{"id":10827,"date":"2019-08-21T01:49:12","date_gmt":"2019-08-20T23:49:12","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=10827"},"modified":"2019-08-21T01:49:25","modified_gmt":"2019-08-20T23:49:25","slug":"symantec-releases-a-patch-for-the-sha-2-bug-in-windows-7","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/08\/21\/symantec-releases-a-patch-for-the-sha-2-bug-in-windows-7\/","title":{"rendered":"Symantec releases a patch for the SHA-2 bug in Windows 7"},"content":{"rendered":"

\"win7\" [English<\/a>]Antivirus vendor Symantec has released a patch to fix the update issue on Windows 7 \/ Windows Server 2008 R2. Distribution is scheduled for August 21, 2019 for various language versions, the English version is said to have already been released. Here is some information on the topic.  <\/p>\n

<\/p>\n

What exactly we are talking about?<\/h2>\n

\"\"Microsoft has changed the signing of Update for Windows 7 in August 2019 exclusively to SHA-2. I've addressed this, among other things, in the blog post Windows 7: From April 2019 'SHA-2-Support' is required<\/a>. This is not a problem, because Microsoft has provided the relevant updates to SHA-2 support since months. So far, Microsoft has also provided dual-signed update packages signed with SHA-1 as well as SHA-2.<\/p>\n

As of August 2019, however, the SHA-1 signature in the Windows 7 updates has been completely removed. These can only be installed if Windows 7 SP1, Windows Server 2008, Windows Server 2008 R2 and WSUS have been upgraded accordingly (see also WSUS: Endpoint decommissioned; SHA2 update required<\/a>).<\/p>\n

However, users of Windows systems that have Symantec Antivirus or Norton Antivirus installed have a problem since the August 2019 patchday. The antivirus solutions only detected updates signed with SHA2 (because of the missing SHA-1 signature) as malware and blocked these packages. <\/p>\n

Symantec has published the KB article Windows 7\/Windows 2008 R2 updates that are only SHA-2 signed are not available with Symantec Endpoint Protection installed<\/a> . Microsoft has therefore blocked the deployment of the August 2019 updates for Windows 7 SP1 and Windows Server 2008 R2. The required August 2019 security updates were not offered. I reported in the blog post Symantec\/Norton blocks Windows Updates (SHA-2)<\/a>.<\/p>\n

Symantec startet rollout a patch<\/h2>\n

Through the following tweet by Woody Leonhard I became aware that Symantec has now released an update to solve this problem.<\/p>\n

\n

Remember that block on Win7 patches this month, on systems with Symantec or Norton antivirus? Looks like Symantec has released a fix and you can now install this month's patches. (MS's KB articles haven't been updated.) https:\/\/t.co\/2j8ZQp0LWi<\/a><\/p>\n

\u2014 Woody Leonhard (@AskWoody) August 20, 2019<\/a><\/p><\/blockquote>\n