VistaLover

Another one bites the dust ; sadly, this is not a song reference https://gitlab.com/mbunkus/mkvtoolnix/issues/2201 Commiserations (I use mkvtoolnix extensively for media file manipulations...)

Search engines are your friends, you know ... https://en.wikipedia.org/wiki/Server_Name_Indication

Some interesting articles people here should read: https://github.com/client9/sslassert/wiki/IE-Supported-Cipher-Suites https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/ https://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx for XP: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512(v=vs.85).aspx https://msdn.microsoft.com/en-us/library/windows/desktop/aa380124(v=vs.85).aspx (though SSL2/3 should be disabled due to deprecation/vulnerabilities...) In addition to ECC & SNI missing in XP, that others have already mentioned in this thread, recent cipher suites used in TLS 1.1+ are also missing... That site uses TLS 1.2, TLS_RSA_WITH_AES_256_CBC_SHA256 (suite unavailable in XP); it does open fine in Vista's IE9 with the addition of TLS 1.2 support; likewise, the following site https://mpv.srsfckn.biz/ won't open even in IE9 on Vista, because, in addition to TLS 1.2 and SNI (which IE9 on Vista does support), it requires any of the following missing suites: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) (source: Qualys SSL Labs - SSL Server Test) OTOH, @dencorso posted here that they do for him: I don't have XP to test, but have you deleted the "OSVersion" subkeys in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 ? What would be indeed awesome is for someone to devise a way to add to the system (schannel) missing cipher suites...

Running the latest 32-bit compile from roytam1 (v55.0.0, buildID 20180113120315, git-0257d77) on Windows Vista SP2 32-bit (fully patched), I'm not seeing the issue reported by r3muxd; and this is with no less than 42 active addons (5 of which are webextensions), a custom Greek language pack and a custom mod of the FT DeepDark complete theme (based on version 14.4); I have not experienced any crash whatsoever since installing it yesterday; I know this is little consolation for r3muxd, but may indicate it's an issue particular to his setup... Also, the Moebius devs are recently streamlining the codebase and since they're officially only supporting Win7+, they have begun gutting out all remnants of NT<6.1 - I've seen GUI files renamed to *-win7* and/or *-preWin10* etc., which just means it'd be even harder in the future to maintain compatibility with XP/Vista in roytam1's builds @r3muxd you need to troubleshoot this further; does your issue happen when launching Bk in Safe Mode? Are you indeed on XP SP3 32-bit? (I can't check the behaviour of Bk on that OS currently...). Have you tried to disable Hardware Acceleration? Have you, by any chance, enabled multiprocesses (e10s) ? If yes, revert to single process... Does your issue happen in a new clean profile? Do note Basilisk is a test application in alpha state, radical internal changes take place with each update, little compatibility exists currently with Firefox (<= 55) profiles... When "basilisk.exe" crashes, do you get any additional info on which part of the app provokes the crash? As stated, the official builds don't run on Vista, by choice ; another thing is their releases are few and far between... The last one is 55.0.2018.01.05 (buildID 20180105004734); I have patched all official executables (by lowering subsystem version from 6.1 -> 6.0) and have successfully run the official win32 build on Vista; runs absolutely fine on my system (no issue with typing in the URLbar), except for the fact WMF h.264/aac decoders don't work; this is because the WMF code in the official build selectively excludes VIsta (and, of course, there's no WMF decoders for XP). (official builds only, on supported OSes =>) Official Basilisk forum: https://forum.palemoon.org/viewforum.php?f=61 GitHub issue tracker: https://github.com/MoonchildProductions/moebius/issues

