Just to preface my comments, I have not installed any of the Win Server 2008 patches discussed in this thread on my Vista SP2 machine, and Vista SP2/IE9 is patched to the end of extended support on 11 -Apr-2017.
I have a question about the April / June 2019 SHA-2 code signing updates KB4493730 and KB4474419 mentioned in the MS support article 2019 SHA-2 Code Signing Support Requirement for Windows and WSUS (see the target date July 9, 2019 in the table).
Does that mean that going forward, Vista SP2 users will not be able to download updates for Microsoft products released on or after 09-Jul-2019 via Windows Update (e.g., Windows Defender virus definitions, MS Office 2010 security updates, etc.) unless they apply these two KB4493730 and KB4474419 Win Server 2008 patches? Or does it mean that no updates whatsoever will be delivered via Windows Updates unless they apply these two Server 2008 patches (e.g., if they perform a factory reset or clean reinstall of their OS and need to re-install older Vista SP2 security updates released up to 11-Apr-2017)?
As a test I started Windows Defender and ran a Windows Update after yesterday's Patch Tuesday updates were posted. It reported that no updates were available, but until this month my manual Windows Updates were always able to find and install the latest available Windows Defender virus definitions as long as my Windows Defender services were started. I was able to manually download and install the latest virus definitions set v1.297.795.0 from https://www.microsoft.com/en-us/wdsi/definitions (mpas-fe.exe for 32-bit Win 7 and Vista, rel. 10-Jul-2019) so I don't know if the problem is that new Windows Defender virus definitions sets will now be exclusively signed with SHA-2 (not SHA-1/SHA-2) going forward, or if my Windows Update can no longer detect any available updates, including Vista SP2/IE9 updates released prior to end of extended support on 11-Apr-2017.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Malwarebytes Free v3.5.1-1.0.365
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
Are users posting in this thread certain that Microsoft permanently switched off / decommissioned the Windows Update servers for Win XP and Vista in July 2019? I've just been directed to this thread so I'm not sure if this has been suggested before, but even if this happens I believe that Win XP and Vista users rolling back their systems to an earlier date (e.g., clean reinstall, factory reset, hard drive re-image, etc.) could still patch their system back to the end of extended support using Torsten Wittrock's WSUS Offline Update tool at http://download.wsusoffline.net/. The current ESR v9.2.5 released 04-Jun-2019 (the extended support release for Win XP and Vista) even includes emergency out-of-band security updates to patch multiple exploits discovered after the end of extended support for these legacy OSs that were never delivered via Windows Update, including patches for the June 2017 NSA-leaked exploits EnglishmanDentist, EsteemAudit and ExplodingCan (see Microsoft Security Advisory 4025685) as well as the latest May 2019 security update for the BlueKeep remote desktop services vulnerability CVE-2019-0708. ----------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Malwarebytes Free v3.5.1-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS