Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Security|Windows 10

Microsoft to Remove Some Chinese Certificate Authorities from Windows 10

Microsoft to Shut Down MSN China
Image credit: Associated Press

Microsoft has announced today that the company will be removing certificate authorities from WoSign and StartCom from Windows 10. The company says that these providers have failed to maintain the standards required by the Trusted Root Program.

The listed offenses committed by these authorities include back-dating SHA-1 certificates, mis-issuances of certificates, accidental certificate revocation, duplicate certificate serial numbers, and multiple CAB Forum Baseline Requirements (BR) violations. To little surprise, Microsoft does not approve of any of these violations and as such, is removing their ability to issue new certificates and invalidating their old files.

Starting on September 26th, Microsoft will begin the process of removing support for these certificates. If your company is using a CA from one of these providers, you will need to update your certificates immediately.

In the blog post which you can view here, Microsoft notes that they value the CA community and only makes these decisions after careful consideration. Or in other words, these providers screwed up so badly and repeatedly that the company was forced to revoke their access after they failed, on multiple occasions, to fix their processes.

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

The Trusted Root program, starting with Vista, is updated on Windows automatically. Knowing this, the revoke process for removing these expired certificates will not require any interaction be the end user.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.


Sponsored By