Also on Tuesday, Microsoft began pushing a long-planned update that invalidates all certificates with keys less than 1,024 bits long.

Microsoft first told users in June that it was going to disable those certificates, saying then that it would issue an update in August. Microsoft did ship the update that month, but made it an optional download. As of today, Microsoft is forcing it on everyone.

The update to kill certificates with shorter, more vulnerable keys, was triggered by the discovery of Flame, a sophisticated espionage tool uncovered by Kaspersky Lab. Flame infiltrated networks, scouted out the digital landscape and used a variety of modules to pilfer information. Among its tricks was one called the "Holy Grail" by researchers: It to infect completely-patched Windows PCs.

Microsoft reacted by on three of its own certificates.

"Last chance," said Storms about users' opportunities to apply the update earlier, or block it from arriving on machines via WSUS (Windows Server Update Services). "While we have known for some time that the key update was going out, it's being officially released today," Storms added. "It will applied unless you stop it."