@AstroSkipper @roytam1 is providing a tremendous service to the XP community with his xpmod builds of PaleMoon 27.7.0a2 (which, for legal reasons, have to be rebranded to NewMoon); actually, the Vista community too owes a lot to him for his xpmod builds of Basilisk (officially supported only on Win7+); when PaleMoon (28.x.x ?) is ported over to the Moebius platform (that Basilisk is built upon) sometime during this year, I assume PaleMoon will drop official Vista support at that time, since that platform officially supports Win7+; so I, a Vista fanatic, will be also relying on his xp-vista-mod PaleMoon builds... roytam1 is compiling his builds off code from the unstable PaleMoon channel, IOW from the master branch of the github development repository at https://github.com/MoonchildProductions/Pale-Moon/commits/master . His patches don't touch the GUI strings at all, so if your installed LP fails, it's nothing to do with his modifications... You shouldn't expect him to be also responsible for providing compatible and always up-to-date language packs each time he's releasing a new compile of NewMoon; even Moonchild Productions don't offer LPs for their "unstable" channel (PaleMoon 27.7.0a2). If you absolutely must use a PaleMoon xpmod on your native tongue, then I suggest you switch to the other option available from Feodor2; he's building on the release channel of PaleMoon, for which official LPs do exist... If you (and others) like to stick with roytam1's builds, then 1. The point of reference for language packs is JustOff's repo at https://github.com/JustOff/pale-moon-localization/releases (and I have posted about it several pages back in this thread). This repo is only updated from time-to-time, as need arises/if deemed necessary by the dev (and depending on the work committed by the respective LP contributors...). If after a NewMoon (manual) update (with a LP installed) you find that: 1. You can't start/load/access the main GUI (infrequent but plausible), then start NewMoon in Safe Mode and disable/uninstall your LP; restarting, you'll end up in the working default en-US locale... 2. If the browser starts OK but parts of the GUI turn out broken, then, and depending on the part broken, do as advised in case #1 (if only unimportant parts are broken, I can easily live with that for some days...). When your localised browser GUI breaks, this means upstream changes have taken place in the default en-US locale with the new update, changes which, of course, are not reflected in your installed (rendered outdated) LP... If you're not savvy enough, then the only thing you can do is stay with the default en-US locale and revisit JustOff's repo often, in the hope an updated LP is posted; no use in pestering roytam1 about the (temporary) breakage... E.g., the issue reported by @AstroSkipper is now rectified by installing updated LP 27.7.0_RC6 ; people, patience is really a virtue! Addendum For those impatient that are not faint at heart but are a tad on the savvy side, there's always the possibility to update yourself your failing LP; you need: 1. Your (outdated) language pack downloaded on disk; it's an xpi (renamed zip) file. 2. 7-zip (installed / portable) 3. A proper text editor (not notepad|wordpad; I use PSPad, though I understand Notepad++ is very popular) 4. Very basic knowledge of GitHub and git version control. 5. Some familiarization with the internal structure of Mozilla browsers' language packs. Latest roytam1's NewMoon build is based on commit git-d74da28, while his immediate previous one was built off commit git-40aa3cc ; the changelog during the update can be viewed in the following GitHub URL: https://github.com/MoonchildProductions/Pale-Moon/compare/40aa3cc...d74da28 (it's the list he posted here) 23 commits were pushed; now change focus to the "Files changed 41" tab and search for changed files with " browser/locales/en-US/" in their path: browser/locales/en-US/chrome/browser/aboutHome.dtd browser/locales/en-US/chrome/browser/baseMenuOverlay.dtd browser/locales/en-US/chrome/browser/browser.dtd browser/locales/en-US/chrome/browser/browser.properties browser/locales/en-US/chrome/browser/migration/migration.dtd browser/locales/en-US/chrome/browser/preferences/preferences.dtd browser/locales/en-US/chrome/browser/preferences/security.dtd browser/locales/en-US/chrome/overrides/settingsChange.dtd By clicking on those links you'll see the changes committed on each file (which are responsible for the breakage of your installed LP). E.g. the "Security" (Sicherheit) tab in the Preferences window broke in the LP v27.7.0_RC5 because file "preferences/security.dtd" was changed as seen here: <!ENTITY passwordExceptions.accesskey "x"> +<!ENTITY autofillPasswords.label "Automatically fill in log-in details"> +<!ENTITY autofillPasswords.accesskey "A"> + <!ENTITY useMasterPassword.label "Use a master password"> <!ENTITY useMasterPassword.accesskey "U"> i.e. three new lines were inserted into previous code. You have to unpack your local copy of de.xpi v27.7.0_RC5 with 7-zip, locate inside all those locale files (8) that were changed according to the github URL (and the list I posted) and patch each one of them manually with your editor (according to the online diffs for them); then you have to translate any new en-US strings to your language, German in this case; double and triple check you have done everything as it should be done, save your changes and repack your edited LP into an .xpi file; finally, install to NewMoon via drag-n-drop, restart and you should be good to go; takes time, yes; but you then begin to appreciate all the labour spent by translators (though, to be fair, they have automated tools for their job and only rarely things have to be done in a harder manual fashion...). @roytam1 May I voice a personal request: Could you create a special, dedicated thread for your xpmod of the Basilisk web browser (which is currently only a test-bed for the Moebius platform, but may survive as an application even after PM is ported to the new platform)? This thread has sort-of become a mixed bag now, actually three distinct browsers are currently being featured/discussed, I feel it'd be better for everyone following this thread if three separate new ones are created, each one with a single browser (New Moon = Pale Moon XP / Nightly = Basilisk XP / KM-Goanna) as subject; a moderator could hopefully transfer older posts to the correct new respective thread... Thanks a million for all that you do for older (but not necessarily inferior) Windows OSes !

