ComputerWorld posted a story that Microsoft re-released an update today for Windows XP to correct a snafu that left users vulnerable to potential "man-in-the-middle" attacks for most of last week.
Today, Microsoft admitted that the update it shipped to Windows XP and Server 2003 users last Tuesday was flawed.Microsoft fixes SSL 'kill switch' blooper
"The versions...for Windows XP and for Windows Server 2003 contained only the latest six digital certificates cross-signed by GTE and Entrust," said Microsoft in a revised support document. "These versions of the update did not contain the digital certificates that were included in [earlier updates]."
The earlier update, delivered by Microsoft on Sept. 6, blocked five DigiNotar root certificates.