Due to the weaknesses found in the SHA-1 code-signing algorithm, SHA-2 is now the preferred method. To protect the security of the Windows operating system, Microsoft has adopted the use of SHA-2 algorithm exclusively. More information can be found in this Microsoft article: 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
For Windows 7 or Windows Server 2008 R2, it requires to apply Microsoft patches to support SHA-2 code signing. For details, refer to the KB article: Microsoft Patches for Windows 7 or Windows Server 2008 R2 Virtual Analyzer Image used by Trend Micro Deep Discovery Products.
To check if the necessary patches are applied or not on the Virtual Analyzer, do the following:
- Import the virtual machine image (ova file) into Virtual Box.
- Start the virtual machine.
Run a PowerShell in the virtual machine.
- Windows 7: Click “Run..” from the start menu, and type “powershell” on the open field.
- Windows Server 2008 R2: Click Windows PowerShell Modules on the Start menu.
Type “Get-Hotfix” on the powershell window, confirm the output. You will see applied Patch’s KB number as the Hotfix ID.
Check if the following patches are applied: