diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml
index 9fe28ce24..777b26519 100644
--- a/.github/workflows/images_build.yml
+++ b/.github/workflows/images_build.yml
@@ -126,6 +126,7 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
+      id-token: write
     steps:
       - name: Block egress traffic
         uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
@@ -173,9 +174,12 @@ jobs:
           fetch-depth: 1
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
+        uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4
         with:
-          cosign-release: 'v2.1.1'
+          cosign-release: 'v2.2.3'
+
+      - name: Check cosign version
+        run: cosign version
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3