Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

snowshine

2 Intern

 • 

1.1K Posts

11596

March 4th, 2010 10:00

Do I need this download?

Hi,

I am very cautious about any WindowsUpdates & downloads.

I just get my Win7 going again,.

I find WU suggests Ithe following as an important update: CAPICOM [KB931906] 374kb. Is this one necessary for a home computer that gets connected to internet.

Thank you for your advice,

Regards

Yottabyte

139 Posts

March 4th, 2010 11:00

CAPICOM is a Windows component that provides services to programs that enable security that is based on cryptography. This includes functionality for authentication that uses digital signatures, for enveloping messages, and for encrypting and decrypting data.

Overview

A remote code execution vulnerability exists in Cryptographic API Component Object Model (CAPICOM) that allows an attacker who successfully exploits this vulnerability to take complete control of an affected system. CAPICOM can be used as a component of a 3rd party webpage, script or application. You can protect our computer by installing this update from Microsoft.
You get prompted to install this if you install older software that uses it or you recently used a windows mobile device to a computer and it enabled capicom. This happens because your system *now* makes use of CAPICOM (after having installed a new software/ActiveX control and/or updates for that one) or at least
it's Certificates.
http://www.microsoft.com/technet/security/bulletin/ms07-028.mspx -> Vulnerability Details -> FAQ for CAPICOM.Certificates Vulnerability


It is discontinued and Microsoft suggests replacing CAPICOM with .NET Framework's X509 Cryptographic Classes and a number of other alternatives.  But it can still be triggered as mentioned above and in such a case WU will want to patch it.

Was this post helpful?

View All

No Events found!

Top