@Girish Prajwal - Apologies for delayed response. Below is the information I could gather for your queries , requesting you to review it.
• I am unsure which Azure Service needs the latest Certificates updated
Would request you to please review “Will this change affect me” section in the documentation and see if you are running one of those specific scenarios. Most customers will not be affected, and this is more of an informational notification.
• How did my colleague who has reader permissions on few of the subscription receive the alert and not me as I have owner access on over 25 subscriptions in
our environment
Notifications have been sent via Azure Portal notification and Email. If your colleague as a reader got the notification, most likely it might have been from a
service health alert. Email notifications have been sent to the account admin or subscription admin. If your email is not email enabled for these roles, there
could be a possibility that it might be bounced.
• I cannot go through all services checking on thumbprints of the certificates
We expect that most Azure customers will not be impacted. However, your application may be impacted only if it explicitly specifies a list of acceptable CAs. This
practice is known as certificate pinning.
Hope the above information helps, please revert back if you have any further queries. Thank you.