where do apps look for installed patch

solarstone2149 · Jun 5, 2022

so recently some browsers and antiviruses started to sniff if user has SHA-2 patch installed
but what values and where do they look for this ?

is this a specific registry entry or what ?

abbodi1406 · Jun 5, 2022

Do they check for KB4474419 specifically, or just query crypto api for sha2 support?

Code:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Package_for_KB4474419~31bf3856ad364e35~amd64~~6.1.3.2]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Servicing\Codesigning\SHA2]
"SHA2-Codesigning-Support"=dword:00000001
"SHA2-Core-Codesigning-Support"=dword:00000001

solarstone2149 · Jun 6, 2022

didnt work

erpsterm35 · Jun 18, 2022

You need to login to view this posts content.

solarstone2149 · Jun 27, 2022

yea but update contains alot of sys files, including kernel
so how the hell you check the necessary ones
or better to ask which ones are necessary ones ?

abbodi1406 · Jun 28, 2022

You plan to replace ntoskrnl.exe?
what's wrong with installing KB4474419 ?

solarstone2149 · Jun 29, 2022

i can't

abbodi1406 · Jun 29, 2022

And KB3033929? it also add SHA2 support

solarstone2149 · Jun 30, 2022

same problem

George King · Jun 30, 2022

I don't think antivirus just looks to registry or file. Application itself should have implemented this check.

where do apps look for installed patch

solarstone2149 MDL Member

abbodi1406 MDL KB0000001

solarstone2149 MDL Member

erpsterm35 MDL Expert

solarstone2149 MDL Member

abbodi1406 MDL KB0000001

solarstone2149 MDL Member

abbodi1406 MDL KB0000001

solarstone2149 MDL Member

George King MDL Expert