How many organizations may have overlooked or delayed the migrations of SHA-1 certificates in internal environments? They are hard to find, hard to track, harder to monitor, and may not have expiration dates that would drive migration.
Everyone who didn’t feel they had to worry too much about replacing those hard-to-find internal SHA-1 certificates will now have to start worrying. Microsoft is in the process of phasing out the use of the Secure Hash Algorithm 1 (SHA-1) code-signing encryption to deliver Windows OS updates. On February 15th, 2018, Microsoft announced that customers running legacy OS versions will be required to have SHA-2 code-signing support installed on their devices by July 2019.