Hi - Facebook has phased out the use of the Adobe Flash NPAPI plugin months ago; to view FB vids you need a HTML5/MSE capable browser; please refer to post #1 of this thread and review the section "Q: Can't play H264 clips?" Please also make sure that you have enabled "MSE" and "MSE for MP4 video" inside New Moon's Options/Content/Video... Default language for New Moon 27.6.0a1 is en-US; head over to localization releases, you should pick your corresponding language pack (it?) from the latest release 27.6.0_RC2; just click "it.xpi" and allow the installation to take place; then open about:config?filter=useragent.locale in a tab and modify the value from "en-US" to "it"; finally, restart NM and once it loads the GUI should be in Italian!

I am sorry to report that yet another application moves out of Vista support mpv is a CLI media player, a recent fork of MPlayer (itself a fork of mplayer2); while it is mostly known/used on non-Windows OSes, it does support Windows too codewise and win32/win64 executables (mpv.exe) can be compiled via, e.g., MSYS2 native Windows compiler (but, sadly, MSYS2 now requires Win7+ and preferably the x64 architecture ). Power Windows users may be already familiar with mpv when using it with other CLI applications like the stream-downloaders livestreamer (now defunct), its maintained fork streamlink and youtube-dl; but perhaps others may know mpv as the media engine driving the front-end SMPlayer (this can also use the original MPlayer under the hood, but from experience has worse performance compared to using mpv). The mpv devs have made it clear from the start of the fork (ca. 2012) that they'll be dropping support for very old systems... Windows XP was accidentally dropped in November 2015, but then the devs decided to do nothing to restore its support. Most unfortunately, we're now seeing a repeat of that with regards to Windows Vista; you can read about it in this GitHub issue . Though the breakage was indeed unintentional, there'll be no effort spent by the devs towards restoring Vista support As you'd expect in such cases, the same ol' "Microsoft’s extended support has ended" mantra was recited but, in all fairness, the dev did acknowledge that as The justification of "Vista not registering in my download statistics: https://mpv.srsfckn.biz/stats.html" I found quite lame, TBH; what it all comes down to is While he obviously could, the main dev providing the Windows executables said The only options offered by the devs to Vista users (cross compile in a Linux VM or install Linux in the Vista machine and dual-boot) are far from realistic for most Vista users on old-ish hardware, not to mention the huge learning curve required to master Linux at first and the cross-compiler itself after that... So, on the Windows builds page the very last Vista compatible binary is the one marked as 2017-04-23, which is in fact mpv-v0.25.0: https://mpv.srsfckn.biz/mpv-i686-20170423.7z https://mpv.srsfckn.biz/mpv-x86_64-20170423.7z versions 0.26+ will simply not run on Vista; to be exact, this is only valid for the pre-compiled binaries offered by the main dev in his repo; in theory, code newer than v0.25 could be compiled with modifications to the crypto lib used so as to restore Vista support; I, for one, don't possess neither the hardware nor the know-how to even attempt such a task...

FYI, latest language pack (27.6.0_RC1) released by JustOff also targets unstable builds 27.6.0a1 natively, so no longer the need to manually hack the install.rdf file of the pack

... Just go to Pale Moon localization and save to disk latest language pack v27.5.0_RC8 that suits you (this is an .xpi file, i.e. a .zip file); modify the install.rdf file inside it (e.g. with 7-zip) and change maxVersion from 27.5.* to 27.6.* ; save your changes and then install modified language pack in PM 27.6.0a1 (install from file in the add-ons manager or simply by drag-n-drop in a tab). This is how I got the Greek locale myself on PM unstable in the screenshot posted previously So, you can easily enjoy PM 27.6.0a1 in German, if you so wish! PS: After installing the LP, you'd have to go in about:config, filter general.useragent.locale and modify the default en-US to the language of choice, e.g. de; restart PM for the change to take effect; tada!

