Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability

Summary
This NVT has been replaced by NVT gb_ms_windows_fraudulent_digital_cert_spoofing_vuln.nasl (OID:1.3.6.1.4.1.25623.1.0.801953). The host is installed with Microsoft Windows operating system and is prone to Spoofing vulnerability.
Impact
Successful exploitation will allow remote attackers to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. Impact Level: System.
Solution
Apply the patch from below link, For updates refer to http://support.microsoft.com/kb/2524375
Insight
The flaw is caused by an error related to the use of several revoked and fraudulent SSL certificates for public web sites, which could allow attackers to decrypt SSL traffic sent to legitimate web sites by manipulating the DNS servers and using the fraudulent certificates.
Affected
Micorsoft Windows 7 Service Pack 1 and prior. Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2K3 Service Pack 2 and prior. Microsoft Windows Vista Service Pack 2 and prior. Microsoft Windows Server 2008 Service Pack 2 and prior.
References