Microsoft security advisory: Improperly issued digital certificates could allow spoofing

Applies to: Windows RT 8.1Windows 8.1Windows 8.1 Enterprise More

INTRODUCTION


Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:

More Information


Prerequisites

In order to receive this update, you may have to have one or both of the following updates installed:
2677070 An automatic updater of revoked certificates is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
2813430 An update is available that enables administrators to update trusted and disallowed CTLs in disconnected environments in Windows

The following table summarizes the prerequisite updates.
Operating systemUpdate 2677070Update 2813430
Windows Vista, Windows Server 2008YesYes
Windows 7, Windows Server 2008 R2YesYes
Windows 8, Windows Server 2012 NoYes
Windows 8.1, Windows Server 2012 R2 NoNo

Update for Windows Server 2003

 Download Download the Rvkroots.exe package now.

Release date: July 17, 2014


Update for Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2

Customers should install the automatic updater of revoked certificates. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
2813430 An update is available that enables administrators to update trusted and disallowed CTLs in disconnected environments in Windows

Update for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2

Because these systems are automatically protected, no action is needed.

How to download Microsoft support files

For information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.