• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Windows Vista - security updates unavailable in Windows Update

Recommended Posts

k.d    0

Hello,

when googling something about Windows Vista, I found this:

https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

The bit of text that caught my attention is:

Quote

These updates are available from the Microsoft Update Catalog only.

Are there any other security updates for Vista that are distributed only via the Microsoft Update Catalog? Is there a list of some sort?

Share this post


Link to post
Share on other sites
+BudMan    3,544

Vista?  You mean the product that has been EOL for years.. Even the extended supported ended back in April of 2017..

Share this post


Link to post
Share on other sites
k.d    0

Yes, this one.

I know it's EOL, but I'm still forced to use it for at least a few more months, no going around that. It's EOL and yet it didn't stop MS from releasing a patch to fix the vulnerability.

Share this post


Link to post
Share on other sites
Jason S.    1,502

there are always patches for every MS OS that are Catalog only. i've never seen a concise list.

Share this post


Link to post
Share on other sites
+BudMan    3,544
7 hours ago, k.d said:

but I'm still forced to use it for at least a few more months

Yeah the YEARS of notice of EOL are really easy to miss ;)

Share this post


Link to post
Share on other sites
k.d    0

As I said, there's no other option atm, let's stay on topic :)

Share this post


Link to post
Share on other sites
Nick H.    9,905
1 hour ago, k.d said:

As I said, there's no other option atm, let's stay on topic :)

There may be no other option, but it doesn't change the fact that support ended for Vista a loooong time ago. If security is your concern you're using the wrong OS. ;)

Share this post


Link to post
Share on other sites
k.d    0

And vice versa, Microsoft ending support for Vista a long time ago doesn't change the fact that for a limited time I still have to bear with this system. The patch I mentioned in OP was released this year, which proves MS is still patching a least some vulnerabilities but does not share them via Windows Update for convenience. And that's what I'm trying to get help from you with - getting my hands on all these "hidden" updates. 

I am more than aware I should replace this OS as soon as possible, you really don't have to repeat yourself five times for me to get it, and trust me, it's getting done. Won't get done in a week though, that's why I want to bring this machine to be as up to date as it can for the time being. 

 

EDIT:

Thank you @gborn, I was trying to install WS2008 rollups and I was getting an error about certificates, the link you sent about SHA-2 seems to explain it :)

BTW the machine is not connected to the internet but to an intranet, but that doesn't change the fact the system is getting replaced. 

 

Edited by k.d

Share this post


Link to post
Share on other sites
k.d    0

Looks like @gborn's post was removed so I'll post an answer.

It seems you can install security rollups for Windows Server 2008 on Windows Vista, but due to lack of SHA-2 support only older updates work. However, installing the KB4493730 update brings support for SHA-2, allowing me to install the latest security rollup.

Thanks for the security lesson guys ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.