SHA-1 and SHA-2 are the digest algorithms of the code signing certificate used by Seqrite to sign the code of its products. According to an announcement, Microsoft will no longer allow certificate providers to issue SHA-1 supported certificates.
Seqrite has been using dual (SHA-1 & SHA-2) code-signing for its products that DigiCert provides. DigiCert discontinued issuing SHA-1 code signing certificates from Dec 1, 2020, and the validity of the SHA-1 certificate used for code signing of Seqrite Endpoint product will expire on June 4, 2021.
Product Code-Signing Changes
All new software packages, hotfixes, or security patches of Seqrite products created after June 4 2021 will use only the SHA2 Certificate for code-signing.
What do I need to do?
To continue receiving protection and feature updates, take the required actions as per your operating system:
- Windows 7, Windows Server 2008, and Windows Server 2008 R2
- Windows 8 and above
- No action is required.
- Windows Server 2012 and above
- No action is required.
- Windows XP and Windows Server 2003
- No action is required.
- Windows Vista
- The latest Seqrite products and feature updates (fixes and enhancements) code-sign with SHA-2 certificate will not be supported
- Users will continue to receive only virus definitions.
- We recommend customers having Windows Vista upgrade to the latest operating systems.
Recommendation
We recommend using the latest version of operating systems to avoid the risk of exploits targeting vulnerabilities of the operating system. Windows operating systems that Microsoft no longer supports can be potentially vulnerable as security patches/updates are not released for this operating system by Microsoft.
Reference
Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2
Seqrite Support
Still, have queries? You can reach out to us at 1800-212-7377 or to chat with an expert for assistance, please click here.
No Comments