Memo from Microsoft to Windows administrators: Make sure all of your digital certificates have at least 1,024 bits.
That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems.
Notably, Internet Explorer won’t be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. Likewise, without a strong enough certificate, certificate authority service in Windows won’t be able to start, ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won’t be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications. In addition, Microsoft warned that after its security update, Operations Manager will be unable to monitor–or discover new instances of–any HP-UX PA-RISC computers that don’t have an RSA digital certificate of least 1,024 bits.