Leaderboard

Well it turns out that Microsoft .NET Framework 4.7.2 can also be installed on Windows Vista using the same installation method for 4.6.2 Final, and it can also be patched using the .NET 4.6 security updates for Server 2008! In addition, ShareX still works with this version installed, and no dependency errors are present: Now, I could not find an application that specifically required this version of .NET Framework, but it appears that ShareX is able to use it without any issues, in contrast to .NET Framework 4.8 Preview... As such, I have also added this version of .NET Framework to the list Also, this is irrelevant to .NET Framework, but Twitch Desktop App recently dropped support for Windows XP and Vista, so it has been removed from the list

The support may be over, but this doesn't mean that people stopped using XP. Today I've been to the dentist and he is using XP. When I asked him why, he said that XP is connected to the sensors of the tools he uses on a daily basis and that he upgraded to Windows 10 months ago as he changed his computer, however the technician he called spent hours trying to make it work with those sensors but he failed, so he reverted to Windows XP. "I've been using these things since 2005" he said, "I'm gonna keep using XP until I'll change the whole thing, its tools and its sensors, which is unlikely to happen anytime soon". Since I wasn't able to take a clear shot, I told him about the Windows XP Spotter group and I quickly told him that we take pictures of XP running in businesses 'cause we are fan of the OS, so he kindly let me take this picture:

Yes - all vulnerabilities exist regardless of whether or not they are exploited. Disabling RDS doesnt patch the code (remove the vulnerability) - the insecure code is still there, just not active: as soon as RDS is enabled, the (unpatched) vulnerability can be exploited. There is a significant distinction between vulnerabilities and exploits - vulnerabilities are actual defects (bad code/code design) in the software (Window's RDP/RDS implementation) - exploits are the specific tools/processes that use the vulnerabilities for effect (DoS, privilege escalation, remote access, etc). The article you cited ambiguously references this distinction - the exploit tool ("the most common version of wannacry") was coded/designed in a way that that was mostly ineffective against XP remotely (locally it was just as effective). In other (specific) words, XP had the same SMB code vulnerability(ies) as later versions of Windows , but the specific implementation of EternalBlue via the most common WannaCry code was, ironically, buggy and defective relative to XP's SMB implemention, and thus was relatively ineffective (especially when executed remotely). This might have even been "intentional", since at the time of WannaCry XP's market share was in the single digits and the code may have been optimized for 7/8/10/2008/2012 (covering more than 90% of Windows installs). Buggy/flawed/defective exploit code is just as common as buggy/flawed/defective vulnerability code and often serves as a limiting factor in the propagation and spread of malware - going back as far as malware has existed, long prior to the existence of networks or the internet. In fact almost every "internet worm" of note was/has been vastly limited in its propagation and damage due to this often un/der-reported "buggy malware" fact. Malware/exploit authors are just as (if not more so) prone to write/design buggy/flawed/defective code as the original target code authors - and we can be thankful for that. Just imagine if malware authoring was an industry where highly efficient/effective exploit coding services were up for bidding by corporations, governments, criminal syndicates...oh..wait..never mind.

Dentists using XP should make discounted rates because they have not incurred upgrade costs Looking for an XP dentist starting today

... As it finally turned out, it is yet again another case of intentional/artificial block of Vista by M$ ; the blocking code lies somewhere inside the compiled .EXE setup, but it's obviously absent in the unpacked .MSI installer.I do wonder if it's still possible to install 4.6.2 Final by running the Setup.exe file (86.1KB) that exists inside the (unpacked) directory; an inspection with Resource Hacker reveals it does indeed support Vista in its manifest: <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!-- Windows 10 --> <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}" /> <!-- Windows 8.1 --> <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}" /> <!-- Windows 8 --> <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}" /> <!-- Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}" /> <!-- Windows Vista --> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}" /> </application> </compatibility> I guess if that doesn't work, on a 32-bit platform one should run netfx_Full_x86.msi (in the unpacked directory); as mentioned by Osman, in the root of the unpacked setup one can see prerequisite windows updates for Win8 (KB3151804), Win8.1 (KB3151864) and Win10 (KB3151900), but, surprisingly, not for Win7 (and, of course, none for WinVista, which the package doesn't officially support) - in any case, it should be stressed that the (somewhat unorthodox) 4.6.2 install shouldn't be attempted on a Vista system which isn't fully updated (SP1+SP2+all subsequent updates at least until EoS on April 2017), just for good measure... All in all, a very positive outcome from a joint effort, started by @Osman Kovan and joyfully concluded by @WinClient5270! Cheers PS: I couldn't help noticing how a 59.1 MiB file (NDP462-KB3151800-x86-x64-AllOS-ENU.exe) blows up to more than 1.62 GiB (!) when expanded!

