Microsoft security advisory: Availability of SHA-2 hashing algorithm for Windows 7 and Windows Server 2008 R2: October 14, 2014

Notice
This update has been replaced by security update 3123479. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
3123479 Microsoft security advisory: Deprecation of SHA-1 hashing algorithm for Microsoft root certificate program: January 12, 2016
INTRODUCTION
Microsoft has released a security advisory about this issue for IT professionals. The security advisory announces the availability of a security update and contains additional security-related information. To view the security advisory, go to the following Microsoft website:
More information
The security update that is described in the security advisory was removed from the Download Center because of an issue with the update. Microsoft is researching this problem and will post more information in this article when the information becomes available.

Known issues with this security update

  • After you install this security update, you may receive an error message that resembles the following:
    0xc0000428 Digital Signature cannot be verified error
  • You may be unable to install this update if BitLocker was enabled and then disabled on the system. 
We recommend that customers who are experiencing issues with this update uninstall this update. To do this, follow these steps:
  1. Click Start, click Control Panel, click Programs and Features, and then click View installed updates.
  2. Select "Security update for Microsoft Windows (KB2949927)," and then click Uninstall.
For more information about how to uninstall an update, go to the following Microsoft webpage:

Recovery Information

Automatic Startup Repair
In scenarios in which an update failure prevents the computer from starting, Automatic Startup Repair should automatically start and remove the problematic update so that the computer can start correctly.

Note You may have to restart the computer several times before Automatic Startup Repair is initiated.

Manual repair steps
In some scenarios, Automatic Startup Repair may not resolve the issue. In this case, you must use the following manual repair steps:
  1. At the Startup Repair screen, click View advanced options for system recovery and support.

    View advanced options for system recovery and support
  2. Follow the directions on the screen to select the language, and then log on. 
  3. On the System Recovery Options screen, select Command Prompt.

    Select Command Prompt
  4. At the Command Prompt, type the following command, assuming that C: is your Windows partition. If Windows in not installed on drive C, replace C: with the correct drive letter:
    DISM /image:C:\ /cleanup-image /revertpendingactions
  5. Close the Command Prompt window, and then click Restart. After the computer restarts, you should see a screen message that resembles the following:

    Failure configuring Windows Updates. Reverting changes.
After you complete these steps, the computer should be in the state that it was in before the security update was installed, and you should be able to log on.

Note  If you have BitLocker enabled, you may have to type your BitLocker passcode to enable system recovery. 
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2949927 - Last Review: 01/14/2016 17:25:00 - Revision: 7.0

  • kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability KB2949927
Feedback