Re: OCX and Digital Certificates question ( Problems with PKCS7 after Q328145 in Win2K)
From: David Cross [MS] (dcross@online.microsoft.com)
Date: 09/29/02
- Next message: David Cross [MS]: "Re: Is it possible??.... Defining Root Certificate KeyUsage"
- Previous message: David Cross [MS]: "Re: Certificate Authority Bug Found in W2k SP3 ?"
- In reply to: Michel Gallant (MVP): "Re: OCX and Digital Certificates question ( Problems with PKCS7 after Q328145 in Win2K)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David Cross [MS]" <dcross@online.microsoft.com> Date: Sun, 29 Sep 2002 08:52:40 -0700
This is correct.
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. http://support.microsoft.com "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message news:3D9716AF.71148976@istar.ca... > Alex and Mauricio, > > The related security patch for CEnroll (MS02-048) fixes some security issues associated > with being able to script that control from a web page context. You appear to > have that installed (version 5,131,3659,0) > Details at: > http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ bulletin/MS02-048.asp > > So, if you are scripting from html, most methods will not work now .. better ActiveX security :-) > > However, I have verified that the new verion of xenroll.dll works properly > from trusted standalone wsh scripts, like: > http://home.iSTAR.ca/~neutron/wsh/capicom/pvkcerts/PVKCertsWMI.vbs > which uses oXenroll.enumContainers(). This method, which used to work from > scripted html, now fails from html after applying the patch above. > > - Michel Gallant MVP Security > > "Alex K. Angelopoulos (MVP)" wrote: > > > Mauricio, > > > > Does the same thing happen if you use the following code instead of an object > > tag? > > > > Set CEnroll = CreateObject("CEnroll.CEnroll") > > CEnroll.installPKCS7(Str) > > > > There do appear to be some changes in how this works. I'm including the main > > security groups in this response since they may have a good idea of what is > > actually happening here. > > > > In news:9e7801c2665d$ef5bfcd0$36ef2ecf@tkmsftngxa12, > > Mauricio Reveco typed: > > > I install in my win2k the Q328145 security update, > > > described in Microsoft Security Bulletin MS02- > > > 050 "Certificate Validation Flaw Could Enable Identity > > > Spoofing (Q328145)" > > > > > > After the installation the next code didn't work anymore > > > _______________________________________ > > > <OBJECT classid="clsid:43F8F289-7A20-11D0-8F06- > > > 00C04FC295E1" codebase="xenroll.dll#Version=5,131,2146,1" > > > id="control"></OBJECT> > > > <script language="vbscript"> > > > control.installPKCS7 <String parameter> > > > </script> > > > _____________________________________________________ > > > the script throw an error message about nonexistent > > > method called "installPKCS". > > > > > > I replace the <OBJECT> Tag by the next sentence: > > > _________________________________________________ > > > <OBJECT classid="clsid:5B9169C0-DB65-42AA-A38A- > > > 0726846AAEB3" codebase="xenroll.dll#Version=5,131,3659,0" > > > id="control"></OBJECT> > > > _________________________________________________ > > > > > > but it didn't work, I get the Class ID and Version from > > > the new xenroll.dll installed in my Windows/system32 > > > directory. > > > > > > Can you help with this? > > > > > > Thanks! > > > > -- > > Please respond in the newsgroup so everyone may benefit. > > http://dev.remotenetworktechnology.com > > ---------- > > Subscribe to Microsoft's Security Bulletins: > > http://www.microsoft.com/technet/security/bulletin/notify.asp >
- Next message: David Cross [MS]: "Re: Is it possible??.... Defining Root Certificate KeyUsage"
- Previous message: David Cross [MS]: "Re: Certificate Authority Bug Found in W2k SP3 ?"
- In reply to: Michel Gallant (MVP): "Re: OCX and Digital Certificates question ( Problems with PKCS7 after Q328145 in Win2K)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
