Microsoft has been slowly phasing out the use of SHA-1 over the past year, and will finally remove all downloads signed with the old hashing algorithm from the Microsoft Download Center.
For years, security experts have warned about weaknesses in the SHA-1 algorithm, and urged switching to stronger cryptographic methods in order to protect online data and communications. Microsoft has been warning about making this transition since 2016, and began signing Windows Update with SHA-2 in March 2019. Microsoft’s latest move is to stop offering Windows downloads signed using the SHA-1 algorithm on Aug. 3, Microsoft said in an alert.
"To support evolving industry security standards, and continue to keep you protected and productive, Microsoft will retire content that is Windows-signed for Secure Hash Algorithm 1 (SHA-1) from the Microsoft Download Center on August 3, 2020," Microsoft said.
Switching away from SHA-1 has been in the works for a long time. Major browsers started blocking websites using certificates signed with SHA-1 in 2017. Apple removed SHA-1 from iOS 13 and macOS Catalina. OpenSSH deprecated SHA-1 for its login process earlier this year. After Microsoft stopped using SHA-1 to sign and authenticate updates, it stopped updating devices without SHA-2 support.
SHA-1 is a legacy cryptographic hash that many in the security community believe is no longer secure," Microsoft said. "Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.
A team of academic researchers illustrated what a collision attack to crack SHA-1 would look like back in 2016. The National Institute of Standards and Technology decided there were too many problems with the hash function to be used by the United States government in 2015. In early 2017, a Google cryptographers disclosed SHAttered, a practical, real-world attack method to generate the same SHA-1 file hash for two different files. These collision attacks were originally considered computationally expensive, except for the fact that researchers were able to identify a method which made these attacks far cheaper. Last May, researchers cut down the cost of a SHA-1 collision attack ot under $110,000, and researchers brought the cost down even further, to under $50,000, earlier this year.
The slow pace of the transition should mean that the change should have little-to-no impact on users and administrators. Anyone who has downloaded and installed a Windows update over the past year clearly supports SHA-2 and should be unaffected by the change. Users will no longer be able to use the older versions.
“If you are still reliant upon SHA-1, we recommend that you move to a currently supported version of Windows and to stronger alternatives, such as SHA-2,” Microsoft said.