Microsoft Security Advisory 2862973

Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program

Published: August 13, 2013 | Updated: June 10, 2014

Version: 3.0

General Information

Executive Summary

Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate program. Usage of MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

The update is available on the Download Center as well as the Microsoft Update Catalog for all affected releases of Microsoft Windows except for Windows RT. In addition, as of February 11, 2014, this update is offered via automatic updating and through the Microsoft Update service for all affected software.

Recommendation. Microsoft recommends that customers apply the update at the earliest opportunity. Please see the Suggested Actions section of this advisory for more information.

Note that the 2862966 update is a prerequisite and must be applied before this update can be installed. The 2862966 update contains associated framework changes to Microsoft Windows. For more information, see Microsoft Knowledge Base Article 2862966.

Known Issues. Microsoft Knowledge Base Article 2862973 documents the currently known issues that customers may experience when installing this update. The article also documents recommended solutions for these issues.

Issue References

For more information about this issue, see the following references:

References Identification
Microsoft Knowledge Base Article 2862973 

 

Affected Software

This advisory discusses the following software.

Operating System
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Windows RT
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)

 

Advisory FAQ


Why was this advisory revised on June 10, 2014?
Microsoft revised this advisory to rerelease the 2862973 update for Windows 8 and Windows Server 2012 to allow the update to install on systems running Windows Embedded 8 and Windows Server 2012 for Embedded Systems. Microsoft recommends that customers running these operating systems apply the rereleased update at the earliest opportunity.

This rerelease only applies to systems running Windows Embedded 8 or Windows Server 2012 for Embedded Systems. Customers running other operating systems are not affected by this rerelease and do not have to take any action.

Why was this advisory revised on February 11, 2014?
Microsoft revised this advisory to announce that the 2862973 update for all affected releases of Microsoft Windows is now offered through automatic updating. Customers who previously applied the 2862973 update do not need to take any action.

Why was this advisory revised on October 8, 2013?
Microsoft revised this advisory for the following reasons:

  • To clarify that this update does not apply to Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 because these operating systems already include the functionality to prevent the usage of MD5 certificates in the root certificate program.
  • To remind customers that administrators of enterprise installations should assess their environments for the existence of certificates with MD5 hashes and re-issue these certificates prior to broader distribution of the update, which Microsoft plans to release in February 2014.

Does this update apply to Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1?
No. This update does not apply to Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 because these operating systems already include the functionality to prevent the usage of MD5 certificates in the root certificate program.

Does this update apply to Windows 8.1 Preview, Windows RT 8.1 Preview, or Windows Server 2012 R2 Preview?
No. This update does not apply to Windows 8.1 Preview, Windows RT 8.1 Preview, or Windows Server 2012 R2 Preview because these operating systems already include the functionality to prevent the usage of MD5 certificates in the root certificate program.

What is the scope of the advisory?
The purpose of this advisory is to notify customers that an update is available for supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate program. Usage of MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This update is fully tested and is of sufficient quality for release. The update was released to the Download Center as well as the Microsoft Update Catalog to allow customers to assess their environments and provide the opportunity to re-issue necessary certificates prior to broader distribution via Microsoft Update.

When will Microsoft release this update to Microsoft Update?
Microsoft released this update via Microsoft Update on February 11, 2014.

How might an attacker use digital certificates fraudulently?
An attacker could craft a duplicate digital certificate by defeating the MD5 hashing algorithm. An attacker could then use this duplicate digital certificate to fraudulently spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

What is a digital certificate?
In public key cryptography, one of the keys, known as the private key, must be kept secret. The other key, known as the public key, is intended to be shared with the world. However, there must be a way for the owner of the key to tell the world who the key belongs to. Digital certificates provide a way to do this. A digital certificate is an electronic credential used to certify the online identities of individuals, organizations, and computers. Digital certificates contain a public key packaged together with information about it - who owns it, what it can be used for, when it expires, and so forth.

What is a man-in-the-middle attack?
A man-in-the-middle attack occurs when an attacker reroutes communication between two users through the attacker’s computer without the knowledge of the two communicating users. Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user.

What does the 2862973 update do?
On affected releases of Microsoft Windows, the 2862973 update requires that certificates cease to use the MD5 hashing algorithm. Microsoft products or third-party products that call into the CertGetCertificateChain function will no longer trust certificates with MD5 hashes. This function builds a certificate chain context starting from the end certificate going back, if possible, to a trusted root certificate. When the chain is validated, every certificate in the chain is inspected to ensure that it does not use MD5 hashes. If any certificate in the chain has a MD5 hash, the end certificate will not be trusted.

For a complete list of scenarios on how this update will block the usage of certificates with MD5 hashes, see Microsoft Knowledge Base Article 2862973.

Additionally, the prerequisite framework update (2862966) provides the functionality to log when certificates are blocked by this update (2862973). For more information regarding enabling this logging feature, see Microsoft Knowledge Base Article 2862966.

Note that the 2862973 update does not affect binaries signed by certificates using a MD5 hash algorithm.

How do I prepare for this release?
Please see the Suggested Actions section for a list of actions to perform in preparation for deploying this update.

 

Suggested Actions

Apply the update for affected releases of Microsoft Windows

Most customers have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates and install this update manually. For information about specific configuration options in automatic updating, see Microsoft Knowledge Base Article 294871..

For administrators of enterprise installations, or end users who want to install the 2862973 update manually, Microsoft recommends that customers download the update and assess the impact of block the usage of certificates with MD5 hashes. See Microsoft Knowledge Base Article 2862973 for download links to the update packages.

Note that the 2862966 update is a prerequisite and must be installed before this update can be installed. The 2862966 update contains associated framework changes to Microsoft Windows. For more information, see Microsoft Knowledge Base Article 2862966.

For a complete list of scenarios on how this update will block the usage of certificates with MD5 hashes, see Microsoft Knowledge Base Article 2862973.

Other Information

Feedback

You can provide feedback by completing the Microsoft Help and Support form, Customer Service Contact Us.

Support

Customers in the United States and Canada can receive technical support from Security Support. For more information, see Microsoft Help and Support.

International customers can receive support from their local Microsoft subsidiaries. For more information, see International Support.

Microsoft TechNet Security provides additional information about security in Microsoft products.

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Revisions

  • V1.0 (August 13, 2013): Advisory published.
  • V1.1 (August 27, 2013): Revised advisory to announce that the 2862973 update is available from the Microsoft Update Catalog.
  • V1.2 (October 8, 2013): Clarified that this update does not apply to Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. However, for all applicable operating systems, Microsoft reminds customers that administrators of enterprise installations should assess their environments for the existence of certificates with MD5 hashes and re-issue these certificates prior to broader distribution of the update, which Microsoft plans to release in February 2014.
  • V2.0 (February 11, 2014): Revised advisory to announce that the 2862973 update for all affected releases of Microsoft Windows is now offered through automatic updating. Customers who previously applied the 2862973 update do not need to take any action.
  • V3.0 (June 10, 2014): Revised advisory to rerelease the 2862973 update for Windows 8 and Windows Server 2012. This rerelease only applies to systems running Windows Embedded 8 and Windows Server 2012 for Embedded Systems. See the Advisory FAQ for more information.

 

Page generated 2014-06-06 11:22Z-07:00.