Microsoft Download Center
| Microsoft Download Center | |
| |
| URL | https://www.microsoft.com/en-us/download/default.aspx |
| Status | Special case |
| Archiving status | In progress... |
| Archiving type | Unknown |
| Project source | microsoft-download-center-grab |
| Project tracker | microsoft-download-center |
| IRC channel | #archiveteam-bs (on hackint) |
| Data[how to use] | archiveteam_microsoft_download microsoft_download_center_pages_202008 |
The Microsoft Download Center is one of Microsoft's platforms to distribute software and patches. Announcements of changes and various removals can be found here[IA•Wcite•.today•MemWeb].
2020 removal of SHA-1-signed content
On 2020-07-28, Microsoft published the following announcement[1]:
SHA-1 Windows content to be retired August 3, 2020
To support evolving industry security standards, and continue to keep you protected and productive, Microsoft will retire content that is Windows-signed for Secure Hash Algorithm 1 (SHA-1) from the Microsoft Download Center on August 3, 2020. This is the next step in our continued efforts to adopt Secure Hash Algorithm 2 (SHA-2), which better meets modern security requirements and offers added protections from common attack vectors.
SHA-1 is a legacy cryptographic hash that many in the security community believe is no longer secure. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.
Microsoft no longer uses SHA-1 to authenticate Windows operating system updates due to security concerns associated with the algorithm, and has provided the appropriate updates to move customers to SHA-2 as previously announced. Accordingly, beginning in August 2019, devices without SHA-2 support have not received Windows updates. If you are still reliant upon SHA-1, we recommend that you move to a currently supported version of Windows and to stronger alternatives, such as SHA-2.
This announcement was hidden away in their community forums and only made less than a week before the removal. Notably, no notice was shown anywhere in the Download Center itself.
Archival
There does not appear to be any way to determine whether a particular file is affected without downloading and analysing it. Therefore, we decided to simply archive everything on the MDC. User:JustAnotherArchivist retrieved all info and download pages with qwarc (microsoft_download_center_pages_202008). The actual files were retrieved in the microsoft-download-center DPoS project (archiveteam_microsoft_download) and partially by mgrandi ([1]). Or1dow6 created an index of the former at microsoft_download_center_html_index_2020-08.
A continuous archival of new files is planned by User:JustAnotherArchivist but not yet operational.