The cryptographic policy change is part of Microsoft's response to security weaknesses that came to light after Windows Update became an unwitting party to Flame Malware attacks, and affects Windows XP, Windows 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems, according to the written by Kurt L. Hudson, a senior technical writer for the company.

BACKGROUND:

MORE:

"To prepare for this update, you should determine whether your organization is currently using keys less than 1024 bits," Hudson writes. "If it is, then you should take steps to update your cryptographic settings such that keys under 1024 bits are not in use."

Even with preparation, updated machines may face issues such as error messages when browsing to Web sites with SSL certificates that are below the minimum 1024. They may also face problems enrolling for certificates when certificate requests use a 1024 or less key, the blog says. Installing Active X controls signed with 1024-bit or less signatures will also fail.