Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.0089
Deprecation of SHA-1 Hashing Algorithm for Microsoft Root
Certificate Program
13 January 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Microsoft Windows
Publisher: Microsoft
Operating System: Windows
Impact/Access: Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
Original Bulletin:
https://technet.microsoft.com/en-us/library/security/3123479
- --------------------------BEGIN INCLUDED TEXT--------------------
Microsoft Security Advisory 3123479
Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program
Published: January 12, 2016
Version: 1.0
Executive Summary
Microsoft has released a SHA-1 code sign deprecation change effective January
1, 2016, focused on client activity that can only occur when a customer
downloads files from the Internet. This change is specific to a new default
setting for Windows and customers can override or augment the default settings
in their environment.
For customers running either Internet Explorer or Microsoft Edge who download
a SHA-1 signed file from the Internet that is timestamped and released on
January 1, 2016, or later, SmartScreen will mark the file as not trusted. This
status does not prevent customers from downloading the file or running these
browsers on their computers. But customers are warned of the not trusted
status of the file.
This change only affects Mark-of-the-Web (MOTW) files downloaded from the
Internet. Files timestamped before January 1, 2016, will continue to be
trusted. Drivers with signatures verified by Code Integrity are not affected
by this change. To conform to the latest requirements for driver signing, see
the Windows Hardware Certification blog.
Advisory Details
Issue References
For more information about this issue, see the following references:
General Information
Windows Enforcement of Authenticode Code Signing and Timestamping
Technical Requirements
Protecting Against Weak Cryptographic Algorithms
Affected Software
This advisory applies to the following operating systems:
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows Server 2012
Windows Server 2012
Windows 8.1
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012 R2
Windows Server 2012 R2
Windows 10
Windows 10 for 32-bit Systems[1]
Windows 10 for x64-based Systems[1]
Windows 10 Version 1511 for 32-bit Systems[1]
Windows 10 Version 1511 for x64-based Systems[1]
Server Core installation option
Windows Server 2008 R2 for x64-based Systems (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
[1]The Windows 10 update is cumulative. In addition to containing non-security
updates, it also contains all of the security fixes for all of the Windows
10-affected vulnerabilities shipping with given months security release. The
update is available via the Windows Update Catalog. See Microsoft Knowledge
Base Article 3097617 for more information and download links.
Advisory FAQ
What is the scope of the advisory?
This advisory aims to assist customers in assessing the risk of certain
applications that use X.509 digital certificates that are signed using the
SHA-1 hashing algorithm and to recommend that administrators and certificate
authorities begin using SHA-2 in place of SHA-1 as an algorithm for signing
digital certificates.
Is this a security vulnerability that requires Microsoft to issue a security
update?
No. A signing mechanism alternative to SHA-1 has been available for some time,
and the use of SHA-1 as a hashing algorithm for signing purposes has been
discouraged and is no longer a best practice. Microsoft will however evaluate
any opportunities to strengthen technologies to detect fraudulent
certificates. Although this is not a vulnerability in a Microsoft product,
Microsoft is issuing this advisory to help clarify the actual risk involved to
customers.
What causes this threat?
The root cause of the problem is a known weakness of the SHA-1 hashing
algorithm that exposes it to collision attacks. Such attacks could allow an
attacker to generate additional certificates that have the same digital
signature as an original. These issues are well understood and the use of
SHA-1 certificates for specific purposes that require resistance against these
attacks has been discouraged. At Microsoft, the Security Development Lifecycle
has required Microsoft to no longer use the SHA-1 hashing algorithm as a
default in Microsoft software. For more information about SHA-1 collision
weakness, see The SHAppening: freestart collisions for SHA-1.
What is a digital certificate?
In public key cryptography, one of the keys, known as the private key, must be
kept secret. The other key, known as the public key, is intended to be shared
with the world. However, there must be a way for the owner of the key to tell
the world who the key belongs to. Digital certificates provide a way to do
this. A digital certificate is an electronic credential used to certify the
online identities of individuals, organizations, and computers. Digital
certificates contain a public key packaged together with information about it
- - who owns it, what it can be used for, when it expires, and so forth. For
more information, see Understanding Public Key Cryptography and Digital
Certificates.
What is the purpose of a digital certificate?
