Over the past several months, Microsoft has made changes both to our own internal PKI practices and to the Windows Update channel (client-side and server-side) PKI handling. You’ve likely already read about those changes on the MSRC blog, the Microsoft Update blog, and in the associated KB articles (949104, 2720211).
We continued this evolution last month by announcing our intention to release a defense-in-depth measure that changes how Windows manages certificates that have RSA keys of less than 1024 bits in length. On systems where this hardening package is installed, those certificates using the RSA algorithm with key length less than 1024 bits will be treated as invalid, even if they are otherwise valid and signed by a trusted certificate authority. We will deploy this update via our usual update channels for all supported versions of Windows as a Critical non-security update. We encourage WSUS administrators to approve and deploy that update when we release it in August, to proactively harden your environment against brute force cryptographic attacks. All customers who have opted into Automatic Updates will get the update according to your Automatic Update settings. You can read more about this hardening at the PKI blog post originally published in June: http://blogs.technet.com/b/pki/archive/2012/06/12/rsa-keys-under-1024-bits-are-blocked.aspx
As a continuation of this effort, we reviewed a number of Microsoft digital certificates and found several which do not meet our standards for security practices. As an extra precautionary measure, we released Security Advisory 2728973 today to announce the availability of a Critical, non-security update that moves several of these certificates into the Untrusted Certificate Store. None of the certificates involved are known to have been breached, compromised, or otherwise misused. This is a pre-emptive cleanup to ensure a high bar for any certificates owned by Microsoft.
Finally, we are making one further proactive change today that will help us respond more quickly to any digital certificate issues in the future. Last month, we announced the availability of a new automatic updater of untrusted certificates for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. This new feature provides dynamic updates, allowing Windows clients to be updated with untrusted certificates once per day without requiring user interaction. You can read more about the feature in the PKI blog post previously mentioned and in KB 2677070. This new feature had been available as an optional update available through Windows Update. We are changing the Windows Update metadata today to make this automatic updater available as a Critical non-security update, enabling it to be automatically deployed to all customers who have opted-in to Automatic Updates (according to your AU settings) and to appear as a Critical update in WSUS dashboards. This automatic updater is the fastest way for customers on Windows Vista and later platforms to get untrusted digital certificate updates such as the one included in Security Advisory 2728973 mentioned above. Customers on Windows Vista and later platforms who have not yet installed this new feature can deploy untrusted certificate updates through WSUS or from the Download Center. Windows XP and Windows Server 2003 computers will continue to receive Untrusted Certificate Store updates via Windows Update – although Security Advisory 2728973 has an installation pre-requisite to which customers using Windows XP and Windows Server 2003 should pay special attention (described in the FAQ).
We will continue to monitor the threat landscape and take action where we believe we can strengthen the security of Microsoft’s handling or use of public key-based encryption technologies.
- Gerardo Di Giacomo and Jonathan Ness, MSRC