All major Microsoft services will exclusively use SHA-2 from next month

Secure Hash Algorithm 1 (SHA-1) is a 25-year-old method of generating hashes using a cryptographic function. Google successfully managed to demonstrate the weaknesses of the algorithm in 2017 and major browsers also began to block websites using SHA-1 certificates. Similarly, Apple dropped support for it in 2019.

Microsoft has announced that all its major services and processes will be exclusively using SHA-2 from next month.

Background image of micro circuit with binary code via Shutterstock

As the name suggests, SHA-2 is an enhanced version of SHA-1, and is more secure and performant. As such, Microsoft will allow the SHA-1 Trusted Root Certificate Authority (CA) to expire, and all major processes such as TLS certificates, file hashing, and code signing will exclusively use SHA-2 from May 9, 2021 at 4PM PT.

This move is not particularly surprising considering that in 2019, Microsoft enforced Windows updates signing via SHA-2 and deprecated SHA-1 signed content from the Download Center in late 2020 too.

Microsoft says that the expiration will only impact SHA-1 certificates that are linked to the associated Root CA. However, certificates that are manually signed using SHA-1 by enterprises themselves will not be impacted. That said, it is obviously recommended that organizations migrate to SHA-2 as well.

Overall, the Redmond tech giant considers the move to be quite "uneventful" as it says that it has done full-fledged testing of major applications and potential issues. Regardless, if organizations face problems, they are recommended to peruse Microsoft"s dedicated support article or reach out to the firm"s technical teams.

Report a problem with article
Next Article

Games with Gold: Hard Corps: Uprising and Truck Racing Championship are now free

Previous Article

Uber partners up with Marriott to introduce in-app reward collecting system