A patch is available to eliminate two newly discovered vulnerabilities affecting Internet Explorer, both of which could enable an attacker to spoof trusted web sites. The first vulnerability involves how digital certificates from web servers are validated. When CRL checking for such certificates is enabled, it could be possible for any or all of the following checks to no longer be performed:
- Verification that the certificate has not expired
- Verification that the server name matches the name on the certificate
- Verification that the issuer of the certificate is trusted

Read more