Additionally, the prerequisite framework update (2862966) provides the functionality to log when certificates are blocked by this update (2862973).For more information regarding enabling this logging feature, see Microsoft Knowledge Base Article 2862966.
Task 1079262 - QA done Microsoft revised this advisory to rerelease the 2862973 update for Windows 8 and Windows Server 2012 to allow the update to install on systems running Windows Embedded 8 and Windows Server 2012 for Embedded Systems.
Microsoft recommends that customers running these operating systems apply the rereleased update at the earliest opportunity.
Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user. On affected releases of Microsoft Windows, the 2862973 update requires that certificates cease to use the MD5 hashing algorithm.
Microsoft products or third-party products that call into the Cert Get Certificate Chain function will no longer trust certificates with MD5 hashes.
Note that the 2862966 update is a prerequisite and must be applied before this update can be installed.
The 2862966 update contains associated framework changes to Microsoft Windows.
An attacker could then use this duplicate digital certificate to fraudulently spoof content, perform phishing attacks, or perform man-in-the-middle attacks. In public key cryptography, one of the keys, known as the private key, must be kept secret.
The other key, known as the public key, is intended to be shared with the world.
For more information, see Microsoft Knowledge Base Article 2862966. Microsoft Knowledge Base Article 2862973 documents the currently known issues that customers may experience when installing this update.