GOOD NEWS EVERYONE! Thanks to @Osman Kovan for figuring out how to install Microsoft .NET Framework 4.8 on Windows Vista, I was able to use that same method to install Microsoft .NET Framework 4.6.2 Final on Windows Vista. I just extracted the setup .exe file with 7zip and ran the .MSI installation file contained within it, netfx_Full_x64.msi: After installing, I then tested ShareX Portable to see if it gave the same missing dependency errors that it does when running it with .NET Framework 4.8 Preview installed, and to my delight, it works just fine in Vista with 4.6.2 Final! Remembering what @VistaLover asked me to try with 4.6.2 Preview installed, I then decided to try the latest .NET Framework 4.6.x security rollup for Windows Server 2008 to see if it would patch .NET Framework 4.6.2 Final on Vista, and, lo and behold: It works! This means that .NET Framework 4.6.2 Final CAN be installed and patched on Windows Vista using @Osman Kovan's installation method, and then by downloading the .NET 4.6 patches for Server 2008 manually from the Microsoft Update Catalog. As such, Microsoft .NET Framework 4.6.2 Preview has been replaced with the final version on the list: Special thanks to @VistaLover, @Osman Kovan, and @artomberus for helping make this possible!

They're mostly making an argument similar to @Jody Thornton's: if you have PCs with older, unpatched OSes on a corporate network, an attacker can use those as "anchors" to gain access, then spread malware to other, newer PCs. Therefore keeping those PCs on your network can pose a security risk. In that environment, it would make sense to minimize the number of different Windows versions you're using, so as to reduce opportunities for hackers. But I found the article's concentration on XP troubling. After all, the same vulnerability is found in Win 7, which is found even more often than XP and is still in support (at least until January). But the article didn't bash Win 7 users; only XP users. I suspect the not-so-secret agenda was to try once again to kill off that 2-3% of the market still running XP with yet another dose of FUD. It hasn't worked so far, but why not give it another try? Indeed, it's major point seems totally irrelevant: XP is old. So? Software doesn't "age;" in fact, unlike living things, it often gets better with age, as bugs are found and patched. If the bug is particularly serious, as in this case and the Wannacry case, you may even get a patch after the official EoS date. For individual XP users, though, the time to worry will be the day a major vulnerability is found but not patched. Hmm.... I wonder if the recently-discovered vulnerability exists in Win2K? There's no patch for that OS (although I suppose you could just disable the probably-unneeded Remote Desktop service).

@Blados, no, both architectures are supported. But the developers, when they throw support for Vista, complained that the code was very different and difficult to maintain. Due to hardware acceleration. I tried to run the MSI file - it sends to setup.exe . Setup.exe requires Windows 7. I modified the MSI file and installed it. With .NET 4.7.2 is installed. ... is not Win32 application. Alas.

I don't know about Paint .NET, but I think Shadowsocks will work fine, at least it launches:

Multiple containers look like two different browser profiles on the same PC, with separate cookies, etc. Google's algorithms will likely interpret that as two different users in the same household, only one of which has a Google ID. Containers are just a more convenient approach than using a separate browser or profile for Gmail and YouTube. (BTW, another, similar option is private tabs, which you can create via the "Private Tab" add-on. Same idea, except you'll have to sign into Google each time. And the Private Tab add-on works with other FF-derived browsers besides St 55.) I'm sure Google employs browser "fingerprinting" techniques; thus you should employ additional countermeasures: disable Flash, which you don't need with YouTube; use an anti-canvas-fingerprinting add-on like Canvas Defender; use add-ons like uBO and Privacy Badger to block, or at least minimize, Google's tracking on other sites; and most importantly, just minimize your use of Google! Just because you're forced to use them on occasion doesn't mean you should give up. You may not be able to stop them completely, but at least you can slow them down a bit and make your info less valuable to them.

