Reply to: MS 03-041 and SSL Certificates

john.tjin_at_ACHMEA.NL
Date: 10/30/03

Next message: Matthew Johnson: "Exchange 2003 OWA major security flaw"

Previous message: :: Operash ::: "[Opera 7] Arbitrary File Auto-Saved Vulnerability."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Thu, 30 Oct 2003 10:35:30 +0100
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

We had a simmilar problem at our site. Our NT4 UK SP6 Workstations+IE 5.5
UK SP2 or IE 6.0 SP1 received the same certificate warning when visiting
SSL secured websites.
Though uninstalling didn't resolve the problem.

The resolution was reinstalling the patch and logging in with an administartors account after the reboot. It seemed that was a need for registering
%systemroot%\system32\initpki.dll after the reboot, which can only occur when logging in with an administrators account.
Registering cannot occur right after applying the patch and before the reboot because some DLL's can't be replaced during the patch and need to
replaced after the reboot.
Registering the DLL with c:\winnt\system32\regsvr32 c:\winnt\system32\initpki.dll did the trick for us.

You can check wether it works for you, by checking the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL
It's value should be: WINTRUST.DLL in stead of SOFTPUB.DLL

John Tjin

********************* DISCLAIMER *********************
De informatie in dit e-mail bericht is uitsluitend
bestemd voor de geadresseerde. Verstrekking aan
en gebruik door anderen is niet toegestaan.
Door de electronische verzending van het bericht
kunnen er geen rechten worden ontleend aan de
informatie.
************************************************************

-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, *** covering, and bureaucracy are threatening to derail any
chance of making progress.
-----

Next message: Matthew Johnson: "Exchange 2003 OWA major security flaw"

Previous message: :: Operash ::: "[Opera 7] Arbitrary File Auto-Saved Vulnerability."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]