Leaderboard

Just replacing crypt32.dll with a newer one didn't change the situation, however what did a noticeable change, was a certain setting in New Moon called "Use OSCP to confirm the current validity of certificates". So now I deactivated the checking of the HTTPS certificate it seems. The error message "SEC_ERROR_OSCP_OLD_RESPONSE" gave me a wink to that. The browser got confused in the process of connecting to the OSCP (holding the certificates), trying to do something with SHA1. Maybe checking the cerfificate? It's not the TLS encryption, SHA is a hash function. I've just learned about this in this video: https://yewtu.be/watch?v=GI790E1JMgw Some more notes on testing: While I was browsing today on the "next-week" Windows XP machine, none of the HTTPS sites did work, not even msfn.org, swisscows.com and wiby.me. So that changed compared to yesterday. Unchecking the option I described above however made browsing possible again. Still, SHA1 is not repaired... I'd be interested to see someone with an updated Windows XP try to time-travel too (setting the time two weeks to the front), as I am still running SP2 on two XP-computers here. This emergency situation can be simulated! I can confirm, that the time can be set back and SHA1 is recognised again. The question is of course, if other things break, that rely on SHA1... because what I've described is only an evasion for web browsing with New Moon... watch out for your local power plants!

I assume you are asking about x86 SP2 (I ran it in x64 SP2 just fine), I personally don't run (nor need) x86 SP2 so have no way of testing. But I have a strong hunch that yes, you need x86 SP3. I also personally avoid POS updates and stick with EOL. POS updates broke several of my applications and it wasn't worth the time to track down which updates were the root cause. I didn't do any extensive testing, but enought to show that I plan to stick with 360Chrome v13 build 2206 at least for now. I disable webgl in my browsers for default browsing but benchmark with webgl enabled - MiniBrowser crashed while 360Chrome did not. And I "demand" a full-time STATUS BAR which is rare these days, I know, but I'm keeping that full-time STATUS BAR forever, if possible, no d@mn popup "bubble".

KB4020507 was a March 2017 update for .NET Framework 4.5.2. That was indeed the 4.x version that Windows Update used to offer for Vista, but it does not follow that someone actually has it installed in 2021 (maybe check programs and features > uninstall a program). If you manually installed a 4.6.x version, then the equivalent update was KB4020503. (VistaLover mentioned that one in his May 15, 2017 post because he had .NET 4.6.1.) Furthermore, Package Details at the Catalog say KB4020507 was replaced by KB4345682, so there should be no need for it if more recent .NET updates have been (or can be) installed.

Not the answer you expected but hoping it could help. Personally I've only been using POP Peeper from Esumsoft for POP3/IMAP accounts for years under 98SE and XP. I'm still using it now through Wine under Linux Mint, because all Linux e-mail clients I've tried are lousy and nowhere near my personal taste. The free version doesn't allow access to folders other than Inbox but that may not be such a big issue. At least one can check their messages and reply/compose. There is one thing about AOL. Dunno if you received the notification but starting this June they will implement something on their servers that will kick out many well-known e-mail clients. Logging in may require a master password or something like that, and I'm not sure which clients will be able to fulfill this requirement. Not even sure about POP Peeper but we'll just have to wait and see. If need to I will delete my AOL account and they may go to hełł with their draconic measures. I've already deleted GMail, Hotmail, Yahoo accounts years ago.

That's weird. The premodded october build of Steam never checked for updates and I never had to configure anything. The thread I linked to did mention what you need to add to the Steam.cfg file though. It goes to the Steam folder.

I am not a TLS expert, but it is my understanding that basically nothing is going to happen when this certificate expires. This cert is what microsoft signs stuff with (for example, new updates, drivers...). There aren't any new updates being made for any SHA-1 system anyway. The reason you canot connect to HTTPS sites when you change the date is because you are changing the date, not any significance pertaining to what that date is. Firefox-based browsers do not rely on windows for encryption anyway. Chrome (at least on XP) partially does. but even for chrome and IE, nothing is going to change.

I suggest moderators to move this tread to main XP board

So I got the nerve to run sfc and it fixed the integrity issues, ( and everything else still seems to work ), but the .exe updates from the MEGA link still can't access windows installer. I looked deeper into them and discovered that perhaps they are looking for MSI ver 3.1, whereas I have ver 4.5. Quote below from file "Strings.xml" included in "NDP45-KB4020507-x86.exe" from the MEGA files. " <!-- MSI 3.1 required dialog --> <IDS_MSI31_REQUIRED>#(loc.ids_msi31_required)</IDS_MSI31_REQUIRED>"

I haven't yet applied the Server 2003 SHA-2 update on my rig, so I just tested this as well, setting the date to May 10 at 1:25 AM. On New Moon and Firefox ESR, I get "SEC_ERROR_OSCP_OLD_RESPONSE" on some HTTPS sites but not others. The same sites are still accessible on Advanced Chrome and Chrome 49, however. I tried to see if anything changed if I set the date to May 17, but the same sites would still break on the same browsers, while the other sites that did not break remained unbroken. That's very peculiar.

Service Packs are still available.

I have quite a few updates which claim in the registry to be from "SP4" too, and have had for years. I suspect it refers to a notional Service Pack 4 for Windows XP which was mooted by Microsoft at one time but never actually issued.

Folks need to get serious about their purchasing power. Know how to boycott.