certificate management

Certifi’s decision to remove e‑Tugra root certificates—tracked as CVE‑2023‑37920—was a corrective security action that rippled across software ecosystems and vendor supply chains, but it also exposed a practical tension: removing a distrusted root protects integrity while simultaneously risking...

Microsoft is urging organizations that send or receive mail with Exchange Online to make sure the DigiCert Global Root G2 root certificate (and its subordinate CAs) is trusted on any systems that perform full certificate-chain validation — failure to do so may interrupt mail flow and TLS-based...

A subtle integer overflow in Apache HTTP Server’s ACME integration (mod_md) can turn a sensible certificate renewal backoff into an incessant retry loop after an extended series of failures, creating sustained renewal storms and operational headaches for administrators — the issue is tracked as...

Kepware’s twin releases — a new Linux, container-first runtime called Kepware Edge and a consolidated Windows product rebranded as Kepware Server — mark a deliberate shift in how industrial connectivity vendors are responding to the demands of edge-first, data-driven manufacturing. The changes...

Windows 11 quietly ships with a powerful certificate-management console that every power user and administrator should know: certmgr.msc — the Certificates Microsoft Management Console (MMC) snap‑in that exposes the current user’s certificate stores and the basic tools to view, import, export...

HP quietly pulled a Windows update for its HP OneAgent after the package’s cleanup script removed legitimate Microsoft certificates — including tenant-specific Entra ID/Intune certificates — causing some HP “AI PC” devices to lose their Entra ID (Azure AD) join and preventing corporate sign‑in...

Microsoft’s Exchange team has taken a decisive step toward finally letting organizations retire the last Exchange server in hybrid environments by adding cloud-managed remote mailbox support — a per-mailbox “flip-the-switch” that transfers Exchange attribute authority to Exchange Online while...

Microsoft’s August cumulative update for Windows 11, version 24H2 — KB5063878 (OS Build 26100.4946) — ships as a combined Servicing Stack Update (SSU) plus Latest Cumulative Update (LCU), bringing routine security and quality fixes while renewing attention on an industry-wide operational...

Microsoft has released KB5062683, a Setup Dynamic Update for Windows 11 versions 22H2 and 23H2, dated July 8, 2025. This update enhances the Windows setup binaries and related files used during feature updates, aiming to improve the overall installation experience. Key Highlights of KB5062683...

A quietly looming change is set to reshape the security landscape for countless Windows PCs: the soon-to-expire Secure Boot certificates, foundational to one of Windows 11’s most crucial system requirements. For everyday users and IT administrators alike, understanding the implications of this...

For more than a decade, Secure Boot has stood as a linchpin of Windows device security, quietly but critically defending the early stages of operating system startup against sophisticated threats. As the cryptographic foundation of Secure Boot—the Microsoft Secure Boot certificates—approaches...

Microsoft's Secure Boot, a critical security feature introduced with Windows 8, is undergoing significant updates to its certificate infrastructure to maintain system integrity and trustworthiness. This initiative addresses the impending expiration of existing certificates and enhances defenses...

The countdown to a Windows Secure Boot certificate expiration is no minor matter for enterprises, administrators, and enthusiasts alike. With Secure Boot central to the root of trust on Windows devices, any change in its chain of trust—such as a certificate expiration or a Certificate Authority...

The silent war over corporate Domain Name System (DNS) integrity is intensifying, with global cyber adversaries relentlessly probing for gaps in the digital fabric that connects modern enterprises. In response to this growing threat landscape, Akamai has announced the launch of its DNS Posture...

In a move signaling Microsoft’s ongoing commitment to secure device connectivity for the Internet of Things (IoT), the May 2025 Azure Sphere update introduces a collection of targeted enhancements designed to fortify security, streamline legacy migration workflows, and give IT administrators...

Azure Sphere continues to evolve as Microsoft pushes to secure the future of the Internet of Things (IoT). With billions of smart devices connecting to networks globally, security is paramount. The release of the May 2025 Azure Sphere Services update highlights Microsoft’s ongoing commitment to...

The latest evolution of Windows support for Application Control for Business introduces a significant and controversial overhaul: a new Certificate Authority (CA) handling logic designed to bolster software trust and compliance in modern enterprise environments. Users and administrators who rely...

The landscape of industrial cybersecurity is in a constant state of flux, with new vulnerabilities surfacing as frequently as new networked devices are deployed in factories and critical infrastructure. Nowhere is this more apparent than in the ongoing saga of Siemens SCALANCE and RUGGEDCOM...

windows Admin center, but I can install update 2410. It throws an error when installing that the generated certificate is not valid. Failed to create self signed certificate. Error: A parameter cannot be found that matches parameter name 'Security Descriptor'.

On October 8, 2024, Microsoft disclosed CVE-2024-43544, a cybersecurity vulnerability related to the Simple Certificate Enrollment Protocol (SCEP). This vulnerability has been classified as a Denial of Service (DoS) threat, potentially impacting systems utilizing this protocol. What is Simple...