Not sure if I can post this here, but... Here's the list of updates I've installed for .NET Framework 4.7.2: Not sure if that's all of them. It's based on my list of previously installed .NET 4.6.1, also have tried installing the older ones I had before, but all of them gave me the "not applicable to your system" error so I don't think there are any more updates to install, aside from the possible May 2019 ones, which I have yet to install. Also, it seems you can't install Language Packs since doing it the normal way yields yet another "not applicable to your os" error, and unpacking the installer with 7-zip and running the other installer (forgot its name) tells you to use setup.exe instead... Note: These are security and quality rollups, I don't know the update numbers for security only updates.

So, if this update is so crucial, why exactly aren't they pushing these updates automatically? Last I checked, Windows update service still works on Windows XP.

Hello. I was looking for internet browsers that still support XP and something caught my eye, a chinese browser called Extreme Explorer 360 (Chrome 360). It was advertised as Chromium 78 based so I decided to give it a try and to my surprise it actually worked. At first I thought that there was absolutely no way that it could be based on Chromium 78 but after several tests it proved me wrong. Here's why I do believe that it is in fact based on Chromium 78: According to HTML5test.com, this browser gets a higher score than any other XP browser in terms of HTML5 support and features. WhatIsMyBrowser.com reports the browser as Chrome 78 running on Windows Server 2003 (XP x64) In case someone wants to try it on their own: A direct download link from Mega provided by @win32: EDIT: I do actually recommend it as a main browser now as it is based on a significantly newer Chromium version, which is also a lot safer than other much older officially supported browsers. EDIT 2: The browser has been updated to Chromium 78 from 69 and still supports Windows 2000 (with all of the latest unofficial updates), Windows XP and Windows Vista. EDIT 3: According to @ED_Sln, the latest version with proper TLS 1.3 support of Extreme Explorer 360 is 12.0.1053.0.

Could it be another MS kind of arrow against XP users? Making unusable their mailing system on the most popular browser leaves wide doubts.

Because it can place an executable in the autorun folder in which resides links to programs that are gonna be opened at boot-time, then wait 'till you'll reboot and boom. Anyway, I'm still running my browser normally, but I think I'm gonna use the Avast Sandbox in the future.

Yes, I tried the final version of .NET 4.8 on Vista just now, and while it could be installed, it unfortunately displays the same behavior as 4.8 Preview: This means that .NET 4.7.2 is the final version that can be used on Windows Vista without these issues, seemingly I did just that, and here are some of the files I got: I then modified the .MSI file with Orca like @artomberus did, and received the same error message when attempting to run the program after installing it... However, this limitation is pretty easy to circumvent using @blackwingcat's PEMaker tool: After modifying and recompiling the .exe file using this tool, that eliminated the "not a valid win32 application" error but sadly, my success was short-lived: So it looks like Paint .NET is a no-go on Vista As far as SP1 goes, .NET Framework 4.7.2 does "require" this, but there is no mention of the Platform Update "requirement" on Microsoft's .NET OS compatibility chart here. Bearing this in mind, the software likely calls for functions introduced in Windows 7's Platform Update, which would explain why it doesn't work in Vista even with .NET Framework 4.7.2 installed... Sadly, no. Downloading the installer and attempting to run it does not work, and extracting it provides no .MSI installer to use/modify, nor are there any available elsewhere on the web, from what I've found:

I have to say it's a pretty neat browser that is based of chromium 69 and works on XP! Plus with tweaking it's privacy settings it's a great browser!

