Microsoft to Remove Some Chinese Certificate Authorities from Windows 10
Microsoft has announced today that the company will be removing certificate authorities from WoSign and StartCom from Windows 10. The company says that these providers have failed to maintain the standards required by the Trusted Root Program.
The listed offenses committed by these authorities include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and multiple CAB Forum Baseline Requirements (BR) violations. To little surprise, Microsoft does not approve of any of these violations and as such, is removing their ability to issue new certificates and invalidating their old files.
Starting on September 26th, Microsoft will begin the process of removing support for these certificates. If your company is using a CA from one of these providers, you will need to update your certificates immediately.
In the blog post which you can view here, Microsoft notes that they value the CA community and only makes these decisions after careful consideration. Or in other words, these providers screwed up so badly and repeatedly that the company was forced to revoke their access after they failed, on multiple occasions, to fix their processes.
The Trusted Root program, starting with Vista, is updated on Windows automatically. Knowing this, the revoke process for removing these expired certificates will not require any interaction be the end user.
More in Windows 10
Microsoft Starts Rolling Out Edge WebView2 to Windows 10 PCs
Jun 28, 2022 | Rabia Noureen
Microsoft to Start Notifying Windows 8.1 Users About Upcoming End of Support
Jun 24, 2022 | Rabia Noureen
Microsoft's Out-Of-Band Patch Fixes Microsoft 365 and Azure AD Sign-In Issues on ARM Devices
Jun 21, 2022 | Rabia Noureen
Microsoft is Investigating Sign-In Issues Affecting Microsoft 365 and Azure AD on ARM Devices
Jun 20, 2022 | Rabia Noureen
Microsoft to Fix Windows Bug Breaking Wi-Fi hotspots After Installing Latest Patch Tuesday Update
Jun 17, 2022 | Rabia Noureen
Microsoft's June 2022 Patch Tuesday Updates Fix Several Remote Code Execution Vulnerabilities
Jun 15, 2022 | Laurent Giret
Most popular on petri