k.d Posted October 28, 2019 Share Posted October 28, 2019 Hello, when googling something about Windows Vista, I found this: https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708 The bit of text that caught my attention is: Quote These updates are available from the Microsoft Update Catalog only. Are there any other security updates for Vista that are distributed only via the Microsoft Update Catalog? Is there a list of some sort? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted October 28, 2019 MVC Share Posted October 28, 2019 Vista? You mean the product that has been EOL for years.. Even the extended supported ended back in April of 2017.. Link to comment Share on other sites More sharing options...
k.d Posted October 28, 2019 Author Share Posted October 28, 2019 (edited) Yes, this one. I know it's EOL, but I'm still forced to use it for at least a few more months, no going around that. It's EOL and yet it didn't stop MS from releasing a patch to fix the vulnerability. Link to comment Share on other sites More sharing options...
Jason S. Global Moderator Posted October 28, 2019 Global Moderator Share Posted October 28, 2019 there are always patches for every MS OS that are Catalog only. i've never seen a concise list. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted October 28, 2019 MVC Share Posted October 28, 2019 7 hours ago, k.d said: but I'm still forced to use it for at least a few more months Yeah the YEARS of notice of EOL are really easy to miss Link to comment Share on other sites More sharing options...
k.d Posted October 29, 2019 Author Share Posted October 29, 2019 As I said, there's no other option atm, let's stay on topic Link to comment Share on other sites More sharing options...
Nick H. Supervisor Posted October 29, 2019 Supervisor Share Posted October 29, 2019 1 hour ago, k.d said: As I said, there's no other option atm, let's stay on topic There may be no other option, but it doesn't change the fact that support ended for Vista a loooong time ago. If security is your concern you're using the wrong OS. +BudMan 1 Share Link to comment Share on other sites More sharing options...
gborn Posted October 29, 2019 Share Posted October 29, 2019 There are several layers of answers. First of all, Windows Vista has reached end of life since 2017 - so no more further official updates are available. See also the short blog post Windows Vista reached End of Live (April 11, 2017). All old updates released untill the Vista EOL update are still available, to allow updating a fresh install to the latest available patch level. But there has been a way to patch Vista beyond the EOL, as I've outlined it within the blog post Windows Vista: Patching beyond EOL till January 2020. The trick was to download updates for Windows Server 2008 from Microsoft Update Catalog and install the packages manually. But all good things comes to an end. Since Microsoft has changed it's signing of Update packages to 'SHA-2 only', older operating systems before Windows 8 needs updates for SHA-2 support. So Vista users are running into issues installing frei Windows Server 2008 updates. I've outlined some details and a partial workaround within the blog post Windows Vista: No more unofficial updates due to SHA2. But that's a 'shady solution' so I recommend dumping Windows Vista in environments where machines are connected to the internet. k.d 1 Share Link to comment Share on other sites More sharing options...
k.d Posted October 29, 2019 Author Share Posted October 29, 2019 (edited) And vice versa, Microsoft ending support for Vista a long time ago doesn't change the fact that for a limited time I still have to bear with this system. The patch I mentioned in OP was released this year, which proves MS is still patching a least some vulnerabilities but does not share them via Windows Update for convenience. And that's what I'm trying to get help from you with - getting my hands on all these "hidden" updates. I am more than aware I should replace this OS as soon as possible, you really don't have to repeat yourself five times for me to get it, and trust me, it's getting done. Won't get done in a week though, that's why I want to bring this machine to be as up to date as it can for the time being. EDIT: Thank you @gborn, I was trying to install WS2008 rollups and I was getting an error about certificates, the link you sent about SHA-2 seems to explain it BTW the machine is not connected to the internet but to an intranet, but that doesn't change the fact the system is getting replaced. Edited October 29, 2019 by k.d Link to comment Share on other sites More sharing options...
k.d Posted October 31, 2019 Author Share Posted October 31, 2019 Looks like @gborn's post was removed so I'll post an answer. It seems you can install security rollups for Windows Server 2008 on Windows Vista, but due to lack of SHA-2 support only older updates work. However, installing the KB4493730 update brings support for SHA-2, allowing me to install the latest security rollup. Thanks for the security lesson guys goretsky 1 Share Link to comment Share on other sites More sharing options...
erpster3 Posted December 7, 2019 Share Posted December 7, 2019 k.d you need to visit the Vista forums and ask there if you really want to install recent Server 2008 updates onto Vista goretsky 1 Share Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now