Microsoft's Original Windows Secure Boot Certificate Is Expiring
The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. In other words, update those PCs soon.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. In other words, update those PCs soon.
The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.
Microsoft revoked more than 200 digital certificates that threat actors used to sign fake Teams binaries that set the stage for Rhysida ransomware attacks.
Google shortened the lifetime of Transport Layer Security (TLS) certificates, and Microsoft plans to downgrade support for older versions, giving companies more data security but also removing visibility into their own traffic.
Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover.
The security vulnerability allows attackers to spoof a target certificate and masquerade as any website, among other things.
Microsoft added certificate-based authentication (CBA) to the Azure Active Directory to help organizations enable phishing-resistant MFA that complies with US federal requirements. The change paves the way for enterprises to migrate their Active Directory implementations to the cloud.
Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.