By Kurt Mackie and Azure Security News
Microsoft this week repeated some patch warnings to IT pros, with a couple of milestones coming up soon.
There’s a deadline for organizations maintaining systems with Microsoft 365 Apps. Another deadline concerns the use of Microsoft Defender Advanced Threat Protection (ATP) on older Windows systems with the Secure Hash Algorithm-1 (SHA-1) protocol.
There could be patching problems for some organizations maintaining computing environments with Microsoft 365 Apps because of some name changes that Microsoft made previously, Microsoft warned in an announcement. Likewise, there are potential issues ahead for organizations using Microsoft Defender Advanced Threat Protection with the outdated Windows 7 or Windows Server 2008 R2 operating systems if they still use the insecure Secure Hash Algorithm-1 (SHA-1) protocol, Microsoft warned in another announcement.
Microsoft 365 Apps Warning
Microsoft changed the name of its Office 365 ProPlus productivity suite to “Microsoft 365 Apps,” and then altered the channel update names. These changes were announced back in May.
Now, those name changes could trip up IT pros if they have automatic deployment rules in place that still reference the old product and channel names, Microsoft warned.
In essence, the Microsoft Update Catalog incorporated the Microsoft 365 Apps name changes back on June 18, 2020. With “update Tuesday” coming up on July 14, organizations still referencing the old names in their automatic deployment rules could miss out on some update deliveries.
“Microsoft 365 Apps updates released on July ‘patch Tuesday’ on the 14th will of course be published using the new channel and product names,” Microsoft explained.
Microsoft’s warning just applies to organizations with automatic deployment rules in place that referenced the title field, as it could be pointing to the old names.
SHA-2 Enforcement on Older Windows Systems
Microsoft Defender ATP is moving to support SHA-2 encryption for the outdated Windows 7 and Windows Server 2008 R2 OSes. The key date for the end of SHA-1 support will be Aug. 17, 2020, when agents will stop sending the SHA-1 data to Windows Defender ATP.
Microsoft recommends that organizations using Microsoft Defender ATP with those older Windows OSes should “install SHA-2 signing.” They should also “update to the latest version of the Log Analytics Windows agent,” Microsoft advised.