Compatibility section is irrelevant when it comes to Windows Vista because it's only recognized on Windows 7+ and even there, the Vista supportedOS entry alone is meaningless and equivalent in behavior as if compatibility section is absent. The OS looks for the entry of the highest Windows version it recognizes (so either itself or that of the older version) and modifies the behavior of certain APIs accordingly. https://docs.microsoft.com/en-us/windows/desktop/win7appqual/compatibility---application-manifest

@Dave-H @dencorso With MSE I still noticed the download option via the Windows Update Agent. Now I use the POSReady 2009 (HKLM,"SYSTEM\WPA\POSReady",Installed,0x10001,1) entry in the registry only temporarily and as long as this is not available, the Windows Update Agent can not find a more current definition incl. Engine for MSE , Here is also the source of the error because not wanted. The alternative option was removed with the help of the "helper", but the variant via the Windows Update Agent comes into play here, which is apparently implemented in MSE itself. In advance, only removing the POSReady entry in the registry would help. Will still try to find another way, despite some attempts.

I'm thinking it depends what the 'real world' means - would mean different things for different people. My own computer use is nowadays fairly limited, write documents, deal with email, play a movie and audio files, and surf the internet covers most of what I do. I find that for most things my system, with only (seemingly) essential updates, works just fine. Until I hit slight issues, rare, and things get generally interesting and not too difficult to solve - so far, so good. That said, and though it definitely doesn't qualify as an essential update (but it damn well should) I wouldn't be on Windows 7 at all if it wasn't for Classic Shell. Without that I'd be either on Windows 8.1 with Classic Shell, or off to Linux Mint which I used for a couple of years. Mint was fine but always felt a bit lacking just because of software developed for Windows systems that I really liked and missed, which in the end drove me back to Windows. However, as far as Windows goes, if it ever got to the bit where my only option was Windows 10 then I'd migrate to Mint and never look back. Windows 10 - no way!!! To that extent that is my 'real world' and that Windows 10 line draws an absolute limit on it.

I could test it, but it seems there's only 64 bit edition available?

@dencorso Try to solve this problem with the help of the "helper". After that, MSE itself can not update anymore. No update any more about MU for Microsoft security essentials, no AU.

@bphlpt I've been very busy so haven't been able to respond quickly. However, something you said lead me to curing a very recent problem that surfaced when trying to play some recently released videos on a Vimeo 'channel' that I follow. The 'channel' has the title "Common Weal". I could play every video in that 'channel' in Firefox without issues with the exception of the two most recently released videos. The videos that I couldn't get to play were: An Investment-Led Economic Development Framework For An Independent Scotland Know Your Growth Commission: Financial Regulations At the time I puzzled over this and thought that Common Weal and/or Vimeo changed something and made the videos no longer playable in my Firefox browser (I also checked this with a portable Opera browser that I keep for trying to troubleshoot any internet related problems. I got the same results using Opera - and because of that I thought it possible to discount notion of an issue with Firefox itself.) I contacted Common Weal about the problem but the woman I was communicating with was clueless, said no one else was having the problem, but that she'd pass the information to their web developers. So I waited for a couple of weeks and further response never came. Then I read your comment: When I read that an intuitive bulb lit up concerning the Vimeo videos and I thought to test the intuition out. So, cutting a long story short, to update my IE 8 (which I never use) to IE 11 (which I never will use) I had to install some prerequisite KBs into my Windows 7 SP1. The prerequisites were listed here (along with 3 Optional KBs): https://support.microsoft.com/en-us/help/2847882/prerequisite-updates-for-internet-explorer-11 So, I started to install the KBs as listed in that table, working from the top of the table down. (On trying to install KB2533623 I got an error message saying "This update is not applicable to your computer." On doing some research on that it turned out that that KB was actually for a Windows Vista computer; so Microsoft goofed in listing it as a Windows 7 SP1 prerequisite. So this update got skipped.) For each update that installed I rebooted the computer and then tried to see if I the two Vimeo videos that wouldn't play started to play with the following results: KB2729094 - No change, videos still would not play KB2731771 - No change, videos still would not play KB2533623 - Wouldn't install - intended for Windows Vista KB2670838 - Success! Once this was installed the two videos that wouldn't play started to play in Firefox. (So the installation of one, two or three of these KBs, or some combination thereof, was what was required to get the Vimeo videos to play.) I then installed the other 2 prerequisite KBs in order: KB2786081 KB2834140 Then I updated my IE 8 to IE 11 and then installed the 3 Optional KBs. So your comment on the advisability of keeping IE up to date because it might have a background effect on the OS turned out to be the solution to recent Vimeo videos in as much I had to install some prerequisite KBs to get them play. So as far as KBs go I have now increased my count of 'essential' KBs installed by an additional 5 now (discounting the Vista one, of course). Or you could say by 8 if counting in the 3 Optional ones - but those probably don't full under the 'essential' label. So thanks very much for your comment, @bphlpt. That off the cuff remark enabled me to sort a very recent problem that I encountered and that was niggling me for a couple of weeks. One question though. When you say you chose to keep IE up to date what do you mean precisely? Like you just install security patches for it? Or something else? Also I think I read elsewhere on this forum that MS were planning to ditch IE in favour of Microsoft Edge. So what would be your thoughts on that? Is that about to become a critical matter for folks trying to avoid, as much as possible, updating Windows 7 SP1? Hope the above helps someone else sometime.

