Microsoft is planning to stop using SHA-1 algorithm when signing their updates (to prove they were not tampered with). Based on support article though it seems it only affects older, stand alone version of WSUS (3.0 SP2). If you are using WSUS as a role on Windows Server 2012 or higher, it should be 4.0 version and probably already supporting SHA-2. Anyway, there is still time before the switch. Microsoft should release SHA-2 support for 3.0 version of WSUS and older operating systems (Windows 7, Windows Server 2008/R2) in March/April of 2019 as security updates and the switch to use only SHA-2 signing will be executed on June 18, 2019.