Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft
Download Center 
Search Advanced Search

Windows Security Update: Verisign Digital Certificates Spoofing Hazard

Brief Description
In mid-March 2001, VeriSign, Inc., informed Microsoft that it had issued two code-signing digital certificates to an individual who fraudulently represented himself as a Microsoft employee. Microsoft has released an update that will prevent code signed using these certificates from being trusted.

On This Page

Quick Details
File Name:crlupd.EXE
Version:q293818
Knowledge Base (KB) Articles:KB293818
Date Published:3/28/2001
Language:English
Download Size:125 KB
Estimated Download Time: 1 min 56K

Overview

In mid-March 2001, VeriSign, Inc., informed Microsoft that it had issued two code-signing digital certificates to an individual who fraudulently represented himself as a Microsoft employee. Microsoft has released an update that will prevent code signed using these certificates from being trusted.

 Top of page

System Requirements

  • Supported Operating Systems: Windows 2000; Windows 95; Windows 98; Windows ME; Windows NT

 Top of page

Instructions

  1. Click the Download link to start the download, or choose a different language from the drop-down list and click Go.
  2. Do one of the following:
    • To start the installation immediately, click Open or Run this program from its current location.
    • To copy the download to your computer for installation at a later time, click Save or Save this program to disk.

 Top of page

Additional Information

This update resolves the "Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard" security vulnerability, and is discussed in Microsoft Security Bulletin MS01-017. Download now to prevent an unauthorized user from running code on your computer by digitally signing programs as "Microsoft Corporation."

VeriSign, Inc. issued two VeriSign digital certificates to an individual who fraudulently claimed to be a Microsoft employee; this allows the individual to sign programs, ActiveX® controls, Office macros, and other executable content as originating from "Microsoft Corporation." This update prevents the two erroneously signed certificates from being accepted as valid.

Note This update was released prior to April 2, 2001

 Top of page

 Top of page

 Top of page

© 2009 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy Statement