@Dave-H Following an excerpt from my log

IT WORKS !! thanks to all people of this forum currently i'm running firefox 52.9.0esr on my home test machine...i know it is the last xp supported version... usually i run application in my home desktop computer and then i pass it to my laptop....

Yes, download and install the patch!

uBO v1.17.4 is the latest signed version of uBO (available from Addons.Mozilla.Org) that's compatible with FF 52*. As with all AMO extensions, it uses the WE API set. Some of us prefer the (unsigned) legacy version, 1.16.4.10, because it lets you enable the WebRTC privacy option that's greyed out on 1.17.4. But FF will automatically update a legacy uBO version to 1.17.4 unless you either: Turn auto-updates off for uBO, or Install another unsigned add-on, uBlock Origin Updater, which redirects uBO update checks to a site that only lists the legacy versions (1.16.4.x) available from GitHub *Strictly speaking, later uBO versions are also compatible with FF 52, but are flagged as requiring FF 55 or later, so FF won't update uBO to those versions.

armagaddon-2.0 bug (and fix) has to do with SIGNED extensions; uBlock-firefox-legacy-1.16.4.10 (from GitHub) is an UNSIGNED extension; to install it on FxESR 52.9.0[1], one must first flip (in about:config) xpinstall.signatures.required to false, restart the browser and then attempt to install; to remove warnings generated by installed unsigned extensions, read previous post in this page...

I don't think we're falling behind at all. Does the vulnerability even exist if Remote Desktop is disabled in services (not to mention that it is now patched)? If this is such a "very bad sign" (as the wired.com article says), with "similarly devastating implications" to WannaCry (as it also says), I would simply remind that WannaCry turned out to be ineffective against Windows XP, contrary to early reports. https://www.theverge.com/2017/5/30/15712542/windows-xp-wannacry-protect-ransomware-blue-screen

A very good question!

Hooray! Vista lives another 5 years

You have (what I call) an "obsession" we've already witnessed in other threads to falsely report to all sites you're running Firefox 66, instead of adopting the default user agent of FirefoxESR 52.9.0[1] and only spoof that on sites broken in FxESR 52 (and I recollect @Mathwiz and possibly others advising you towards that direction ). Once again you fell prey to your "obsession"; the suitable "fix" you should install from AMO is found on https://addons.mozilla.org/el/firefox/addon/disabled-add-on-fix-52-56/ But if you pretend to be running Fx 66, AMO will think you are running Quantum (yes, Firefox 66.0 is of the Quantum "variety") and forbid you access to what it thinks is an incompatible extension! Please, for one last time, STOP this practice of adopting a global UA string of Fx 66.0 (sent to all sites) and return to the default value that comes with your actual browser; currently only few sites will nag you about Fx52 being outdated, use SSUAO just for these...

