Microsoft · Windows · CVE-2009-0089
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows versions prior to the fixed version
**Description**
A spoofing issue exists due to incomplete validation of the distinguished name in a digital certificate. This can be combined with other attacks, such as DNS spoofing, allowing an attacker to spoof a digital certificate of a website for applications using Windows HTTP Services.
**Recommendations**
For Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold, update to a version that includes the fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.