learn.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:1b4::3544  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Skip to main content


This browser is no longer supported.

Upgrade to Microsoft Edge to take advantage of the latest features, security
updates, and technical support.

Download Microsoft Edge More info about Internet Explorer and Microsoft Edge

Table of contents Exit focus mode

Read in English Save
Table of contents Read in English Save Edit Print

Twitter LinkedIn Facebook Email
Table of contents
 * Article
 * 10/14/2022
 * 2 contributors

Feedback


IN THIS ARTICLE

Security Advisory


MICROSOFT SECURITY ADVISORY 961509


RESEARCH PROVES FEASIBILITY OF COLLISION ATTACKS AGAINST MD5

Published: December 30, 2008

Microsoft is aware that research was published at a security conference proving
a successful attack against X.509 digital certificates signed using the MD5
hashing algorithm. This attack method could allow an attacker to generate
additional digital certificates with different content that have the same
digital signature as an original certificate. The MD5 algorithm had previously
shown a vulnerability, but a practical attack had not yet been demonstrated.

This new disclosure does not increase risk to customers significantly, as the
researchers have not published the cryptographic background to the attack, and
the attack is not repeatable without this information. Microsoft is not aware of
any active attacks using this issue and is actively working with certificate
authorities to ensure they are aware of this new research and is encouraging
them to migrate to the newer SHA-1 signing algorithm.

While this issue is not a vulnerability in a Microsoft product, Microsoft is
actively monitoring the situation and has worked with affected Certificate
Authorities to keep customers informed and to provide customer guidance as
necessary.

Mitigating Factors:

 * Microsoft is not aware of specific attacks against MD5, so previously issued
   certificates that were signed using MD5 are not affected and do not need to
   be revoked. This issue only affects certificates being signed using MD5 after
   the publication of the attack method.
 * Most public Certificate Authority roots no longer use MD5 to sign
   certificates, but have upgraded to the more secure SHA-1 algorithm. Customers
   should contact their issuing Certificate Authority for guidance.
 * When visited, Web sites that use Extended Validation (EV) certificates show a
   green address bar in most modern browsers. These certificates are always
   signed using SHA-1 and as such are not affected by this newly reported
   research.


GENERAL INFORMATION


OVERVIEW

Purpose of Advisory: To assist customers in assessing the impact of this
research announcement on their current certificate deployments.

Advisory Status: Issue Confirmed. No Security Update Planned.

Recommendation: Review the suggested actions and configure as appropriate.

References Identification Microsoft Knowledge Base Article 961509

This advisory discusses the following software.

Affected Software None.


FREQUENTLY ASKED QUESTIONS

What is the scope of the advisory?
This advisory aims to assist consumers in assessing the risk of certain
applications using X.509 digital certificates and to recommend that
administrators and certificate authorities cease using MD5 as an algorithm to
sign digital certificates.

Is this a security vulnerability that requires Microsoft to issue a security
update?
No. Technologies that use a signing mechanism other than MD5 have been available
for some time, and the use of MD5 as a hashing algorithm for signing purposes
has been discouraged and is no longer a best practice. Microsoft will however
evaluate any opportunities to strengthen technologies to detect fraudulent
certificates. Although this is not a vulnerability in a Microsoft product,
Microsoft is issuing this advisory to help clarify the actual risk involved to
customers.

What causes this threat?
The root cause of the problem is a known weakness of the MD5 algorithm which
exposes it to collision attacks. Such attacks would allow an attacker to
generate additional certificates that have the same digital signature as an
original. These issues are well understood and the use of MD5 for specific
purposes that require resistance against these attacks has been discouraged.
However, these attacks have up until recently been considered difficult to
implement. Recent research has now proven that collision attacks are feasible.
At Microsoft, the Security Development Lifecycle has required Microsoft to no
longer use the MD5 algorithm as a default in Microsoft software.

What might an attacker use this function to do?
An attacker could apply these attacks to fraudulently appear to a user as a
legitimate, signed Web site or to send fraudulently signed e-mail. However, the
techniques to perform these attacks and the underlying cryptography that
facilitate them were not released by the researchers. Attacks would be very
unlikely to be implemented at this point in time.


SUGGESTED ACTIONS

 * Review the Microsoft Knowledge Base Article that is associated with this
   advisory
   Customers who are interested in learning more about the topic covered in this
   advisory should review Microsoft Knowledge Base Article 961509.

 * Keep Windows Updated
   All Windows users should apply the latest Microsoft security updates to help
   make sure that their computers are as protected as possible. If you are not
   sure whether your software is up to date, visit Windows Update, scan your
   computer for available updates, and install any high-priority updates that
   are offered to you. If you have Automatic Updates enabled, the updates are
   delivered to you when they are released, but you have to make sure you
   install them.

 * Do not sign digital certificates with MD5
   Certificate Authorities should no longer sign newly generated certificates
   using the MD5 algorithm, as it is known to be prone to collision attacks.
   Several alternative and more secure technologies are available, including
   SHA-1, SHA-256, SHA-384 or SHA-512.
   
   Impact of action: Older hardware-based solutions may require upgrading to
   support these newer technologies.


OTHER INFORMATION

Resources:

 * You can provide feedback by completing the form by visiting Microsoft Help
   and Support: Contact Us and completing the form.
 * Customers in the United States and Canada can receive technical support from
   Microsoft Product Support Services. For more information about available
   support options, see Microsoft Help and Support.
 * International customers can receive support from their local Microsoft
   subsidiaries. For more information about how to contact Microsoft for
   international support issues, visit International Support.
 * Microsoft TechNet Security provides additional information about security in
   Microsoft products.

Disclaimer:

The information provided in this advisory is provided "as is" without warranty
of any kind. Microsoft disclaims all warranties, either express or implied,
including the warranties of merchantability and fitness for a particular
purpose. In no event shall Microsoft Corporation or its suppliers be liable for
any damages whatsoever including direct, indirect, incidental, consequential,
loss of business profits or special damages, even if Microsoft Corporation or
its suppliers have been advised of the possibility of such damages. Some states
do not allow the exclusion or limitation of liability for consequential or
incidental damages so the foregoing limitation may not apply.

Revisions:

 * December 30, 2008: Advisory published

Built at 2014-04-18T13:49:36Z-07:00





--------------------------------------------------------------------------------


ADDITIONAL RESOURCES





Theme
 * Light
 * Dark
 * High contrast

 * 
 * Previous Versions
 * Blog
 * Contribute
 * Privacy
 * Terms of Use
 * Trademarks
 * © Microsoft 2023


ADDITIONAL RESOURCES






IN THIS ARTICLE



Theme
 * Light
 * Dark
 * High contrast

 * 
 * Previous Versions
 * Blog
 * Contribute
 * Privacy
 * Terms of Use
 * Trademarks
 * © Microsoft 2023