https://github.com/classilla/tenfourfox/commit/f6dd8303f61081d83793e9f744a4fe5879f7ee76#diff-61cac4855c1bb1dd3e264ed799753d4fR2467 try change it back to -1 to see if problem can be resolved or not

I have just tried the newest version of Firefox 45 ESR SSE (45.9.15) on my Pentium III RDD, and compared to the older versions, I noticed that scrolling in webpages appears to be choppier, less smooth than it is for example on New Moon 27 and the older versions of FF45 ESR SSE. To make sure it wasn't an impression of mine, I rolled back to 45.9.14 and the latest stable version, 45.9.11, and I've indeed noticed that the older versions are way smoother when scrolling websites, even with pictures (especially after applying the UOC Patch). I noticed that in 45.9.15, when I scroll a website with pictures that are loading, the scrolling noticeably lags, while in the older versions it scrolls almost seamlessly when pictures are loading, at least with the UOC Patch enabled. I hope this choppy scrolling issue can be addressed and eventually fixed, as I've currently rolled back to 45.9.11, which behaves as fine as 45.9.14 on my machine. A big thumbs up to @roytam1 for his great work, and I hope my report can be useful.

1.16.20 (probably installed from GitHub) is UNSIGNED; as such, it can only be installed while in Developer Mode and yes, stable Chrome branch will alert you about this at every browser (re-)launch You should have been stuck at the signed version 1.16.18 on Chrome 49; BTW, 1.16.18=1.16.20 for Chromium based browsers; please read following post: Export first your 1.16.20 settings to a file, then uninstall 1.16.20, manually install 1.16.18 (by dropping onto chrome://extensions) and then manually re-import your previous settings; have done this many times, it just WORKS!

I have both updates installed. Most likely you have installed the update of the system KB4494528, but the tweak is not done. You need to execute the command "regsvr32 MSI.DLL" in the command line. After this update should be installed.

I agree that the management of already installed Search Engines can be performed quite fine by New Moon's native functions/tools; using the extension I mentioned comes very handy in the cases one wants to add a rather obscure search engine not to be found on the official PM Search Plugins page that you linked to, or when a page does not provide an easy way to add its search among the browser's Search Engines set... E.g. with "Add to Search Bar" I can easily add our own forum's search utility, or BBC iPlayer's, etc : The extension itself appears to be using minimal resources: (via about:addons-memory, extension to be found on GitHub)

Oh I'm sorry, I understand now. I didn't know that the updates for .NET 4.6.0 applied to 4.6.1 as well, that's good to know. Thanks for clarifying that for me, VistaLover. However, those updates will not apply to 4.6.2, as the same "do not apply" error appears above when trying to apply them when 4.6.2 is installed. However, this is not the case with 4.6.1 installed, which confirms your hypothesis:

Remotely relevant, but in all three of New Moon 28, Serpent 52.9.0 and Serpent 55.0.0 I have installed the XUL extension Add to Search Bar: https://firefox.maltekraus.de/extensions/add-to-search-bar Last version 2.9 can be found inside CAA (caa:addon/add-to-search-bar)

While true, I still think that this is a good option to do for the greater good. Right now, the links are accessible only to those logged in on the MSFN forum. If the forum goes down or something happens to the file, they may be lost forever. I myself have gathered all the POSReady updates with their respective links available in the MS Catalog from 2010 to now, but have not managed to archive the older links yet. In case of many Windows 2000 (and older) updates, some of them did actually "vanish", and we have no access to the files any more. Only the broken URLs remain. This is especially true for updates for the less popular language versions of Windows.