Congratulations @roytam1 That was it! Your xpmod now loads successfully on this old Vista laptop: And with your "portable" LAV Filters DLLs, MSE+H.264 works too (without the need to install system-wide)! I think my old (2007) Intel CPU (Core2 Duo T5250 @ 1.50GHz) can only go as far as SSSE3... Will better check tomorrow how your build compares to the "official" one on Vista SP2 x86 - and of course you're a true gem for people still on XP... Cheers!

Hello @roytam1 I was reading your posts in the Pale Moon forums (not a member there, just a frequent lurker) and decided to come and follow you here, too I am currently using the official unstable (x86) Pale Moon builds (latest is 27.6.0a1 buildID 20171001090158) on my Vista SP2 32bit laptop and out of pure academic curiosity I wanted to check whether your latest xpmod would actually run on Vista, too... However, as others have stated, it will refuse to load a GUI (though there's a palemoon.exe process running in Task Manager at ~ 29MB of memory) and Windows informs of a crash: Problem signature: Problem Event Name: APPCRASH Application Name: palemoon.exe Application Version: 27.6.0.6483 Application Timestamp: 59d1184b Fault Module Name: mozglue.dll Fault Module Version: 27.6.0.6483 Fault Module Timestamp: 59d1183f Exception Code: c000001d Exception Offset: 000034c5 OS Version: 6.0.6002.2.2.0.768.3 Locale ID: 1032 Additional Information 1: 98b2 Additional Information 2: e55896255cd32d51a93c767d394c7c40 Additional Information 3: 4946 Additional Information 4: 85d6476da8052e18313817c31a393122 I can confirm (though I suppose it's irrelevant in this XP-targeted thread) that Feodor2's 27.5.0 x86 compile will load and run fine on Vista (but MSE+h.264 doesn't work - I haven't installed LAV Filters system wide to check, either...). Keep trying and thanks for your efforts

Source: Description of Software Update Services and Windows Server Update Services changes in content for 2017 Thursday, August 17, 2017 New non-security content: Update for .NET Framework 4.6, 4.6.1 on Windows Server 2008 SP2 (KB4038923) Support link: KB4038923 , catalog link: KB4038923 Prerequisites: 1. .NET Framework 4.6/4.6.1 2. D3D Compiler Update for WS2008 SP2 (KB4019478) (Should be already installed since July 2017) Note: Installed without issues on this fully patched (Vista EOL + WS2008 updates) Vista Home Premium 32bit laptop. Next regular Patch Tuesday is following Tuesday, September 12th, 2017.

Nice find . It was file Windows6.0-KB4034786-x86.msu, Microsoft Knowledge Base Article for that was on this link, which now returns a 404 type error (Try searching for what you need - This page doesn’t exist.). And it's nowhere to be found on catalog either ... Who knows what... (Un)fortunately, I never jump to install MS updates the first day they become available (for fear they have screwed up things... ), I patched my system on the 11th, i.e. after KB4034786 pulled a disappearing act...

There has been some discussion recently over at the BleepingComputer.com Forum's similar thread about the prerequisite update KB4019478. My personal findings are: 1. When KB4024848 was first released in July, it was included in the .NET FW update bundle labelled as KB4032116 ; when one accesses the catalog link, its prerequisite KB4019478 (x86 flavour) is offered as file "windows6.0-kb4019478-x86_246d86dae3b75ce3ee0180a18db1f04992a14c1b.msu". That file has a size of 1.434.955 bytes and a digital signature of "Thu Apr 13 2017 19:47:38 UTC". This is the file I installed myself... 2. When KB4033990 was released this August (that replaces KB4024848), it was part of the .NET FW update bundle labelled as KB4035039 ; when you go to that catalog link, the prerequisite is again (?) included and labelled as KB4019478, but the x86 flavour is now downloaded as file "windows6.0-kb4019478-x86-custom_83098465b9ee0b4b39e02fa8f6853fe196966a26.msu". That August file has a size of 1.435.558 bytes (slightly bigger) and a digital signature of "Thu Apr 13 2017 10:53:14 UTC", which means the August file (updated one?) has a dig sig almost 9 hours prior to (i.e. it's older than) the previous July file for KB4019478 I don't know what to make of the above . Obviously, these are different files for the same "D3D Compiler Update for WS2008 SP2", which is, no doubt, related to this KB article and KB4019990. In the BC thread, the thread maintainer (Sardoc) has successfully installed this second (but according to my examination) older file on top of the previous, July, one... I am still undecided, leaning to hesitant... Take your peak... (I really have no idea how "amicable" is MSFN towards BC; I do know that some MSFN members ( @JodyT and recent @Ruan ) are also members there; participants in that similar BC thread are perplexed wrt to the newly introduced TLS 1.1/1.2 support in Vista/WS2008; see here onwards... Perhaps a kind soul here can refer them to my previous MSFN post . Thanks in advance )

