Looking for info about the upcoming standalone SHA-2 patch for Win7

[Thinkpad4]

Cool, thanks again everyone

[i430VX]

I've tried to install this update maybe 10 times and it's failed upon restarting to apply changes, every single time. Any suggestions?

 

[erpdude8]

On 4/21/2019 at 9:53 PM, i430VX said:

I've tried to install this update maybe 10 times and it's failed upon restarting to apply changes, every single time. Any suggestions?

 

you mean KB4474419?  see if these links help

https://answers.microsoft.com/en-us/windows/forum/all/windows-7-updade-kb4474419-fail-repeatedly-with/9e2dc4ca-5adc-479f-9521-8838077b1e82

https://www.sevenforums.com/windows-updates-activation/418834-unable-install-kb4474419-win7-x64-ultimate.html

Edited April 25, 2019 by erpdude8

[i430VX]

15 hours ago, erpdude8 said:

you mean KB4474419?  see if these links help

Yes, that one!
The issue was having grub on the computer. While this is dumb and i shouldn't have to do this for a windows update, pulling the linux drive out while booting to apply changes did the trick

Thank you!

[Thinkpad4]

@i430VXthose updates cause any issues for you?  

[i430VX]

12 hours ago, Thinkpad4 said:

@i430VXthose updates cause any issues for you?  

Not that I've seen!

[erpdude8]

someone in Seven Forums did had a problem installing the KB4474419 SHA-2 update on that person's Win7 PC since mid-March 2019

[Tripredacus]

I have installed them onto three computers so far, but have not noticed anything. All three were having issues reading certificates from various things, but the updates did not solve those problems.

What are some known situations where you would need these? Are there any websites that are known to require these types of certificates? Something to test against?

[erpdude8]

On 7/1/2019 at 6:51 AM, Tripredacus said:

 

What are some known situations where you would need these? Are there any websites that are known to require these types of certificates? Something to test against?

you will need to install both KB4474419 and KB4490628 SHA-2 updates this August 2019 or Windows Update will not offer nor issue any new W7 security updates made from this point onward

https://support.microsoft.com/en-us/help/4472027

 

 

Edited August 10, 2019 by erpdude8

[erpdude8]

read MS KB articles 4512486 and 4512506, Tripredacus:

https://support.microsoft.com/en-us/help/4512486/

https://support.microsoft.com/en-us/help/4512506/

these new Win7 updates released this Aug. 2019 require the 4474419 update, which was also revised this August.

also these new updates, along with 4474419 V2 update for Win7 causes problems with existing Symantec/Norton antivirus software.  do not install these new updates until Symantec has issued a software update that works with the recently released SHA-2 updates from MS.

 

Edited August 13, 2019 by erpdude8

[WalksInSilence]

I installed all this month's updates earlier today without any issue so far. Only slightly unusual thing was that it actually restarted the PC twice before the installed updates were finalised. I was also going to post a warning about the reports of problems connected with those systems using Symantec/Norton AV products too,

I've learned the hard way to check for problems, like that, before installing any MS Windows update. So I always do some research and usually wait before installing them if any trouble is reported, even if apparently not related to anything else on my PC. But that seemed very specific and as I've never used any of their products I took the plunge.  

Edited August 14, 2019 by WalksInSilence

[vinifera]

i'm in mist with what does this update mean for user
what do i gain and/or lose by having/not having it ?

[WalksInSilence]

There is some explanation about the updates on the MS web site the updates link too as normal but apart from the usual catch all 'security' flaw excuse they rarely expand on that. It is usually the third party sites that tell you more about what the monthly rollup contains, warn about telemetry gathering tasks the update might add to Scheduled Tasks and report other problems with updates. For those you'll have to Google.

There is certainly a long held belief amongst some Win7 users that MS updates are now more about gathering data than actually protection the OS from outside attack let alone adding to or improving the functionality. Chances are if you do not update you'll have no problems but that comes with a certain amount of risk. But if you do install them it is doubtful you'll notice any difference but again, it comes with a risk that it will contain a snooping element or, as for this month's updates, conflict with some other program. 

It is my feeling that the risks of not updating now are less than if you do update ie. you're more likely to get problems caused by an update than anything the update will protect you from. But it is a gamble and you're going to feel a bit stupid if your computers are compromised because you did not update. 

Personally I'm now more interested in the MS .NET Framework updates than anything else MS provide. I have several programs that require that to be used and keeping it up to date is important. 

[vinifera]

i meant specifically for this sha-2 thing

[WalksInSilence]

https://support.microsoft.com/en-gb/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus

It reads like it is pretty much non-optional. If you want to keep on having Windows updates for Win7 the KB4474419 SHA-2 must be installed.

This is actually more relevant to me than I thought as I'm currently setting up a new Win7 installation - it actually reads like I might actually have to install it first if the SHA-2 requirement is backdated to all previous Win7 updates too.

Anyone know if that is correct?