Microsoft committed a quite simple but embarrassing security error 

Published June 14, 2022
Author: Ash Khan

Microsoft committed a quite simple but embarrassing security error 

Published June 14, 2022
Author: Ash Khan

Apparently, the software company failed to renew main Windows Insider web page certificate. 

Microsoft forgot to renew the certificate for one of its most significant web pages. It caused the site to crash and diverted visitors to other sites. 

According to British technology news website; The Register this certificate was for the Windows Insider software testing program. It was expired on Thursday, June 9, in the afternoon. 

People who attempted to access the site at that time face “Your connection is not private” alert. While users of Chrome, Firefox, or Safari were urged not to proceed by their browsers. 

The visitors who did, they were sent to the main Windows page with 302 and 307 redirect errors. According to the reports, Microsoft Office 365 parent company was aware of the problem at that time. 

Expired Certificates 

Since then, the certificate has been reissued, and the site is back up and running. 

Sometimes certificates expire and are not renewed on time, it causes a few irregularities in website. In October 2021, one of the largest non-profit Certificate Authorities (CA) services encountered high volumes of renewals from websites and applications. It resulted in substantial disruptions for certain well-known sites. 

Let’s Encrypt’s problem, which is managed by the Internet Security Research Group, caused disruptions on websites and applications such as Shopify and Slack due to the expiration of its cross-signed DST Root CA X3. Let’s Encrypt went to Twitter at the time to encourage impacted customers to contact the community forum, with no assurance of addressing the issue immediately. 

A month later, an expired certificate impacted Windows 11 21H2 and prohibited users from using specific applications. 

An expired authentication certificate rendered Microsoft Teams unreachable for a time in 2020. 

While expired certifications are inconvenient, they can be even more so if they affect root certificates and bork services. This was the situation with Sectigo’s AddTrust legacy root certificate, which expired two years ago and affected thousands of clients. 

Post Views: 486
0

Popular Tags

API Integration Branding Services Business Cloud Backup storage cloud storage Cloud VPS Server Hosting Database Services Digital Marketing eBay Store Email Hosting Email Marketing & CRM Email security Explainer Video Facebook Ads Fast Vpn FTP hosting GMAIL Google Ads Google Workspace hacked website repair IT Support Services Linux Managed AWS Cloud Managed Azure Cloud Microsoft 365 Microsoft Office 365 Microsoft Teams Integration mobile apps Outlook email Reseller Hosting SEO Services Server Management SIM Hosting Service SMS Services Social Media Marketing SQL Services Transfer Domain Name Vulnerability Assessment web applications Web Hosting Web Maintenance Website Designing website repair services Website Security Wordpress Hosting

Latest Posts