I have! But in all honesty, it's not a browser I can use as my main Vista browser: 1. It's focused on Privacy and Security, thus it doesn't store any browsing/download history (gets wiped out upon exit - no way to override that... ); plus, it won't allow you to resume a previous tabbing session 2. Has a nasty bug when trying to open a bookmarks folder placed on the bookmarks toolbar (won't let you inspect the content of the folder, is only able to open all bookmarks within the folder in equal number of tabs. 3. Its WMF/MSE support on Vista SP2 is broken (much like Firefox 53); so it can't use system codecs for h.264/aac playback, either as standalone MP4/m4a files or AV streams encoded in h.264/aac; you can also perform the youtube HTML5 test where you'll discover both "H.264" + "H.264 & MSE" are disabled (red). 4. The real deal breaker is that Epic Browser doesn't accept ANY EXTENSIONS from Google store, including themes, thus its overall functionality (as a Chrome 58 based browser) is severely limited to basic web browsing... Its own webstore (only viewable with Epic Browser) currently only lists 7 (security related) extensions! Quite frankly, the only feature I found semi-useful was its built-in Epic (encrypted) Proxy, which, among making you more invisible on the net - plugins disabled for that, it does allow for accessing geo-filtered content...

Yes, I have tried that; has some minor issues, though... But it's based on Chrome 50.0.2661.102 code, so quite old already from a performance and security standpoint... Even if the (Chinese?) devs are actively patching security holes, 50.0.2661.102 is/was the last version of Chrome that would run on Vista SP2, this fact alone makes me pessimistic about future Vista compatibility/support... The Slimjet devs dropped Vista support when they had to move to Chromium > 53 codebase, the Russian devs of Yandex Browser managed to keep Vista support even when their code was based on Chromium 57 (last version of Yandex Browser that supported Vista SP2 was 17.4.0.2461, code based on Chrome 57.0.2987.137); Yandex no longer supports XP/Vista

Source: Description of Software Update Services and Windows Server Update Services changes in content for 2017 Tuesday, August 15, 2017 New non-security content: 1. Update for WS2008 (KB4019276) This is a re-issue of the exact same MS update first published on Tuesday, July 18, 2017 and documented here; what's indeed curious is that MS catalog link for this update now has two separate entries, one with a "last updated" attribute on 18/7/2017 and another one "last updated" on 14/8/2017 ; FWIW, both .msu files appear identical, with a digital signature of 20170610. I had this installed last month, trying to re-install the re-issued version fails, with a "This update does not apply to your system" message (which is highly expected and justifiable...). So, if you did not install this last month, have a go now... EDIT: The reason for re-issuing KB4019276 again is explained in this MS blog entry; first issue in July was catalog-only, this second re-issue adds it to WU/WSUS as an Optional update, there's a third re-issue next month on all three WU/WSUS/Catalog, when the update will be uplifted to Recommended (thanks to BleepingComputer.com forum member "lmacri" for the find ). 2. Update for Windows Vista (KB4036162) "The desktop app WordPad crashes in Windows Server 2008 SP2" In case you're wondering whether I made a mistake, then no, this is another post-EOL update for Vista and is listed as such in MS catalog site; Windows Update on Vista doesn't work for this one though, you'll have to download and install manually... 3. Update for WS2008 (KB4037616) "The spoolsv.exe process crashes in Windows Server 2008 SP2"; link . Wednesday, August 16, 2017 1. August, 2017 Preview of Quality Rollup for .NET Framework 2.0 SP2, 4.5.2 and 4.6[.1] on WS2008 SP2 (KB4035039) Support link: KB4035039 , catalog link: KB4035039 This is a .NET Framework bundle update, that breaks down to the following individual ones: 1a. Quality Rollup for the .NET Framework 2.0 Service Pack 2 for WS2008 SP2 (KB4033994) Supersedes KB4014592 (May 16, 2017) 1b. Quality Rollup for the .NET Framework 4.5.2 for WS2008 SP2 (KB4033993) Supersedes KB4024845 (July 18, 2017); install this update if, by choice, you're still on .NET FW 4.5.2 1c. Quality Rollup for the .NET Framework 4.6[.1] for WS2008 SP2 (KB4033990) Supersedes KB4024848 (July 18, 2017), but still has the same prerequisite of "D3D Compiler Update for WS2008 SP2 (KB4019478)"; install this update if on .NET FW 4.6/4.6.1 Happy manual updates Vista folks!

Bookmark the following MS URL: https://support.microsoft.com/en-us/help/894199/software-update-services-and-windows-server-update-services-changes-in as have I (to keep track of WS2008 updates to apply on Vista) ... According to that URL: Tuesday, August 8, 2017 Changes to existing nonsecurity content: Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7 on Windows Embedded 8 Standard and Windows Server 2012 (KB4035508) Metadata has changed. Binaries have changed. This update will need to be reinstalled. MS catalog link Prerequisites: To apply this update, you must have the .NET Framework 4.6, 4.6.1, 4.6.2, or 4.7 installed. (So not applicable if you're still on 4.5.x). I wouldn't... Any particular reason not to upgrade .NET Framework on your Win8 setup?

Since we've got a month's worth lease of life (fingers crossed it'll be for much longer ), am just going to post August 2017 WS2008 updates, applicable to WinVista SP2: Source: Description of Software Update Services and Windows Server Update Services changes in content for 2017 and Security update deployment information: August 8, 2017 Tuesday, August 8, 2017 Security Updates 1. Cumulative Security Update for IE9 (KB4034733) Supersedes: KB4025252 2. Security Update for WS2008 (KB4022750) Security update for the Windows NetBIOS denial of service vulnerability in Windows Server 2008: August 8, 2017 Supersedes: KB4021923 3. Security Update for WS2008 (KB4034034) Security update for the Windows Search remote code execution vulnerability: August 8, 2017 Supersedes: KB4032955 4. Security Update for WS2008 (KB4034741) Security update for the Windows Kernel information disclosure vulnerability in Windows Server 2008: August 8, 2017 Supersedes: KB4022013 5. Security Update for WS2008 (KB4034744) Security update for the Volume Manager Extension driver information disclosure vulnerability in Windows Server 2012: August 8, 2017 6. Security Update for WS2008 (KB4034745) Security update for the Windows CLFS elevation of privilege vulnerability in Windows Server 2008: August 8, 2017 Supersedes: KB3203838 7. Security Update for WS2008 (KB4034775) Security update for the Microsoft JET Database Engine remote code execution vulnerability in Windows Server 2008: August 8, 2017 8. Security Update for WS2008 (KB4035055) Security update for the Win32k information disclosure vulnerability in Windows Server 2008: August 8, 2017 Supersedes: KB4022887 9. Security Update for WS2008 (KB4035056) Security update for the Express Compressed Fonts remote code execution vulnerability in Windows Server 2008: August 8, 2017 10. Security Update for WS2008 (KB4035679) Security update for the Windows Error Reporting elevation of privilege vulnerability for and Windows Server 2008: August 8, 2017 Supersedes: KB2929733 11. Windows Malicious Software Removal Tool - August 2017 (KB890830) August's edition is file Windows-KB890830-V5.51.exe ; M$ have blocked this file from running on Vista, but it does so on WS2008; still curious as to how they do that, considering they're both NT6.0; any thoughts some clever people here have? Never mind though, for an equal (even better) workaround head over to Microsoft Safety Scanner old site and download latest version of file msert.exe (mine was on v1.249.918.0 yesterday...); both 32 and 64bit binaries are available. The tool can be run on Vista SP2 fine; choose the default quick scan, which should last ca. 12-15min (YMMV): M$ have a new site for the tool here ; as you can see, no mention of Vista in the supported OSes, but I can assure you the version I fetched yesterday ran fine on my setup; perhaps they'll change things in the future, then again perhaps not... All WS2008 updates mentioned thus far installed successfully on this Home Premium SP2 32bit laptop (not a VM): I explained this in a previous post ; KB4024848, a NET Framework 4.6[.1] update, has the D3D Compiler update (KB4019478) as a prerequisite...

