vulnerability
Microsoft ADV180005: Document signing deprecation in XPS Viewer
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
9 | (AV:N/AC:L/Au:N/C:C/I:C/A:N) | 02/13/2018 | 08/21/2019 | 02/18/2025 |
Description
Microsoft has deprecated the Document Signing functionality in XPS Viewer. This functionality relied upon the SHA-1 algorithm and is part of our overall effort to remove this algorithm from our products. This change impacts XPS Viewer on all supported versions of Windows.
FAQ
1. I need to use this deprecated functionality. Is there a way to enable it?
Yes. Please create the following registry entry:
[HKEY_CURRENT_USER\Software\Microsoft\XPSViewer] "EnableDigitalSignatures"=dword:00000001
2. What risks am I accepting by using SHA-1 based document signing?
SHA-1 is a legacy cryptographic hash that many in the security community believe is no longer secure. Using the SHA-1 hashing algorithm in document signing could allow an attacker to spoof content, perform phishing attacks, or otherwise manipulate content of a document. Microsoft, in collaboration with other members of the industry, is working to phase out the SHA-1 algorithm and to warn consumers of the possible risk when they encounter websites using the SHA-1 algorithm.
Solution(s)

Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.