FIX: Security Fix for SSL Certificate Chain Verification (328584)


The information in this article applies to:

  • Microsoft Windows CE .NET 4.1
This article was previously published under Q328584

Notice

For a Microsoft Windows CE .NET 4.0 version of this article, see 328464.
For a Microsoft Windows CE Platform Builder 3.0 version of this article, see 328463.

SYMPTOMS

The Internet Engineering Task Force (IETF) profile of the X.509 certificate standard defines several optional fields that can be included in a digital certificate. One of these optional fields is the Basic Constraints field. This field indicates the maximum permitted length of the certificate's chain and whether the certificate is a certification authority (CA) or an end-entity certificate. However, the functions in Crypto API that construct and validate certificate chains (CertGetCertificateChain) do not check the Basic Constraints field.

This vulnerability might permit an attacker who has a valid end-entity certificate to issue a fake subordinate certificate that passes validation. Because Crypto API is used by many programs, this might permit a variety of identity spoofing attacks. These attacks might include:
  • Setting up a Web site that poses as a different Web site, and "proves" its identity by setting up a Secure Sockets Layer (SSL) session as the legitimate Web site.
  • Sending e-mail messages that are signed by using a digital certificate that appears to belong to a different user.
  • Spoofing certificate-based authentication systems to gain entry as a highly privileged user.
  • Digitally signing malicious software by using an Authenticode certificate that claims to have been issued to a company that users might trust.
For more information about this vulnerability, visit the following Microsoft Web site:

Microsoft Security Bulletin MS02-050
http://www.microsoft.com/technet/security/bulletin/MS02-050.mspx

RESOLUTION

A supported software update is now available from Microsoft as Windows CE 4.1 Core OS QFE 328584. To resolve this problem immediately, click the following article number for information about obtaining Windows CE Platform Builder and core operating system software updates:

837392 How to locate core operating system fixes for Microsoft Windows CE Platform Builder products

The global version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. 
   Date         Time   Version      Size       File name
   ------------------------------------------------------------------------------

   26-Sep-2002  00:09  4.1.2.925    4,754,016  020925_armv4i_wce41-q328584.exe  
   26-Sep-2002  00:09  4.1.2.925    4,758,112  020925_armv4t_wce41-q328584.exe  
   26-Sep-2002  00:09  4.1.2.925    4,754,016  020925_armv4_wce41-q328584.exe  
   26-Sep-2002  00:10  4.1.2.925    4,508,256  020925_mips16_wce41-q328584.exe  
   26-Sep-2002  00:10  4.1.2.925    4,815,456  020925_mipsii_fp_wce41-q328584.exe  
   26-Sep-2002  00:10  4.1.2.925    4,815,456  020925_mipsii_wce41-q328584.exe  
   26-Sep-2002  00:11  4.1.2.925    4,880,992  020925_mipsiv_fp_wce41-q328584.exe  
   26-Sep-2002  00:11  4.1.2.925    4,880,992  020925_mipsiv_wce41-q328584.exe  
   26-Sep-2002  00:11  4.1.2.925    4,635,232  020925_sh3_wce41-q328584.exe  
   26-Sep-2002  00:11  4.1.2.925    4,635,232  020925_sh4_wce41-q328584.exe  
   26-Sep-2002  00:12  4.1.2.925    4,209,248  020925_x86_wce41-q328584.exe
The global version of this fix has the file attributes (or later) that are listed in the following table. 
   Date         Time   Version            Size    File name
   --------------------------------------------------------------

