Hello,
The latest windows updates remove the following registry keys from the path below:
HKLM\Software\Microsoft\Cryptography\OID\Encoding Type 0\CertDllCreateCertificateChainEngine\Config\Default\
WeakSha1ThirdPartyFlags
WeakSha1ThirdPartyAfterTime
Nessus scans now show the device has a risk which it didn’t have before the latest updates.
I have confirmed on a test machine that the keys existed before the updates, but disappeared after the reboot and KB3123479 will not install on the machine as it says it is already installed.
Can someone please advise if this is expected behaviour or a problem with the latest batch of updates?
Many thanks