deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 12916: fixing invisible commit

Browse Source
This commit is contained in:
Dani Halfin 📬🔨
2018-11-16 22:21:50 +00:00
parent a0d7135fcf
commit 3bee5a7840
2 changed files with 6 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
windows/privacy/manage-windows-1803-endpoints.md
View File

@ -147,11 +147,7 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses.
| Source process | Protocol | Destination | Additionally, it is used to download certificates that are publicly known to be fraudulent.
|----------------|----------|------------|
| svchost | HTTP | ctldl.windowsupdate.com |
The following endpoints are used to download certificates that are publicly known to be fraudulent.
These settings are critical for both Windows security and the overall security of the Internet. These settings are critical for both Windows security and the overall security of the Internet.
We do not recommend blocking this endpoint. We do not recommend blocking this endpoint.
If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device. If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.

6
windows/privacy/manage-windows-1809-endpoints.md
View File

@ -157,11 +157,7 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses.
| Source process | Protocol | Destination | Additionally, it is used to download certificates that are publicly known to be fraudulent.
|----------------|----------|------------|
| svchost | HTTP | ctldl.windowsupdate.com |
The following endpoints are used to download certificates that are publicly known to be fraudulent.
These settings are critical for both Windows security and the overall security of the Internet. These settings are critical for both Windows security and the overall security of the Internet.
We do not recommend blocking this endpoint. We do not recommend blocking this endpoint.
If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device. If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.