Forum Discussion
Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability (KB3123040)
We are getting below vulnerability in Windows Server 2012 2012R2 and Server 2016 while scanning through Qualys agent Microsoft Improperly Issued Digital Certificates Spoofing Vulnerability (KB312304...
Normally this issue should be fix using update, so make sure update your Windows Server and install all updates.
You may have a look at:
https://support.microsoft.com/en-us/topic/microsoft-security-advisory-improperly-issued-digital-certificates-could-allow-spoofing-e6afed12-741d-d4a9-f9d8-d4712aebf5ff
And
https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3123040
In case you update the system and perform fix and issue persist, try restart the server and if problem continues, you might need to update the Qualys or contact their support.
You may have a look at:
https://support.microsoft.com/en-us/topic/microsoft-security-advisory-improperly-issued-digital-certificates-could-allow-spoofing-e6afed12-741d-d4a9-f9d8-d4712aebf5ff
And
https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3123040
In case you update the system and perform fix and issue persist, try restart the server and if problem continues, you might need to update the Qualys or contact their support.
Thanks.
- Welcome , note sometimes it might be a false-positive issue.