{"id":56447,"date":"2024-06-28T13:26:06","date_gmt":"2024-06-28T13:26:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/microsoft-hits-snooze-again-on-security-certificate-renewal\/"},"modified":"2024-06-28T13:26:06","modified_gmt":"2024-06-28T13:26:06","slug":"microsoft-hits-snooze-again-on-security-certificate-renewal","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-hits-snooze-again-on-security-certificate-renewal\/","title":{"rendered":"Microsoft hits snooze again on security certificate renewal"},"content":{"rendered":"

Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.<\/p>\n

An eagle-eyed Register<\/i> reader from Australia brought the plight of cdn.uci.officeapps.live.com<\/code> to our attention, which is listed at one of Microsoft’s worldwide endpoints<\/a> for Microsoft 365 and Office Online. According to Microsoft, the address is default and requires network connectivity.<\/p>\n

\"TLS<\/a><\/p>\n

TLS Certificate information on cdn.uci.officeapps.live.com<\/p>\n<\/div>\n

Our reader realized the situation when some security software began to bleat about the connection not being secure when using Microsoft Office.<\/p>\n

A Transport Level Security (TLS) certificate is commonly used to secure internet connections with data encryption. According to DigiCert: “They ensure that data is transmitted privately and without modifications, loss or theft.” Assuming, of course, the certificate is valid.<\/p>\n

In the case of cdn.uci.officeapps.live.com<\/code>, it was valid from August 18, 2023, to June 27, 2024, and despite appearing in the list of Microsoft’s worldwide endpoints has now expired. The result will be headaches for administrators dealing with strange security errors popping up on some users’ screens and somebody within Microsoft doubtless being given a stern talking to.<\/p>\n