Friday, November 22nd

    Microsoft continues to put off renewing security certificates

    img
    Microsoft Office users are experiencing insecure connections due to expired Transport Layer Security (TLS) certificates.

    Our readers are aware of a situation where some security software starts complaining about insecure connections while using Microsoft Office.

    Transport Layer Security (TLS) certificates are commonly used to secure Internet connections using data encryption. According to Digicert:: "They ensure that the data is transferred privately, no change, loss or theft."

    To take cdn.uci.Officeapps.live.com as an example from August 18, 2023 to June 27, 2024, although it appeared on the global endpoint list of Microsoft, it has expired. The result will be headaches for administrators dealing with strange security errors popping up on some users' screens, and someone at Microsoft will no doubt get a stern talking to.

    The alert also states that Microsoft Azure ECC TLS Issuing CA 01 has expired, which could indicate problems with the certificates issued by the service. The situation has not gone unnoticed on Microsoft's own support forums, with one poster saying: \"We have 200 PCs now giving this code when opening Word.\"

    Windows: Insecure by design

    Skeleton Key attack unlocks the worst of AI, says Microsoft

    Microsoft yanks Windows 11 update after boot loop blunder

    How many Microsoft missteps were forks that were just a bit of fun?

    Microsoft is no stranger to expiration whoopsies. In 2022, it forgot to renew the Windows Insider subdomain site's certificate, causing many unpaid testers to receive security warnings when they tried to access the site.

    The Register has reached out to Microsoft for comment, and we'll update this article if the company has anything to share. Microsoft has previously announced a plan to resolve its URL spread to focus on Cloud  Microsoft. During the exit, our readers thought contemplatively: “It seems that I remember it in many cases in the past. It seems a little odd that the expiration dates for strategic systems like site security certificates aren't stored as lists in commonly used spreadsheets.

    It would be nice if Microsoft could get something that could store and organize data like this. We asked Microsoft how Copilot handles TLS credential expiration. It recommends monitoring expiration dates and renewing certificates before they expire.

    Tags :