Microsoft security advisory: SHA-1 deprecation for SSL/TLS certificates: May 9, 2017

Applies to: Windows Server 2016 DatacenterWindows Server 2016 EssentialsWindows Server 2016 Standard


Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To learn more about the vulnerability, see Microsoft security advisory (4010323): SHA-1 deprecation for SSL/TLS certificates.

More Information


  • All future security and non-security updates for Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update


Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Get security updates automatically.

This fix is included in the following updates: