Cryptography is the science of securing information by converting it between its normal, readable state (called plaintext) and one in which the data is obscured (known as ciphertext).
In all forms of cryptography, a value known as a key is used in conjunction with a procedure called a crypto algorithm to transform plaintext data into ciphertext.
This issue affects all supported releases of Microsoft Windows.
Microsoft is not currently aware of attacks related to this issue.
The other key, known as the public key, is intended to be shared with the world.
For more information about the certificate, see the Frequently Asked Questions section of this advisory. An automatic updater of certificate trust lists is included in supported editions of Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows 10 Version 1511, and for devices running Windows Phone 8, Windows Phone 8.1, and Windows 10 Mobile.Normally you won’t have to think about certificates at all.You might, however, see a message telling you that a certificate is expired or invalid.In those cases you should follow the instructions in the message. Certification authorities are the organizations that issue certificates.They establish and verify the authenticity of public keys that belong to people or other certification authorities, and they verify the identity of a person or organization that asks for a certificate. A trust must exist between the recipient of a signed message and the signer of the message.
Google said exploiting issues on Android is made more difficult by features in newer versions of the Android platform: "We encourage all users to update to the latest version of Android where possible." However, not all Android makers feel that updating old hardware to the newest version of Android is a particular priority, leaving many smartphones languishing on older and therefore less secure versions.