, SecurityFocus