Monday's update addressed a gaffe introduced last week when issued by DigiNotar that were cross-signed by a pair of other certificate authorities (CAs).

Servers run by Dutch CA DigiNotar were hacked starting in June, and attackers (secure socket layer) certificates, including many used by the Dutch government.

SSL certificates are used by websites and browsers to identify a site as legitimate -- that gmail.com or hotmail.com are actually what they claim -- and illegally-obtained certificates can be abused to disguise unauthorized domains using "man-in-the-middle" attacks to snoop on digital communications and harvest account credentials.

One certificate stolen from DigiNotar was used to for about a month this summer.

Today, Microsoft admitted that the update it shipped to Windows XP and Server 2003 users was flawed.