   Path: Public\Common\Oak\Lib\Armv4\Debug
   18-Sep-2002  22:47                     20,344  Crypt32.lib
   18-Sep-2002  22:47                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Armv4\Retail
   18-Sep-2002  22:46                     19,824  Crypt32.lib
   18-Sep-2002  22:46                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Armv4i\Debug
   18-Sep-2002  22:43                     20,354  Crypt32.lib
   18-Sep-2002  22:43                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Armv4i\Retail
   18-Sep-2002  22:42                     19,832  Crypt32.lib
   18-Sep-2002  22:42                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Armv4t\Debug
   18-Sep-2002  22:39                     20,132  Crypt32.lib
   18-Sep-2002  22:39                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Armv4t\Retail
   18-Sep-2002  22:38                     20,078  Crypt32.lib
   18-Sep-2002  22:38                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mips16\Debug
   18-Sep-2002  22:55                     19,666  Crypt32.lib
   18-Sep-2002  22:55                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mips16\Retail
   18-Sep-2002  22:54                     19,356  Crypt32.lib
   18-Sep-2002  22:54                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsii\Debug
   18-Sep-2002  22:51                     20,296  Crypt32.lib
   18-Sep-2002  22:51                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsii\Retail
   18-Sep-2002  22:50                     19,826  Crypt32.lib
   18-Sep-2002  22:50                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsii_fp\Debug
   18-Sep-2002  22:59                     20,308  Crypt32.lib
   18-Sep-2002  22:59                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsii_fp\Retail
   18-Sep-2002  22:58                     19,836  Crypt32.lib
   18-Sep-2002  22:58                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsiv\Debug
   18-Sep-2002  23:14                     20,352  Crypt32.lib
   18-Sep-2002  23:14                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsiv\Retail
   18-Sep-2002  23:13                     19,836  Crypt32.lib
   18-Sep-2002  23:13                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsiv_fp\Debug
   18-Sep-2002  23:07                     20,364  Crypt32.lib
   18-Sep-2002  23:07                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Mipsiv_fp\Retail
   18-Sep-2002  23:05                     19,846  Crypt32.lib
   18-Sep-2002  23:05                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Sh3\Debug
   18-Sep-2002  23:03                     19,662  Crypt32.lib
   18-Sep-2002  23:03                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Sh3\Retail
   18-Sep-2002  23:02                     19,410  Crypt32.lib
   18-Sep-2002  23:02                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Sh4\Debug
   18-Sep-2002  23:11                     19,664  Crypt32.lib
   18-Sep-2002  23:11                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\Sh4\Retail
   18-Sep-2002  23:09                     19,410  Crypt32.lib
   18-Sep-2002  23:09                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\X86\Debug
   18-Sep-2002  22:35                     19,174  Crypt32.lib
   18-Sep-2002  22:35                     77,824  Crypt32.pdb

   Path: Public\Common\Oak\Lib\X86\Retail
   18-Sep-2002  22:34                     19,178  Crypt32.lib
   18-Sep-2002  22:34                     77,824  Crypt32.pdb

   Path: Public\Ie\Oak\Lib\Armv4\Debug
   18-Sep-2002  22:46                  6,952,998  Wininet.lib
   18-Sep-2002  22:46                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Armv4\Retail
   18-Sep-2002  22:45    4,780,804  Wininet.lib
   18-Sep-2002  22:45                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Armv4i\Debug
   18-Sep-2002  22:42                  6,968,050  Wininet.lib
   18-Sep-2002  22:42                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Armv4i\Retail
   18-Sep-2002  22:41                  4,789,042  Wininet.lib
   18-Sep-2002  22:41                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Armv4t\Debug
   18-Sep-2002  22:38                  6,643,456  Wininet.lib
   18-Sep-2002  22:38                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Armv4t\Retail
   18-Sep-2002  22:37                  4,776,352  Wininet.lib
   18-Sep-2002  22:37                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mips16\Debug
   18-Sep-2002  22:54                  6,343,608  Wininet.lib
   18-Sep-2002  22:54                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mips16\Retail
   18-Sep-2002  22:53                  4,276,184  Wininet.lib
   18-Sep-2002  22:53                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsii\Debug
   18-Sep-2002  22:50                  6,922,158  Wininet.lib
   18-Sep-2002  22:50                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsii\Retail
   18-Sep-2002  22:49                  4,883,222  Wininet.lib
   18-Sep-2002  22:49                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsii_fp\Debug
   18-Sep-2002  22:57                  6,924,362  Wininet.lib
   18-Sep-2002  22:57                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsii_fp\Retail
   18-Sep-2002  22:56                  4,885,030  Wininet.lib
   18-Sep-2002  22:56                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsiv\Debug
   18-Sep-2002  23:13                  7,008,814  Wininet.lib
   18-Sep-2002  23:13                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsiv\Retail
   18-Sep-2002  23:12                  4,927,054  Wininet.lib
   18-Sep-2002  23:12                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsiv_fp\Debug
   18-Sep-2002  23:05                  7,010,746  Wininet.lib
   18-Sep-2002  23:05                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Mipsiv_fp\Retail
   18-Sep-2002  23:04                  4,928,634  Wininet.lib
   18-Sep-2002  23:04                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Sh3\Debug
   18-Sep-2002  23:01                  6,350,650  Wininet.lib
   18-Sep-2002  23:01                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Sh3\Retail
   18-Sep-2002  23:00                  4,514,224  Wininet.lib
   18-Sep-2002  23:00                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Sh4\Debug
   18-Sep-2002  23:09                  6,350,494  Wininet.lib
   18-Sep-2002  23:09                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\Sh4\Retail
   18-Sep-2002  23:08                  4,508,168  Wininet.lib
   18-Sep-2002  23:08                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\X86\Debug
   18-Sep-2002  22:34                  5,670,150  Wininet.lib
   18-Sep-2002  22:34                    667,648  Wininet.pdb

   Path: Public\Ie\Oak\Lib\X86\Retail
   18-Sep-2002  22:33                  4,157,052  Wininet.lib
   18-Sep-2002  22:33                    667,648  Wininet.pdb

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Modification Type:MinorLast Reviewed:5/27/2005
Keywords:kbbug kbfix KB328584 kbAudOEM
©2004 Microsoft Corporation. All rights reserved.