diff --git a/lib/strerror.c b/lib/strerror.c
index 5fb0bd341d..7d27e8661e 100644
--- a/lib/strerror.c
+++ b/lib/strerror.c
@@ -649,14 +649,15 @@ const char *Curl_sspi_strerror(SECURITY_STATUS err, char *buf, size_t buflen)
                    "SEC_E_ILLEGAL_MESSAGE (0x%08lx) - This error usually "
                    "occurs when a fatal SSL/TLS alert is received (e.g. "
                    "handshake failed). More detail may be available in "
-                   "the Windows System event log.", err);
+                   "the Windows System event log.", (unsigned long)err);
   }
   else {
     char msgbuf[256];
     if(curlx_get_winapi_error((DWORD)err, msgbuf, sizeof(msgbuf)))
-      curl_msnprintf(buf, buflen, "%s (0x%08lx) - %s", txt, err, msgbuf);
+      curl_msnprintf(buf, buflen, "%s (0x%08lx) - %s", txt, (unsigned long)err,
+                     msgbuf);
     else
-      curl_msnprintf(buf, buflen, "%s (0x%08lx)", txt, err);
+      curl_msnprintf(buf, buflen, "%s (0x%08lx)", txt, (unsigned long)err);
   }
 #else /* CURLVERBOSE */
   if(err == SEC_E_OK)
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index f0b6780fca..6a6fc28800 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -458,7 +458,8 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
     if(status == SEC_E_OK)
       output_token_len = chlg_buf[4].cbBuffer;
     else { /* delete the context so a new one can be made */
-      infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx", status);
+      infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx",
+            (unsigned long)status);
       Curl_pSecFn->DeleteSecurityContext(digest->http_context);
       curlx_safefree(digest->http_context);
     }