Digital certificates are used primarily to verify the identity of a person or
device, authenticate a service, or encrypt files. Normally, there is no need
to think about certificates at all, aside from the occasional message stating
that a certificate is expired or invalid. In such cases, one should follow the
instructions provided in the message.
What is a certification authority (CA)?
Certification authorities are the organizations that issue certificates. They
establish and verify the authenticity of public keys that belong to people or
other certification authorities, and they verify the identity of a person or
organization that asks for a certificate.
Suggested Actions
Review Microsoft Root Certificate Program Policy Changes
Customers who are interested in learning more about the topic covered in this
advisory should review Windows Enforcement of Authenticode Code Signing and
Timestamping.
Update from SHA-1 to SHA-2
Certificate authorities should no longer sign newly generated certificates
using the SHA-1 hashing algorithm. Customers should ensure that their
certificate authorities are using the SHA-2 hashing algorithm to obtain SHA-2
certificates from their certificate authorities. To sign code with SHA-2
certificates, see the guidance on this topic at Windows Enforcement of
Authenticode Code Signing and Timestamping.
Impact of action: Older hardware-based solutions may require upgrading to
support these newer technologies.
Keep Windows Updated
All Windows users should apply the latest Microsoft security updates to help
make sure that their computers are as protected as possible. If you are not
sure whether your software is up to date, visit Windows Update, scan your
computer for available updates, and install any high-priority updates that are
offered to you. If you have Automatic Updates enabled, the updates are
delivered to you when they are released, but you have to make sure you install
them.
Other Information
Feedback
You can provide feedback by completing the Microsoft Help and Support form,
Customer Service Contact Us.
Support
Customers in the United States and Canada can receive technical support from
Security Support. For more information, see Microsoft Help and Support.
International customers can receive support from their local Microsoft
subsidiaries. For more information, see International Support.
Microsoft TechNet Security provides additional information about security in
Microsoft products.
Disclaimer
The information provided in this advisory is provided "as is" without warranty
of any kind. Microsoft disclaims all warranties, either express or implied,
including the warranties of merchantability and fitness for a particular
purpose. In no event shall Microsoft Corporation or its suppliers be liable
for any damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages, even if Microsoft
Corporation or its suppliers have been advised of the possibility of such
damages. Some states do not allow the exclusion or limitation of liability for
consequential or incidental damages so the foregoing limitation may not apply.
Revisions
V1.0 (January 12, 2016): Advisory published.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVpW2KX6ZAP0PgtI9AQKLKg//QlcMC6anG6ib/q/k+nsvjWyoLEpgHt1G
swaCwJjBXtR5hXMkS+02uLZGIMpGh4kGIbJQppLXh8paUMbS+MbsPsP2WU6TSpZV
tkrgZZY2LRViAENLgz4rn9fKCacI4UFGHX+BQEhOQ7LulY8kWK37/t/N1MWErVOo
3HmrMQbg0CMkKzHeZ4dRdmfc2PbcUJO84F5Pnux3STQkAkn5CBSknz8JbUTD7Td4
mp75tcNI/PMv2xqTchCC9T3Bks3gYm3VP1dm08Dw/VJqyy/wFfixiN/G0zgQK1+e
WJjSNY18UAWvVUzj2qualTYg1Ou+VQChHXaJ9oam3GJ2dBfjdJPz5pLG9eJGMK46
KUK2AMIkbX6GQiHPVlY7F7d2ZOA+N5gRd4Zo6O74BrLAj08BCogLPTF2vn337mfV
ULGKMpAcGHC4QPV/eGL5aicOOYTSXFM9CUPtNEjVCBuKmE1u9oltHiIZ4VQeGskL
xWQq7+9wXqe0X0jcrUFcDBvHWoCADlJm7OyOS0gScuPKMw24o/YnMb2pl/yQDeXC
rrI9hFuji1ark31X+xu2dLwtV8AQhH/L5W67LFEK1OsmsZ1Ul+TP0L4tHwkTlAiZ
sbiMGUarwW12i3L+whk3zG6ScjzJ9bOhb1qwHRplu4ncTQ7LPYvUnrPQzJtmrauw
VAm9meYw3Cg=
=ZEa2
-----END PGP SIGNATURE-----