Microsoft has announced its intention to remove from Download Center all Windows downloads that have been signed with Secure Hash Algorithm 1 (SHA-1). This will happen on August 3, and the reason for this decision lies in the fact that the SHA-1 algorithm is unreliable and can expose users to danger in the event of attacks from malefactors.
“SHA-1 is an outdated hashing algorithm that many security professionals believe is no longer able to provide adequate security. The use of SHA-1 in digital certificates could allow attackers to modify content to conduct phishing campaigns or man-in-the-middle attacks.“, – said in a message from Microsoft.
It is worth noting that Microsoft recommended abandoning the use of SHA-1 for signing digital certificates back in 2013. Despite the fact that the description of cracking the functions of the SHA-1 algorithm appeared in 2005, the first successful attack on its basis was carried out only in 2017, when information security researchers managed to create two files with the same SHA-1 hash.
The security concerns of the SHA-1 algorithm have forced Microsoft and many other developers to abandon the algorithm for generating certificates. Currently, it is recommended to use the SHA-2 algorithm for signing digital certificates, which is considered more secure. For example, devices without SHA-2 support stopped receiving Windows updates last summer.
If you notice an error, select it with the mouse and press CTRL + ENTER.