14 DAY TRIAL // Digital certificates signed with private keys of less than 1024 bits in length can be copied by cybercriminals and successfully utilized in phishing attacks, man-in-the-middle attacks and even to spoof content. That is why Microsoft’s latest update restricts the use of such certificates.
The Redmond company revealed its intentions to restrict weak certificates some time ago, but now it’s official.
Apps and services that use RSA keys for cryptography and call into the CertGetCertificateChain function will no longer be trusted if their certificates use keys that are less than 1024 bits in length.
As of October 9, the update is offered via Microsoft’s updating service. Customers are advised to apply the security improvement as soon as possible.
Those who experience issues during the installation process, can check out the Microsoft Knowledge Base Article 2661254 where all possible problems are documented.