February 2014 Security Updates from Microsoft

MSFT_logo_pngOn Tuesday, February 11, Microsoft is releasing five new security bulletins. Two of the bulletins are critical. Microsoft systems that will be affected:

  • Windows (all current operating systems and servers)
  • Forefront Protection 2010 for Exchange
  • Microsoft .NET Framework

It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested for compatibility within the MIT computing environment. Installing the bulletins manually may require a restart.

On February 11, Microsoft is also planning to release the update for deprecation of MD5 hashing algorithm for the Microsoft root certificate program. The announcement was made last August to give customers six months to take the necessary actions in their environments.

The action on February 11 will officially restrict the use of digital certificates with MD5 hashes. The change applies only to certificates used for server authentication, code signing and time stamping. Microsoft said it would not block other uses of MD5 and would allow signed binaries from before March 2009. The general recommendation is that customers move to a stronger encryption algorithm such as SHA2 or better.

Advertisements

About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: