Microsoft Edge and IE11 won’t support websites with SHA-1 certification

khushaartanveer@gmail.com' By: Khushaar Tanveer
2 minute read

Microsoft has recently announced their plans to abandon support for TLS certificates signed by the SHA -1 hashing algorithm starting February of 2017. Microsoft further acknowledged that numerous websites, users, and third-party applications will be severely affected once the company deplores SHA-1 signed certificates.

Starting on February 14th, 2017, Microsoft Edge and Internet Explorer 11 will prevent sites that are protected with a SHA-1 certificate from loading and will display an invalid certificate warning. Though we strongly discourage it, users will have the option to ignore the error and continue to the website, said Microsoft in is blog post.

The revelation is not exactly news: the company hinted as much back in November.

The SHA-1 hashing algorithm, used for internet security in conjunction with with the HTTPS protocol and certificates used to protect Web sites, has been declared unsafe and vulnerable to attacks from well-funded adversaries back since 2005 but was largely utilized before until the SHA-2 and SHA-3 algorithms that were tested to be more secure alternatives for hashing functionalities came along. The initiative is not a new one and the function has previously been denounced and rejected by Google and Mozilla for being more prone to cryptographic collisions than estimated.

Microsoft has detailed that their browsers, Edge and the Internet Explorer, will now prevent sites using SHA-1 signed certificates from loading and will display an “invalid certificate” warning in order to restore security back to the services. Although users won’t be compelled to skip the sites, they will have the option to bypass the threat and access the potentially vulnerable website despite the warning, just without the “bar lock” trust icon that users see in the address bar of their browsers.

Third-party Windows applications running the Windows SHA-1 cryptographic API set or former versions of Internet Explorer will not be affected by these changes.

RELATED STORIES YOU NEED TO CHECK OUT:

Next up

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Windows 7 KB4457139 makes it easier to upgrade to Windows 10

By: Madeleine Dean
2 minute read

Microsoft released a new Windows 7 update to the general public. Update KB4457139 is actually a preview of the upcoming monthly rollup update and allows users […]

Continue Reading

Discussions