LSW Posted January 15, 2019 Report Posted January 15, 2019 Reminder: Microsoft to end support for Windows 7 in 1-year from today https://thehackernews.com/2019/01/microsoft-windows-7-support.html Quote A new reminder for those who are still holding on to the Windows 7 operating system—you have one year left until Microsoft ends support for its 9-year-old operating system. So it's time for you to upgrade your OS and say goodbye to Windows 7, as its five years of extended support will end on January 14, 2020—that's precisely one year from today. After that date, the tech giant will no longer release free security updates, bug fixes and new functionalities for the operating system that's still widely used by people, which could eventually leave a significant number of users more susceptible to malware attacks. Quote
LSW Posted February 25, 2019 Author Report Posted February 25, 2019 Microsoft to Kill Updates for Legacy OS Using SHA-1 https://threatpost.com/microsoft-updates-os-sha-1/142000/ Quote Microsoft is in the process of phasing out use of the Secure Hash Algorithm 1 (SHA-1) code-signing encryption to deliver Windows OS updates – announcing that customers running legacy OS versions will be required to have SHA-2 code-signing support installed on their devices by July 2019. No SHA-2 support, no more updates: This will hold true for users of Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2008 SP2, and some older versions of Windows Server Update Services. Windows for now uses both the SHA-1 and SHA-2 hash algorithms to authenticate its updates and prevent man-in-the-middle tampering, with newer systems supporting only SHA-2, and older ones only SHA-1. However, SHA-2 upgrades will roll out to the affected products over the course of several months, beginning March 12. [See additional Link - LSW] Microsoft delays Windows 7's update-signing deadline to July https://www.computerworld.com/article/3341394/microsoft-windows/microsoft-delays-windows-7s-update-signing-deadline-to-july.html Quote Microsoft has revised its schedule to dump support for an outdated cryptographic hash standard by postponing the deadline for Windows 7. Microsoft, like other software vendors, digitally "signs" updates before they are distributed via the Internet. SHA-1 (Secure Hash Algorithm 1), which debuted in 1995, was declared insecure a decade later, but it was retained for backward-compatibility reasons, primarily for Windows 7. Microsoft wants to ditch SHA-1 and rely only on the more-secure SHA-2 (Secure Hash Algorithm 2). Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.