Microsoft Windows could allow a remote attacker to conduct spoofing attacks, caused by the improper verification of invalid certificates issued by National Informatics Centre (NIC). By persuading a victim to visit a Web site containing a specially-crafted certificate, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to cause the victim to spoof SSL certificates.