Well, if you indeed look at it from M$'s perspective, you shouldn't even be considering patching your OS after it has become EOL'ed - apart from Win10, which is sold as a service, previous Windows OSes can be likened to perishable goods with an expiration date - past that date, it should be thrown in the bin, not injected with preservatives ... It would appear the Vista64 mods were somewhat more closely affiliated with M$, or simply thought in a similar vein, hence the blocking of your account... Fortunately, threads like this and the one we're on attest to the fact MSFN mods think in a more liberal fashion...

Page saved for posterity in the webarchive: https://web.archive.org/web/20170810231809/http://www.msfn.org/board/topic/176902-enabling-tls-1112-support-in-vistas-internet-explorer-9/ @Ruan Welcome to MSFN (apparently a little too late ) Thanks for your kind words...

... I was about to post August 2017 updates for WS2008, applicable to Windows Vista SP2, in this thread, when I became aware of the devastating news... I usually hesitate to register to forums, what with making my e-mail address available to others, but never for a moment on MSFN; it's true I only joined one and a half years ago, but was a guest many years prior... The wealth of information that has accumulated over the years is simply overwhelming; it'd be such a pity if all went away just like that... Thanks to all members who already gave me 32 reps with just 34 posts - I pale in comparison to all the knowledgeable people here... @2008WindowsVista Vista being my preferred OS, I have always valued greatly your Vista related posts; I fear I might have to move to Win7 or Win8.1 soon as my main OS (but no way to Win10), your Vista transformation guides of Win7 and (yet to be published) Win8.1 was one of the few reasons I'm even considering the OS upgrades... Are they to be found somewhere else? I think I'll pm you my e-mail address so you could please notify me of your eventual new "home"... I really do not know if I'll be able to back up anything (the real question is where to start from?); 12 August 2017, but at what time and on what timezone? I am myself on UTC+03:00 currently (EEST), so little time left... I suspect Google cache will retain some pages for some days, but... At the forum maintainers: Thank you for an excellent service to a broader community

... First thing I did was to have a read of wiki's entry for IE10; according to them, there were in total six IE10 Platform Previews released; the first two ran on Win7+, but the last four ran only on Win8. Did your successful test involve IE10 Platform Preview 1 ? It appears that "the first preview release came four weeks after the final release of Internet Explorer 9", so it might be that the code hadn't diverged much then from IE9 Final, hence your ability to run it on Vista... I managed to grab myself a copy of iepreview.msi file, with a digital signature of 2011-11-22 (probably Platform Preview 2), but am reluctant to run it on my main Vista SP2 laptop; what impact, if any, did it have running on your system? Running just the extracted iepreview.exe (hence in semi-portable mode), how was the (installed) version of IE9 affected? ... and what about file associations and the like? Intriguing as your experiment seems, I think it's just that - an experiment; this IE10PP(1?) can't be used as a permanent replacement to IE9, plus it won't receive any security updates from MS; while, OTOH, IE9, with all its inherent flaws, will be patched until Jan 2020... BTW, have you tried running the .msi directly? I did myself; it doesn't warn me of an incompatible OS, in fact it appears as though the installation will proceed once I accept ToS: I haven't though, and cancelled the installation... OTOH, trying to run IE10-Windows6.1-x86-en-us.exe (off-line installer for Released IE10 for Win7) alerts me to the fact that: On a later date, when I'm feeling more adventurous, I might create a Restore Point and then go on with the ie10pp installation, just for the sake of it...

I've already mentioned this issue: Original post is about implementing TLS 1.1/1.2 support to IE9; it will allow for opening HTTPS websites that were previously inaccessible to IE9, because it would go as far as TLS 1.0. Sadly, the recent MS update has nothing to do with IE9's rendering engine, which is what's used to properly display (render) a loaded webpage . For sites that do open but don't display correctly (and/or are not fully functional) you'll have to use another, more modern, browser that supports more recent Javascript and CSS code needed to render them correctly; apologies, but I'm not an expert in HTML and web design, so my terminology might be somewhat off, but I think you still get the picture (... or lack of it, if it fails to render in IE9 ! ). Please have a read of this older forum thread ; WS 2008 SP2 is already inside Extended Support (i.e. no new features, only security updates issued for it), so I was pleasantly surprised by KB4019276 which, depending on how you look at it, could be considered as a new OS feature; OTOH, it can simply fall inside the "security" category, since it improves the "security" protocols used when accessing HTTPS web places... I don't think that MS will issue any future updates in the remaining 2.5 years (till WS 2008 SP2 becomes EOL) that would enable an upgrade of IE9's layout engine - security: YES, they are still catering for that; functionality: THEY SIMPLY DON'T CARE; else they would've upgraded their own browser to IE10 or IE11 (possibly after a Vista/WS 2008 SP3 and/or a second Platform Update...).

