Microsoft is taking advantage of a light Patch Tuesday to urge that customers upgrade their security keys so they don't wind up having trouble with Outlook, Exchange, and other Microsoft applications.
The company says businesses that haven't done so should look for applications that use RSA certificates that are smaller than 1,024 bits, because starting next month updated Microsoft applications won't accept them.
[ Build and deploy an effective line of defense against corporate intruders with InfoWorld's Encryption Deep Dive PDF expert guide. Download it today! | Learn how to protect your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]
The result will be that certificate authority services won't work, making it impossible for applications to reach other resources that require the certificates, Microsoft says.
Internet Explorer will deny access to Web sites with smaller keys, Outlook 2010 won't encrypt email and Outlook won't be able to connect to Exchange servers, the company says.
Other platforms affected include Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2 operating systems.
"[T]his could be a serious issue for a lot of companies because when it breaks your software, it breaks it in a big way," says from Paul Henry, a security and forensic analyst at Lumension.
In an advisory, Microsoft says businesses should examine systems and applications "that have been tucked away to collect dust and cobwebs because they 'still work' and have not had any cause for review for some time." Those are the ones most likely to have shorter certificates; most mainstream applications moved to lengthier ones long ago at the urging of security-standards and best-practices bodies.
The upgrade to stronger security settings has been available since August, but next month Microsoft will issue it as part of its Windows Update cycle.
While the upgrade will boost security and avoid a list of problems, it can cause issues, the company says. Things to look out for: