Software components of EldoS Corporation have been signed by the digital certificate issued by Verisign.
Today we have received the following message from Symantec, the parent company of Verisign:
On Windows 7 platforms and above, the following are new guidelines from Microsoft:===
- Microsoft will no longer allow new SHA-1 code signing certificates to be used for signing files on Windows 7 and above starting Jan. 1, 2016.
- Files signed previously with a SHA-1 certificate will continue to work on Windows 7 and above for an additional year as long as they were time-stamped before January 1, 2016.
- Windows 7 and Server 2008 R2 will require a hotfix for SHA-256 support.
- Starting on Jan. 1, 2017, all SHA-1 signed files will be blocked on Windows 7 and above, regardless of when they were time-stamped.
In plain text this means, that no kernel-mode drivers, signed by our certificate, will work after Jan 1, 2017 (in a year).
We plan to address this problem by obtaining a new digital certificate and using it to sign the new versions of the drivers and other products in '2016. There is not technical possibility to re-sign old versions of the software that we distributed in previous years (including kernel-mode drivers). We will announce the transition to the new certificate separately.
What this means for youIf you are using any driver-based products, then during '2016 you are welcome to upgrade your licenses for EldoS products and migrate to new versions of these products.
If you are using SecureBlackbox, no special action is needed.
If you are using end-user software, updates during '2016 are needed for SFTP Net Drive, as it uses Callback File System drivers internally.