This update resolves the "SSL Certificate Validation" security vulnerabilities in Internet Explorer. These vulnerabilities affect the way Internet Explorer handles digital certificates used in Secure Socket Layer (SSL) sessions. SSL is a protocol that allows Web sessions to be encrypted for greater security, and in order for a SSL session to occur, digital certificates must be verified. Under a specific set of circumstances, Internet Explorer may incorrectly validate digital certificates or fail to initiate the validation process. This could allow a malicious Web site operator to misrepresent a Web site as a trusted site, and engage in an SSL session with a visiting user. Download now to ensure that Internet Explorer correctly validates certificates before every SSL session.
This update is included in Windows 2000 Service Pack 1 (SP1), which includes several important updates. Microsoft recommends that you install Windows 2000 SP1.Note This update has been revised since its original release to address a minor issue that causes Internet Explorer to display images incorrectly on some Web sites. Microsoft recommends that all users download this updated version.
For more information about these vulnerabilities, please read Microsoft Security Bulletin MS00-039. (This site is in English.)