Microsoft Security Advisory (2661254)
Update For Minimum Certificate Key Length
Published: Tuesday, August 14, 2012 | Updated: Tuesday, August 14, 2012
Microsoft is announcing the availability of an update to Windows that restricts the use of certificates with RSA keys less than 1024 bits in length. The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.
The update is available on the Download Center as well as the Microsoft Update Catalog for all supported releases of Microsoft Windows. In addition, Microsoft is planning to release this update through Microsoft Update in October, 2012 after customers have a chance to assess the impact of this update and take necessary actions to use certificates with RSA keys greater than or equal to 1024 bits in length in their enterprise.
Recommendation. Microsoft recommends that customers download the update and assess the impact of blocking certificates with RSA keys less than 1024 bits in length before applying the update to their enterprise. Please see the Suggested Actions section of this advisory for more information.
Known Issues. Microsoft Knowledge Base Article 2661254 documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues.
Top of section
For more information about this issue, see the following references:
Page 1 of 1
Microsoft Security Advisory (2661254) Update For Minimum Certificate Key Length
Share this topic:
Page 1 of 1