21 November 18, 07:38
![[Image: windows-7-server-2008-code-signing.png]](https://www.ghacks.net/wp-content/uploads/2018/11/windows-7-server-2008-code-signing.png)
Quote:Microsoft plans to release an update early next year for the company's Windows 7 and Windows Server 2008 operating systems that add support for SHA-2 update handling to them.Full reading: https://www.ghacks.net/2018/11/20/runnin...his-patch/
Updates are delivered using SHA-1 and SHA-2 currently. SHA-1 is a hashing algorithm with known weaknesses and Microsoft plans to do away with SHA-1 support in April 2019 to use SHA-2, an improved hashing algorithm, exclusively going forward.
While that is no problem for Windows 8.1, Windows 10, or the server equivalents, it is one for devices running Windows 7 or Windows Server 2008. The reason is simple: SHA-2 is not supported by these operating systems when it comes to updates.
Any update that is delivered as SHA-2 exclusively, better, signed using SHA-2, can't be verified on Windows 7 or Windows Server 2008 devices. Means, these updates don't get installed on devices running these versions of Windows anymore unless the SHA-2 update patch is installed first.
![[-]](https://www.geeks.fyi/images/collapse.png)
