DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 18, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 77 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Microsoft to make 1,024 bit RSA digital certificates the new minimum

Posted on Monday, September 10 2012 @ 12:18:49 CEST by


Microsoft logo
Microsoft send out a warning to administrators that an upcoming Windows security update will block access to RSA digital certificates with a key length of less than 1,024 bits because increased computing power has made it easier to crack or brute-force attack these keys.

The update will be released on October 9, 2012, it will prevent Internet Explorer from accessing websites secured with digital certificates with a key length of under 1,024 bits. Additionally, strong keys will also be required for Windows' certificate authority service, for ActiveX controls, encrypting and signing e-mails in Outlook, etc.
Notably, Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. Likewise, without a strong enough certificate, certificate authority service in Windows won't be able to start, ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications. In addition, Microsoft warned that after its security update, Operations Manager will be unable to monitor--or discover new instances of--any HP-UX PA-RISC computers that don't have an RSA digital certificate of least 1,024 bits.

Microsoft's move reflects the relative ease with which digital certificates of less than 1,024 bits can now be cracked--or derived--via brute-force attacks. "The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks," according to Microsoft.
The software giant urges admins who find they are using certificates with RSA key lengths of less than 1,024 bits to reissue them with at least a 1,024-bit key lengths, and preferably 2,048 bits or even better.

Source: InformationWeek



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba