Starting March 12 Microsoft will be rolling out a patch to disable Secure Hash Algorithm 1 (SHA-1) code-signing encryption for windows update on Windows 7 and Windows server 2008. Currently both SHA-1 and SHA-2 hash algorithms are being used by Windows updates allowing the older OS’s (Windows 7 and Server 2008) to receive updates.
Devices will be required to install the update before July of 2019 to be able to continue to receive updates before they go out of support in January of 2020.
This is the latest effort in Microsoft’s phaseout of SHA-1, before that support was discontinued in both the Edge and Explorer browsers.
“Due to weaknesses in the SHA-1 algorithm and to align to industry standards, Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively [after July 19],” the computing giant said in a Feb. 15 notice. “Any devices without SHA-2 support will not be offered Windows updates after July 2019.”