cryptography

Link Removed

Revision Note: V1.1 (August 13, 2013): Added the 2862966 and 2862973 updates to the Available Updates and Release Notes section. Summary: Microsoft is announcing the availability of updates as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Microsoft...

Revision Note: V1.0 (June 11, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Over the course of months, Microsoft will continue to announce additional...

Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2655992 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...

Revision Note: V1.0 (June 11, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Over the course of months, Microsoft will continue to announce additional...

It was just over one year ago, May 28, 2012, to be exact, that I transitioned from running active MSRC cases and writing bulletins to my current role managing software security incidents. A lot has changed in that year - and I’ve dealt with some interesting issues during my tenure - but...

Revision Note: V1.0 (June 11, 2013): Advisory published. Summary: Microsoft is announcing the availability of an update as part of ongoing efforts to improve cryptography and digital certificate handling in Windows. Over the course of months, Microsoft will continue to announce...

Link Removed

More...

Some of you may have noticed us improving our defense-in-depth practices for bulletins by supplying sha1 and sha2 hashes in the Knowledge Base (KB) articles. This has been most visible in the KB with the addition of the “File hash information” section, but it is also noted in the...

Revision Note: V1.2 (September 11, 2012): Clarified that applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function could be impacted by this update. Examples of these applications and services include but are not limited to encrypted email...

Ok, so I just got my Windows 7 on my HP 6530b laptop, and I have stored my documents on my fathers XP computer meanwhile. Problem is I can't connect to his computer. He can find be but I can't find him. I have been googling for a while now, and the things I have done to fix this is: - Change it...

Today, as a part of our continuing phased mitigation strategy recently discussed, we have initiated the additional hardening of Windows Update. We’ve also provided more information about the MD5 hash-collision attacks used by the Flame malware in the SRD blog. This information should help...

Hello, At Microsoft, our commitment is to help ensure customer trust in their computing experience. That was the impetus for Trustworthy Computing, and central to that is the priority we place on taking the necessary actions to help protect our customers. Yesterday, we issued Security Advisory...

Hello, We recently became aware of a complex piece of targeted malware known as “Flame” and immediately began examining the issue. As many reports assert, Flame has been used in highly sophisticated and targeted attacks and, as a result, the vast majority of customers are not at...

When you try to validate a copy of Windows, you may receive an error message that resembles the following: When you try to validate Windows from , Windows downloads an update , however when Windows tries to install the update, the update shows an error... Link Removed

Explains how you can configure the negotiation of stronger, FIPS-compliant cryptography in Windows XP and in later operating systems by enabling certain security settings. Link Removed

This KB article describes the proxy detection mechanism that the Cryptography (Crypto) API uses to download a CRL from a CRL distribution point. It discusses the locations of the registry where proxy information is found. Link Removed

Revision Note: Advisory published Summary: Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method would allow an attacker to generate additional...

Link Removed Windows 7 is just over six months old. It has been quickly adopted by PC users at home and in businesses. However, some IT admins are struggling with the platform's new security features. We take a look at the key features and what you need to know.In addition to changes to User...