Microsoft is switching to SHA-2 for Windows updates


Users who are still using an older Windows 7 or Windows Server 2008, have to install an update for SHA-2 in the coming months, otherwise there will be no updates for the systems from the summer.
The operating system updates for its Windows systems, Microsoft will in the future sign only with a SHA-2 algorithm. Users who are using the legacy Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 systems must therefore install an update that adds support for SHA-2
Details can be found in a support entry from Microsoft , which journalist Mary Jo Foley first pointed out . Accordingly, the stand-alone updates will be deployed for the first time on March 12 and on April 9 for Windows Server 2008 SP2. The updates will have to be uploaded by next July. Devices that have not installed the SHA-2 upgrade at this time will no longer be offered Windows updates. After all, the devices will not be able to verify the updates anyway.
For current systems, Microsoft is already using both SHA-1 and SHA-2 to sign the updates. The SHA-2 upgrade to SHA-2 for Windows 10 and Windows Server 2019, scheduled for July, should not be noticed by users as their systems already support SHA-2 signatures. The SHA-2 conversion for the other operating system versions will follow in several steps. The exact schedule is listed in the support entry
Microsoft justifies the move with general weaknesses of SHA-1. These have been known for years and have been practically proven by Google about two years ago The company also wants to adapt to industry standards by changing the signature algorithm, Microsoft writes. Other projects are also making similar adjustments, so Git is currently switching from SHA-1 to SHA-256, though the transition is not that easy. Various Linux distributions have also been using SHA-2 hashes for years to verify the integrity of packets and images
Articleposted onThe operating system updates for its Windows systems, Microsoft will in the future sign only with a SHA-2 algorithm. Users who are using the legacy Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 systems must therefore install an update that adds support for SHA-2

Post a Comment

0 Comments