MicrosoftMicrosoft has made an embarrassing security oversight that is...

Microsoft has made an embarrassing security oversight that is basic and unglamorous.


Microsoft hasn’t renewed the certificate on one of its most important web pages, which caused the site to crash and redirect users to other sites.

It was discovered by In The Register (which opens the site in a new tab) that the certificate for the Windows Insider software testing program expired on June 9 in the late afternoon hours.

Users who attempted to visit the site at that period were greeted with the typical “Your connection is not private” message. Those who tried to access the area during that time and users who used Chrome, Firefox, or Safari were advised via the respective software not to proceed.

read more > Microsoft warns users to stay away from downloading the Windows 11 update

The ones who did were directed back to the primary Windows page, with 302 and 307 redirects, according to the report, implying that the company was aware of the problem at the time of the incident.

Expired certificates

Since then, the certificate has been renewed, and the website has been operating.

Each now and then, certificates run out and aren’t renewed in time, causing several things along the way. In October of 2021, one of the largest nonprofit Certificate Authorities (CA) services had a high volume of renewals through websites and apps, which resulted in some major names experiencing major interruptions.

read more>Microsoft Teams update will help you master some of your most challenging jobs at work.

Because of the crossing-signed DST Root CA, X3 is expiring. The issue with Let’s Encrypt, which the Internet Security Research Group manages, resulted in apps and websites like Shopify and Slack experiencing issues. In the meantime, Let’s Encrypt took to Twitter to inform affected users to visit the forum for community members, offering no guarantee of solving the issue fast.

One month after that, an expired certificate affected Windows 11 21H2 users and blocked Windows users from accessing some apps.

In 2020 an expired authentication certificate rendered Microsoft Teams inaccessible for a time.

While expired certificates can be inconvenient, they could be more problematic when they impact root certificates or take away services; the publication points out the situation with Sectigo’s AddTrust older root certification, which, when it expired two years ago, hurt thousands of customers.

fatima khan
fatima khan
A brand new writer in the fields, Fatima has been taken under my electric spark's RGB- rich and ensures she doesn't engage in excessive snark on the website. It's unclear what command and Conquer are; however, she can talk for hours about the odd rhythm games, hardware, product reviews, and MMOs that were popular in the 2000s. Fatima has been creating various announcements, previews, and other content while here, but particularly enjoys writing regarding Products' latest news in the market she's currently addicted to. She is likely talking to an additional blogger with her current obsession right now.


Please enter your comment!
Please enter your name here

Latest news

About Tech

You might also likeRELATED
Recommended to you