Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm. Admins should use the leeway to find any systems or applications relying on MD5 and determine whether the patch will break anything and otherwise impact their environments. Experts say most production servers and webservers hosting production websites are likely not running MD5; it s second-tier development servers that are the outlying issue here and a tempting target for a hacker.
Source: https://threatpost.com/microsoft-starts-countdown-on-eliminating-md5/101994/