Computerworld

Microsoft is distributing security patches through insecure HTTP links

Stefan Kanthak, reporting on the Bugtraq mailing list, shows how Microsoft’s own security patch download links are based on HTTP, not HTTPS. The Microsoft Update Catalog uses insecure HTTP links – not ...