Microsoft Security Advisory (2661254)

Update For Minimum Certificate Key Length

This morning Microsoft released a Security Advisory for the upcoming patch to increase minimum bit levels of certificates to 1024 bit. See security advisory #2661254. This change to the minimum bits level of certificates may impact deployments of Retina CS, Retina, Retina Insight including SSRS, REM, Blink, SecureIIS, Enterprise Update Server and Stand Alone Event Server(s) (as well as other vendor products that leverage certificates). Organizations that have one or more of these products deployed and are planning to deploy this patch should download the utility and document "Retina CS: Using the SSL Certificate Update Tool" from this location:

http://download.eeye.com/tools/2661254/Tool.zip

If you are unable to use the tool and need to utilize the manual process, please review the document "Retina CS: Using Strong Certificates" by clicking:

http://download.eeye.com/tools/2661254/RetinaCS_UsingStrongCerts.pdf

Following these steps and using this utility will update the certificate requirements on both the server and client machines.

IMPORTANT: If you deploy the Microsoft patch without updating the certificates within your environment, communications between components will not work correctly. The only resolution will be to follow this procedure for all agents in order to trust communications between them.

IMPORTANT: In addition to the above instructions, Windows Server 2003 and Windows XP users will also need to apply the following Microsoft patches:

http://support.microsoft.com/kb/968730

http://support.microsoft.com/kb/938397
 

Please contact us with any questions through the Customer Support Portal (https://www.eeye.com/customers), or by using your Support access code when calling (US Standard or Platinum: 866.529.2201 or 949.333.1997, Outside US Standard 949.333.1995, Outside US Platinum 949.333.1996).

Thank you,
BeyondTrust Support Team