Certificates with fewer than 2048 bits will be considerd invalid by Microsoft.
According to a security advisory from the company, even valid certificates that are signed by a trusted certificate authority will be written off from next month.
Microsoft Trustworthy Computing experts recommended users with RSA keys should choose a key length of at least 2048 bits.
Spokesman Yunsun Wee said Microsoft spotted digital certificates that did not meet its standard for security practice during the course of normal certificate-related housekeeping.
“Though we have no indication that those had been compromised or misused in any fashion, as a precautionary measure we've revoked them," Wee said.
"A subset of those was in addition found to have code signing permissions, which has earned them a place in the Untrusted Certificate Store."
Microsoft has also released an advisory to allow system administrators to disable the Windows sidebar and gadgets on supported versions of Windows Vista and Windows 7 with a Fix It release.
As Windows 8 will deprecate the sidebar and gadgets, Wee said that some Vista and Windows 7 gadgets do not adhere to secure coding practices and should be regarded as causing risk to the systems on which they're run.
“With time running out for the sidebar and gadgets and with developers already moving on, we've chosen to deprecate the Windows gadget gallery effective immediately, and to provide a fix it to help system administrators disable gadgets and the sidebar across their enterprises.”
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
