Back in October 2014, Microsoft released 2949927 update to add functionality for SHA-2 signing and verification due a weakness in SHA-1 for Windows 7 and Windows Server 2008 R2. But, due to problems customers had with the update, the company removed it.
Incidentally, the SHA-2 functionality is already integrated into Windows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT, and Windows RT 8.1, so the update is not needed for these OS versions. However, the capability does not exist in Windows Server 2003, Windows Vista, and Windows Server 2008, but this newly released update is not applicable to these versions.
One big word of caution – this update shares binaries with one of this month's security updates, MS15-025 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680), so there's a specific installation order required.
If using automatic updates, the Windows Update mechanism will take care of the proper installation order. But, if you are deploying manually or using a staged deployment solution like System Center Configuration Manager, you need to observe the order. Update 3035131 (which is being released simultaneously with MS15-025, needs to be installed first, and then update 3033929.
More information and guidance can be found in Microsoft Security Advisory 3033929.
UPDATE: Reports are already starting to suggest that there may be problems with 3033929. It fails with error code 80004005 and puts computers into a reboot loop. We'll update you with more as it becomes available.