How Microsoft Forgot To Renew The Certificate For Its Windows Insider Subdomain

By   ISBuzz Team
Writer , Information Security Buzz | Jun 13, 2022 04:29 am PST

Microsoft forgot to renew the certificate for its Windows Insider subdomain over the weekend, causing an outage and disruption for those trying to use the platform. Users who attempted to visit the Windows Insider portal were met with a warning about how their connection wasn’t private.

Despite the site only being down for a few hours, this typifies why large enterprises need to prioritise machine identity management, as without it we’ll continue to see outages impact users.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Pratik Selva
Pratik Selva , Sr. Security Engineer
June 13, 2022 12:32 pm

Microsoft’s Windows Insider Program is a public platform created to provide access to early Windows releases. It has a huge global community of millions of members. Although this incident did not lead to a severe a disruption, the site was still unavailable to millions of users for a number of hours which was, at a minimum, inconvenient. Microsoft isn’t the only vendor to experience this type of incident. Just recently Verifone and Spotify also suffered certificate outages that affected millions of users. Unless large enterprises with massive digital footprints prioritize machine identity management as a tier one application we will see more of these kinds of incidents. The problem is that the keys and certificates that serve as machine identities are critical to reliability as well as security and as companies move to the cloud management of them is more complicated.

Last edited 1 year ago by Pratik Selva

Recent Posts

Would love your thoughts, please comment.x