SHA-2 required compatibility

Microsoft announced deprecation of Secure Hash Algorithm 1 (SHA-1) and started migration process to SHA-2 in early 2019. Therefore, all certificates signed with the SHA-1 algorithm will no longer be recognized and will cause security alerts. Unfortunately, the security of the SHA-1 hash algorithm has become less secure over time due to weaknesses found in the algorithm, increased processor performance, and the advent of cloud computing.

The SHA-2 hashing algorithm (as a successor to SHA-1) is now the preferred method to guarantee SSL security durability. See Microsoft Docs article about Hash and Signature Algorithms exlink for further details.


NOTE

This change means that on operating systems without SHA-2 support, your ESET security solution will no longer be able to update its modules, including the detection engine, ultimately making your ESET Security for Microsoft SharePoint not fully functional and unable to provide sufficient protection.

If you are running Microsoft Windows Server 2008 R2 SP1, Microsoft Windows Small Business Server 2011 SP1, ensure your system is compatible with SHA-2. Apply the patches according to your particular operating system version as follows:

Microsoft Windows Server 2008 R2 SP1 — apply KB4474419 exlink and KB4490628 exlink (an additional system restart might be necessary)

Microsoft Windows Small Business Server 2011 SP1 (x64) — apply KB4474419 exlink and KB4490628 exlink (an additional system restart might be necessary)


IMPORTANT

Once you have installed the updates and restarted your system, open ESET Security for Microsoft SharePoint GUI to check its status. In case the status is orange, perform an additional system restart. The status should then be green indicating maximum protection.


NOTE

We strongly recommend that you install the latest Service Pack for your Microsoft Server operating system and server application. We also recommend that you install the latest Windows updates and hotfixes whenever available.