Well, whether md5 is broken or not depends on the application.<br><br>If you need to be sure that the message created by a trustworthy person, who also securely delivered the hash to you, was not altered by a malicious person - nothing is broken. Example: You received the md5 hash of a file you want to download via a secure channel. Now you download the file and compare it to the md5 hash. If it was altered by someone else you will still detect that.
<br>Nevertheless it's _widely_ recommended to start migrating to something more secure like sha256. Since at least two years, so you should already be in the process of abandoning md5. Priority probably depends on how long your solutions need to work and how high your security requirements are.
<br><br>But: If you cannot trust the person who created the message and got only a md5 hash, you cannot be sure that the person afterwards sends you the same message from which the hash was calculated. Funny example: <a href="http://www.win.tue.nl/hashclash/Nostradamus/">
http://www.win.tue.nl/hashclash/Nostradamus/</a> <br><br>The later attack on md5 exists at least since 2004. See <a href="http://web.archive.org/web/20070629090049/http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf">http://web.archive.org/web/20070629090049/http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf
</a>. So there is nothing new here.<br><br>Cheers,<br>Michael<br><br>