6 C
London
Wednesday, November 22, 2017
Home Tags Windows updates

Tag: Windows updates

Headsets will cost as little as $299, and will work with integrated graphics.
The same naming, and same schedule, are now used across Windows, Windows Server, and Office.
Just don't disable Skype for Windows updates, k? Security researchers have discovered a nasty vulnerability in older versions of Skype on Windows that might lend itself to hacker attack.…
With the Creators Update, Microsoft is adding non-security updates into the mix.
Microsoft is working on a fix after Tuesday’s Windows 7 and 8.1 security updates misfired on some users, forcibly locking them out of future Windows updates.Microsoft has acknowledged that the updates’ detection mechanism, intended to force users with newer 7th generation processor chips to move to Windows 10, also caught people with 6th generation AMD Carrizo DDR 4 PCs, which were explicitly allowed under terms of Microsoft’s Lifecycle Policy FAQ. Microsoft admitted erroneously blocking Windows Update on four different Tuesday patches: KB 4015549 (the Win7 Monthly Rollup), KB 4015546 (the Win7 Security-Only patch), KB 4015550 (the Win8.1 Monthly Rollup), and KB 4015547 (the Win8.1 Security-Only patch).To read this article in full or to leave a comment, please click here
It looks like a policy announced a year ago is going to kick in.
Small downloads are a big win for Insider Preview users.
It'll be easier to stop Windows from rebooting in the middle of something important.
Microsoft confirmed that Feb. 14, 2017 is the cutoff date for SHA-1 support in its Microsoft Edge and Internet Explorer 11 browsers.

After that date, neither browser will immediately load sites still running SHA-1 certificates and users will be shown an invalid certificate warning. Users will also have to take extra steps to reach the site if they so choose. The move follows Google’s announcement last week that it will remove support for SHA-1 certificates in Chrome 56 that is slated to be released at the end of January. Mozilla also announced a similar deprecation cutoff date for early next year. SHA-1 (Secure Hash Algorithm 1) has been supported by Google, Firefox and Microsoft browsers for more than a decade.

But weaknesses and theoretical collisions have been demonstrated in SHA-1, exposing users to spoofing and man-in-the-middle attacks. The successor, SHA-2, addresses those concerns.

But the industry has a long way to go to update, according to Venafi.
It estimates 35 percent of websites (out of 11 million public websites) are still using SHA-1 certificates. In a blog post, Microsoft said that its transition will impact only SHA-1 certificates that chain to a Microsoft Trusted Root certificate authority.

The tech giant also attempted to allay fears over the migration saying manually installed enterprise or self-signed SHA-1 certificates will not be impacted; ensuring a smooth transition for internal corporate sites mostly located behind a company’s firewall. Microsoft also said that system administrators can get a jump on testing SHA-2 readiness if they are running the November 2016 Windows Updates, including the November 2016 Preview of Monthly Quality Rollups for Windows 7/Windows 8.1.

Those users can use Edge and IE 11 to test how their site will be impacted by the SHA-2 migration, Microsoft said. Additionally, users that visit sites that have missed the Feb. 14, 2017 migration date will also have the option to ignore the certificate error and will be able to continue to the website in question. Microsoft also clarified concerns around cross-signed certificates explaining that Windows will only check if the thumbprint of the root certificate is in Microsoft Trusted Root Certificate Program. “A certificate cross-signed with a Microsoft Trusted Root that chains to an enterprise/self-signed root would not be impacted by the changes planned for February 2017,” according to Alec Oot and Jody Cloutier both senior program managers at Microsoft. Microsoft’s SHA-1 certificate error message to be displayed after Feb. 14, 2017 on Edge and IE 11 browsers. “Certificate security is critical to a website’s success.

All web browsers use certificates to determine what can and can’t be trusted during online transactions.

This is particularly critical in transactions that include sensitive data such as ecommerce and online banking,” notes Venafi’s Scott Carter in a recent post regarding SHA-1 depreciation. Consequences to website owners that don’t migrate include visitors being warned of visiting insecure websites and being urged to look elsewhere for content.

Browsers will not display a “green padlock” in the address bar and some sites could experience performance problems, according to Venafi. “Either a third of websites are frantically scrambling to replace their SHA-1 certificates or they are blissfully unaware that they may still have SHA-1 certificates they have not yet located,” Carter wrote. “I doubt that many of these websites are still unaware of the consequences.”