Microsoft Defender ATP running on Windows 7 and Windows Server 2008R2 is moving to exclusively use SHA-2 signing, which will help drive greater security for our customers.
This change does not require any action unless you are running Microsoft Defender ATP on Windows 7 or Windows Server 2008 R2.
Customers that are running on these OS versions are required to take the following actions before November 2, 2020 or their agents will stop sending data to Microsoft Defender ATP:
- Install the SHA-2 signing Windows updates for your OS as described in 2019 SHA-2 Code Signing Support requirement for Windows and WSUS
- Update to the latest version of the Log Analytics Windows agent (Windows 64-bit agent or Windows 32-bit agent)
More information about SHA-2 signing enforcement is available in the documentation.
For further questions, please feel free to reach out Microsoft Defender ATP Support.
Thank you,
The Microsoft Defender ATP team