Here's the deal: 1. FxESR 52.9.0[1] by default comes with the pref xpinstall.signatures.required set at true; this means that extension signing is by default enabled, much like in the release branch (stable versions 52.0/52.0.1/52.0.2). With that default setting, you can't install (of course) unsigned extensions. But all valid and signed already installed extensions will fail to be verified and will be disabled by the browser, due to the expired intermediate certificate (which is used in the certificate chain to validate signed extensions). Additionally, you won't be able to install further new signed addons or reinstall already existing signed ones (XUL extensions from alternative archives and compatible WEs directly from AMO) because their signature can't be validated! 2. For the group of users that have toggled xpinstall.signatures.required to false, what Mozilla dubbed as "armagaddon 2.0" will manifest itself in the following manner: a. Already installed signed extensions will fail to have their signature validated but won't be disabled by the browser; instead, Addons Manager will display the orange security warnings mentioned by @Dave-H that they "... couldn't be verified for use in Firefox" and that you should "Proceed with caution" (wording cited from memory). b. People often misunderstand that xpinstall.signatures.required;false nullifies extension signing; this is not correct; what that setting does is allow the user to install UNSIGNED extensions; but already signed extensions still need to have their signature validated upon (re-)install; so, much like case 1.) above, you can't install any additional signed extensions on your 52.9.x Firefox instance with the expired intermediate certificate! TL;DR: You do need to install the new intermediate certificate (due to expire in 2025) in all legacy firefox versions 47 - 56: https://addons.mozilla.org/en-US/firefox/addon/disabled-add-on-fix-52-56/ (actually, this is applicable to fx 47 - 60, as one can see in its install.rdf file) PS: NOT ALL signed extensions were affected by "armagaddon 2.0"; but the majority of the ones affected were of the WE type (in Fx <=56.0).

Adobe Flash Player 32.0.0.192 has been released today (confirmed working with Windows XP SP3/Windows XP x64 SP2) Internet Explorer ActiveX: http://fpdownload.adobe.com/get/flashplayer/pdc/32.0.0.192/install_flash_player_ax.exe Mozilla Firefox NPAPI (also for Opera Presto/Google Chrome 44 and earlier): http://fpdownload.adobe.com/get/flashplayer/pdc/32.0.0.192/install_flash_player.exe Google Chrome 45 through 49 PPAPI: http://fpdownload.adobe.com/get/flashplayer/pdc/32.0.0.192/install_flash_player_ppapi.exe

I ran into a situation while travelling, that may have been exascerbated by my OS update preferences. I was unable to use the hotel guest wireless networks. Although I was away for two weeks, each week I had different computers with me but they both generally had the same problem. They could connect to the guest network, but wouldn't allow me to go anywhere via a browser. Either the guest portal wouldn't open (because it uses XSS and I have XSS blocked) or I received certificate errors. So one casualty of trying to keep a computer under your control or secure, is that it can't be easily used in the real world.

It ends up that first one might not be needed after all. According to this: (look in the "Package Details" tab) KB3177467 has been replaced by KB4490628. The "Package Details" info of KB4490628 confirms that it replaces KB3177467. So unless KB3177467 is required as a prerequisite for one of the other updates, it looks like it can be left off. Or you might just change the installation order. I also need .NET for my VPN. I don't go out of my way to either use or avoid .NET, but I prefer to have it fully updated in case it is needed. Like you, I avoid IE completely, but since I think other parts of the OS might use aspects of IE behind the scene, I choose to keep it updated, but NEVER use it on purpose. EDIT: Regarding: I THINK that one or both of those were involved in fixing the "Windows Update takes forever" problem, along with manually installing the latest IE updates and perhaps MS Office updates? I've forgotten what the solution ended up being, and how it might apply to this thread. Perhaps @dencorso can remind us? On the one hand, if you're not going to install updates you might not care how long it takes to come up with the potential update list, but on the other hand, having the computer stuck in a loop for several hours definitely indicates something is very wrong. I have no problem with having: installed, and since I keep .NET up to date that will address KB958488 that you have installed. Cheers and Regards

And here it is! The most awaited Vista repository with Server 2008 updates (atleast for the few people who care about the OS). Included in here are updates for both x86 and x64 architectures, and all versions of .NET available for Vista, from 2.0 to 4.6.1. If there's anything missing, do let me know. https://mega.nz/#F!txxRyLzC!1vBMGzMHiL864f3bl1Rj1w I would like to direct a huge thank you to @VistaLover and @2008WindowsVista, for testing out the updates, and listing them in an easy to copy way