According to the report, Windows 7 and Windows Server 2008 R2 and WSUS will require an extraordinary update from March 2019, which will empower the machine to deal with SHA-2 code signatures. Without this update, these machines can never again process updates.
Microsoft says a devoted patch will be given to encourage the change from SHA-1 to SHA-2 on March 12. Clients who wouldn’t install the SHA-2 fix won’t be given security refreshes updates July 2019.
Support for Windows 7 will arrive at an end in January 2020, so gadgets without this fix would be left without security updates some a large portion of a year sooner.
“To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively,” Microsoft explains in a technical support document.
Microsoft is making progress toward the accompanying schedule to give SHA-2 support.
- March 12, 2019 Stand Alone updates for Windows 7 SP1 and Windows Server 2008 that introduce SHA-2 code sign support will be released as security updates.
- March 12, 2019 Stand Alone for WSUS 3.0 SP2 update will be delivered to WSUS 3.0 SP2 that will support delivering SHA-2 signed updates. For those customers using WSUS 3.0 SP2, this update should be installed no later than June 18, 2019.
- April 9, 2019 Stand Alone for Windows Server 2008 updates that introduce SHA-2 code sign support will be released as security updates.
Clients who have programmed automatic updating enabled and arranged to check online for updates from Microsoft Update regularly won’t have to make any movie since this security update will be downloaded and installed automatically.
Clients who have not empowered programmed automatic updating need to check for updates and install this update manually. Machines with Windows 8.1 and Windows 10 are not influenced by this change, SHA-2 support is now coordinated.