Install a New Linux OS On a Dell Wyse 3040

Install a New Linux OS On a Dell Wyse 3040
Adding an NVMe Drive to a Raspberry Pi 5

Adding an NVMe Drive to a Raspberry Pi 5
Fixing VS Code Remote Node Not Found Error

Fixing VS Code Remote Node Not Found Error
Convert a Wii U Dock to USB C

Convert a Wii U Dock to USB C
Fixing a Stuck ‘A’ Button on a PDP Xbox One Controller

Fixing a Stuck ‘A’ Button on a PDP Xbox One Controller
Repairing a Faulty Motherboard

Repairing a Faulty Motherboard

Windows Update Changes: Here’s How You’re Affected

calendar

August 3, 2020

categories
News
tags
Microsoft update Windows

Content:

Microsoft has today terminated SHA-1 support in its Windows Update service.

SHA-1, short for Secure Hash Algorithm is a cryptographic hash function, designed to secure data by creating a hash which cannot be reversed. It has been considered vulnerable since 2011, and was deprecated by all major browsers in 2017 for secure web connections using SSL.

Most users will not be impacted by the change, as Windows 8 onwards use the newer, more secure SHA-2 hash function by default.

Any OS older than Windows 8 will be impacted by the change.

Patches

Windows 7 and Windows Server 2008 are the only versions of Windows Microsoft has updated, to use the newer hash function. Update KB4474419 adds SHA-2 support to these operating systems. For Windows 7 and Windows Server 2008 SP1, you also need to install KB4490628. Windows Server 2008 SP2 requires KB4493730 instead.

However, these updates themselves must be installed manually, as it is not possible to connect to Windows Update to install them.

Windows Vista/XP/2000

For Windows OS’s older than Windows 7/Windows Server 2008 you’re out of luck. It is no longer possible to connect to the Windows Update site, and therefore, not possible to get updates automatically. There is no patch available, and as these OS’s are long out of support, there will not be one in the future. It’s also worth noting that, as they are out of support, you won’t be missing much without Windows Update.

That is, unless you are performing a fresh install. For this, updates can be accessed manually, using the Microsoft Update Catalog website. The included versions of Internet Explorer on affected systems are unable to connect to SSL enabled websites as, similar to Windows Update on these systems, it does not support newer security methods. As such, this Microsoft site is not accessible.

The downloads themselves, however, are still available without SSL – provided you have the download links, it’s possible to download them directly from Microsoft from the download.windowsupdate.com site. The main service pack updates are directly linked below (English versions only).

Note that your browser will probably warn that these downloads are insecure due to the lack of SSL.

download icon

Windows Vista

Service Pack 1
download icon

Windows Vista

Service Pack 2
download icon

Windows XP

Service Pack 2
download icon

Windows XP

Service Pack 3

For users still reliant on these old versions of Windows, it is advisable to create a slipstreamed install disc, including all updates, to install a fully updated system from the outset.

That said, the reality is that anyone still using these increasingly insecure systems on an internet connected network should really be migrating away anyway. If you don’t like newer versions of Windows, or have old hardware, take a look at my guide to installing Linux instead.

Share:

Facebook

Facebook

 x

X

 Reddit

Reddit

 Pocket

Pocket

If you like what we do, consider supporting us on Ko-fi