WSJ: Certificate handling incorrect in Microsoft Internet Explorer

Don Clark reports in the Wall. St. Journal this morning on a bug in Internet Explorer which can be used to spoof site certificates. The flaw could be exploited by an attacker to setup a site which appears to be genuine — including an SSL session — but which is bogus.

See Mike Benham’s original report for details.

This site uses Akismet to reduce spam. Learn how your comment data is processed.