We are aware of and actively monitoring a recently identified security certificate vulnerability affecting Windows 10, Server 2016, and Server 2019. As of this post, the vulnerability is not known to have been exploited.
A patch to resolve the issue was just released by Microsoft. After internal testing, we will push the patch to our clients during their next scheduled patch cycle for both PCs and servers. Users should reboot their computer when prompted to finalize installation of the patch. In the meantime, other mitigating software is in place on our client systems including firewalls, OpenDNS, and Webroot.
More details about the vulnerability and links to patches are available here for those who don’t have IT support already addressing the issue.
If you have any questions or concerns about your security, please reach out!