Article ID: 2715304 - View products that this article applies to.
When you try to validate a copy of Windows, you may receive an error message that resembles the following:
Update installation failed. Error information: 0x80092026
When you try to validate Windows from http://www.microsoft.com/genuine/validate
(http://www.microsoft.com/genuine/validate), Windows downloads an update 971033
(https://support.microsoft.com/kb/http://support.microsoft.com/kb/971033/ ), however when Windows tries to install the update, the update shows an error message that is mentioned above. Additionally, if you try to download the update KB971033 on your machine and run it manually, you may receive following error message:
Installer encountered an error: 0x80092026
The cryptographic operation failed due to a local security option setting.
This error occurs when the 'State' value of below mentioned registry key is incorrectly set. This value corresponds to the Internet Explorer security setting "Check for publisher’s certificate Revocation" and "Check for signatures on downloaded programs"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
You can find a key with the name ‘State’. By default the values is set to – ‘23c00’
To resolve this problem, change the registry key to a valid setting, e.g.
State = 0x00023e00 - ‘Check for publisher’s certificate Revocation’ Unchecked
State = 0x00023c00 - ‘Check for publisher’s certificate Revocation’ Checked
The wrong value might result from an issue described in following Knowledge Base article:
(https://support.microsoft.com/kb/http://support.microsoft.com/default.aspx?scid=kb;EN-US;982606/ )The value of the "State" registry item is changed after a Group Policy preferences setting is applied in Windows Server 2008, in Windows Vista or in Windows Server 2008 R2
Use one of the methods:
Method 1: Editing the Registry
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
Method 2: Create a reg file
You would be able to validate your Windows successfully.
In some cases, you might be required to update the 'State' value for following two registry as well.
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
HKEY_USERS\.DEFAULT \Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing
Note: Ensure whatever value is updated for HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing, should be exact for above two registry.
(http://go.microsoft.com/fwlink/?LinkId=151500)for other considerations.
Article ID: 2715304 - Last Review: June 1, 2012 - Revision: 1.0