MS Windows Fraudulent Digital Certificates Spoofing Vulnerability (2641690)

Summary
The host is installed with Microsoft Windows operating system and is prone to spoofing vulnerability. This NVT has been superseded by KB2718704 Which is addressed in NVT gb_unauth_digital_cert_spoofing_vuln.nasl (OID:1.3.6.1.4.1.25623.1.0.802634).
Impact
Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Impact Level: System
Solution
Apply the Patch from below link, For updates refer to http://support.microsoft.com/kb/2641690
Insight
The flaw is due to an error when handling the fraudulent digital certificates issued by Entrust and GTE CyberTrust. It is not properly validating its identity.
Affected
Windows 7 Service Pack 1 and prior Windows XP Service Pack 3 and prior Windows Vista Service Pack 2 and prior Windows Server 2003 Service Pack 2 and prior Windows Server 2008 Service Pack 2 and prior
References