As all of you Vista users surely know, IE9 is the last version of the MS supplied browser that can be installed on that OS. It has several prerequisites, notably KB948465 (SP2 for Vista SP1), KB971512 (Windows Graphics, Imaging, and XPS Library) and KB2117917 (Platform update supplement for Windows Vista); you can read more here. MS had continued patching security vulnerabilities in IE9 on Vista SP2 via "Cumulative Security Updates for Internet Explorer 9 on Windows Vista SP2" up until Vista's EOL on April 11th of this year (update KB4014661). MS will continue patching IE9 on Windows Server 2008 SP2 (as, again, it's the last version installable there, too) until that product reaches its (Extended Support) EOL in 2020. If you have been following our Server 2008 Updates on Windows Vista thread, then you should have already installed follow-ups KB4018271 (May 2017), KB4021558 (June 2017) and KB4025252 (July 2017). For the rest of this post I'll assume your Vista SP2 OS (ergo IE9 copy) is fully updated even with post EOL updates intended for WS2008SP2; e.g. on my setup (Vista SP2 Home Premium 32bit), "About Internet Explorer" looks like: For those of you out there with an intention to using IE9 as your main browser on Vista, sadly, you'd have come to the conclusion it's only half-usable currently, at best; this is a result of: 1. Most modern sites have removed support for IE9 completely, via UA string sniffing: Somes sites (like Youtube) offer a workaround, for others it may be necessary to spoof the actual UA string as one from a later OS+IE version (e.g. via the "Set UA String" IE addon). 2. Many sites have moved to recent web design, so they don't render correctly (if at all) in IE9, even in "Compatibility View" (well, actually, this is to be expected; CV means the site was optimised for IE8-); FWIW, even MS pages don't display correctly now in IE9 . 3. A third scenario I find quite irritating is that many sites fail to load at all in IE9 if they use the HTTPS protocol; with the recent move of many major sites to the more secure, encrypted, HTTPS, "allegedly" to increase user privacy and security, I found the list of "secure" sites not opening in IE9 growing at a high rate; of course there's always Firefox, but it's IE9 we're discussing here... Upon investigation, I discovered this is due to IE9 on Vista only supporting TLS protocol v1.0; this is considered by today's standards no longer secure enough, so many sites using HTTPS have moved to the more secure versions 1.1, 1.2, even to 1.3! Fortunately, a recent MS update (intended for the WS2008SP2 OS) can be applied on Vista SP2 that will implement TLS 1.1/1.2 support on Vista's IE9, too! ; I have spoken about this important update here. 1. Install then KB4019276 2. Reboot the Vista machine 3. After restart, launch the Registry Editor (regedit), preferably as Administrator. 4. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 5. Delete the "OSVersion"="3.6.1.0.0" subkey; BTW, I don't know which WinOS that string refers to (Win6.1=Win7) 6. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 7. Again, delete the "OSVersion"="3.6.1.0.0" subkey. Exit Registry Editor. 8. Launch IE9; Tools -> Internet Options -> Advanced tab -> Scroll all the way down to "Security": Prior to KB4019276 and registry manipulations, only "Use TLS 1.0" had been available on Vista; you should have already unchecked the older "Use SSL 2.0/3.0" options, to avoid being targeted by "POODLE" attacks; uncheck "Use TLS 1.0" (optionally also "Use TLS 1.1") and check "Use TLS 1.2". 9. Click Apply, OK, then exit IE9. 10. Upon restarting IE9, you'll find you can now visit all those sites that previously would not load due to unsupported TLS protocols: 10. You can verify further that indeed 1.2 is being used during server-client negotiations via specialised sites or via IE9's native GUI: I honestly hope you'll find my post to be of value; enjoy your more secure (than ever before?) Vista OS!