Microsoft announced on Thursday (6/17) that Windows Update will no longer publish driver updates for Windows 7 SP1, Windows Server 2008, and Windows Server 2008 R2, effective immediately. However, organizations participating in Extended Security Updates (ESU) can still use Windows Server Update Services (WSUS) to deploy relevant driver updates.
One of the reasons is that the SHA-1 Trusted Root Certificate Authority certificate used by these three operating systems expired on May 9th and Microsoft no longer uses SHA-1. This has led to some driver suppliers releasing drivers based on incompatible SHA-2 signatures to unpatched Windows devices, resulting in functionality downgrades or longer boot times for the devices.
To reduce the impact of these incompatibilities, Microsoft has decided to no longer publish SHA-2 signed drivers for Windows 7 SP1, Windows Server 2008, and Windows Server 2008 R2 on Windows Update.
Microsoft has stated that its support for the aforementioned operating systems ended on January 14th last year, and this change is intended to reduce disruption for users who continue to use these platforms.
