To help prepare you for this change, we will release support for SHA-2 signing in 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. "Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. These updates will be installed automatically and should not be prevented as doing so will cause Windows Update to no longer work in the future. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively."Īs both Windows 7 SP1 and Windows Server 2008 R2 SP1 do not support SHA-2 code-signing certificates, Microsoft has stated that they were going to release an update that would introduce this feature into the operating systems.Īs part of the March 2019 Patch Tuesday updates, Microsoft released updates KB4490628 and KB4474419 to add SHA-2 support to both Windows 7 SP1 and Windows Server 2008 R2 SP1. "To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. As there are flaws in the SHA-1 algorithm that make it less secure, Microsoft has stated that starting on July 16th 2019, Windows updates will only be signed using the SHA-2 algorithm going forward. If this update is not installed, these Windows operating systems will no longer be able to receive Windows updates starting on July 16th, 2019.Ĭurrently all Windows updates are dual signed with both SHA-1 and SHA-2 code signing certificates. An update was released today that adds SHA-2 code signing support to Windows 7 SP1 and Windows Server 2008 R2 SP1.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |