Get a Pentest and security assessment of your IT network.

Cyber Security

Microsoft to remove all Windows downloads signed with SHA-1

Microsoft is removing all Windows downloads from the Microsoft Download Center that are signed using SHA-1 certificates on August 3rd, 2020. Security researchers released a report in 2015 that found that the algorithm is vulnerable to collision attacks that could allow attackers to create forgeries of digital certificates to impersonate a company or another website. These forgeries can then be used in phishing attacks, to spoof companies, or in man-in-the-middle attacks to listen in on encrypted network sessions. Microsoft and other developers have been moving away from SHA1 certificates and requiring SHA-2 to be used to install Windows updates.

Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-all-windows-downloads-signed-with-sha-1/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation