New Microsoft ACS requirements for endpoint protection solutions

In late 2021, Microsoft introduced functionality in the various versions of the Windows Operating System for Azure Code Signing (ACS) requirements.

Microsoft is making ACS mandatory for endpoint protection vendors on Windows platforms. Many of our endpoint protection software vendors are updating their software in line with this requirement. For instance, the upcoming releases of Sophos Intercept X and Intercept X for Server will comply with the ACS requirements.

This change will not impact you if you regularly apply Windows Updates to your Endpoints and Servers. New installations and updates may fail if your Windows device is not running a Windows version that complies with ACS.

What is Azure Code Signing?

Azure Code Signing is a fully managed service for code signing. It leverages digest signing and is managed as an Azure resource. To initiate, you need only go to the Code Signing Accounts resource and enter your organisation’s information. All the keys and certificates are managed through Microsoft’s Certificate Authorities which are part of the Microsoft Trusted Root Program and meet the WebTrust Certification. The best part is that it is easily integrated with Visual Studio, GitHub, Windows SDK SignTool and more. You can implement a seamless signing workflow as part of your build and release pipeline.

Fill out the form below to find out more about endpoint protection or Microsoft Azure.