Leaderboard

As all of you Vista users surely know, IE9 is the last version of the MS supplied browser that can be installed on that OS. It has several prerequisites, notably KB948465 (SP2 for Vista SP1), KB971512 (Windows Graphics, Imaging, and XPS Library) and KB2117917 (Platform update supplement for Windows Vista); you can read more here. MS had continued patching security vulnerabilities in IE9 on Vista SP2 via "Cumulative Security Updates for Internet Explorer 9 on Windows Vista SP2" up until Vista's EOL on April 11th of this year (update KB4014661). MS will continue patching IE9 on Windows Server 2008 SP2 (as, again, it's the last version installable there, too) until that product reaches its (Extended Support) EOL in 2020. If you have been following our Server 2008 Updates on Windows Vista thread, then you should have already installed follow-ups KB4018271 (May 2017), KB4021558 (June 2017) and KB4025252 (July 2017). For the rest of this post I'll assume your Vista SP2 OS (ergo IE9 copy) is fully updated even with post EOL updates intended for WS2008SP2; e.g. on my setup (Vista SP2 Home Premium 32bit), "About Internet Explorer" looks like: For those of you out there with an intention to using IE9 as your main browser on Vista, sadly, you'd have come to the conclusion it's only half-usable currently, at best; this is a result of: 1. Most modern sites have removed support for IE9 completely, via UA string sniffing: Somes sites (like Youtube) offer a workaround, for others it may be necessary to spoof the actual UA string as one from a later OS+IE version (e.g. via the "Set UA String" IE addon). 2. Many sites have moved to recent web design, so they don't render correctly (if at all) in IE9, even in "Compatibility View" (well, actually, this is to be expected; CV means the site was optimised for IE8-); FWIW, even MS pages don't display correctly now in IE9 . 3. A third scenario I find quite irritating is that many sites fail to load at all in IE9 if they use the HTTPS protocol; with the recent move of many major sites to the more secure, encrypted, HTTPS, "allegedly" to increase user privacy and security, I found the list of "secure" sites not opening in IE9 growing at a high rate; of course there's always Firefox, but it's IE9 we're discussing here... Upon investigation, I discovered this is due to IE9 on Vista only supporting TLS protocol v1.0; this is considered by today's standards no longer secure enough, so many sites using HTTPS have moved to the more secure versions 1.1, 1.2, even to 1.3! Fortunately, a recent MS update (intended for the WS2008SP2 OS) can be applied on Vista SP2 that will implement TLS 1.1/1.2 support on Vista's IE9, too! ; I have spoken about this important update here. 1. Install then KB4019276 2. Reboot the Vista machine 3. After restart, launch the Registry Editor (regedit), preferably as Administrator. 4. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1 5. Delete the "OSVersion"="3.6.1.0.0" subkey; BTW, I don't know which WinOS that string refers to (Win6.1=Win7) 6. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2 7. Again, delete the "OSVersion"="3.6.1.0.0" subkey. Exit Registry Editor. 8. Launch IE9; Tools -> Internet Options -> Advanced tab -> Scroll all the way down to "Security": Prior to KB4019276 and registry manipulations, only "Use TLS 1.0" had been available on Vista; you should have already unchecked the older "Use SSL 2.0/3.0" options, to avoid being targeted by "POODLE" attacks; uncheck "Use TLS 1.0" (optionally also "Use TLS 1.1") and check "Use TLS 1.2". 9. Click Apply, OK, then exit IE9. 10. Upon restarting IE9, you'll find you can now visit all those sites that previously would not load due to unsupported TLS protocols: 10. You can verify further that indeed 1.2 is being used during server-client negotiations via specialised sites or via IE9's native GUI: I honestly hope you'll find my post to be of value; enjoy your more secure (than ever before?) Vista OS!

I've already mentioned this issue: Original post is about implementing TLS 1.1/1.2 support to IE9; it will allow for opening HTTPS websites that were previously inaccessible to IE9, because it would go as far as TLS 1.0. Sadly, the recent MS update has nothing to do with IE9's rendering engine, which is what's used to properly display (render) a loaded webpage . For sites that do open but don't display correctly (and/or are not fully functional) you'll have to use another, more modern, browser that supports more recent Javascript and CSS code needed to render them correctly; apologies, but I'm not an expert in HTML and web design, so my terminology might be somewhat off, but I think you still get the picture (... or lack of it, if it fails to render in IE9 ! ). Please have a read of this older forum thread ; WS 2008 SP2 is already inside Extended Support (i.e. no new features, only security updates issued for it), so I was pleasantly surprised by KB4019276 which, depending on how you look at it, could be considered as a new OS feature; OTOH, it can simply fall inside the "security" category, since it improves the "security" protocols used when accessing HTTPS web places... I don't think that MS will issue any future updates in the remaining 2.5 years (till WS 2008 SP2 becomes EOL) that would enable an upgrade of IE9's layout engine - security: YES, they are still catering for that; functionality: THEY SIMPLY DON'T CARE; else they would've upgraded their own browser to IE10 or IE11 (possibly after a Vista/WS 2008 SP3 and/or a second Platform Update...).

NOT as fun as Tay's or Zo's ones, namely last documented Zo's one: http://uk.businessinsider.com/microsoft-ai-chatbot-zo-windows-spyware-tay-2017-7 jaclaz

Can't speak for him, but I've never had to do a format and reinstall on any of my computers for that reason.

Omg im actually really keen on trying this,thanks for once again keep Vista Alive and IE9 aswell ofcourse Also when i use ie9 webpages dont load/render properly do you know of any fix for this? (eg. hltv.org)

Source: Description of Software Update Services and Windows Server Update Services changes in content for 2017 Tuesday, July 18, 2017 Non-security Updates 1. July, 2017 Preview of Quality Rollup for .NET Framework 2.0 SP2, 4.5.2 and 4.6[.1] on Windows Server 2008 SP2 (KB4032116); MS Catalog link: KB4032116 This is a .NET Framework bundle update, that breaks down to the following individual ones: 1a: May 2017 (Yes, May) Preview of Quality Rollup for .NET Framework 2.0 SP2 on Windows Server 2008 SP2 (KB4014592); I haven't been able to find concrete info on why this was re-released; FWIW, if you have been following this thread, you should've already installed this as part of the May 2017 .NET FW updates, as outlined here ; no need to re-install if already inside your list of installed .NET FW updates. 1b: July, 2017 Preview of Quality Rollup for the .NET Framework 4.5.2 on Windows Server 2008 SP2 (KB4024845); if (by choice) you're still on .NET Framework 4.5.2, then this one's for you... 1c: July, 2017 Preview of Quality Rollup for the .NET Framework 4.6 (and 4.6.1) for Windows Server 2008 SP2 (KB4024848); if on .NET Framework 4.6[.1], that's the one for you (i.e omit the previous one). But be careful: It has another one as a prerequisite: D3D Compiler Update for Windows Server 2008 SP2 (KB4019478) You must first install (manually) KB4019478 (I wasn't asked for a reboot afterwards) and then proceed to install KB4024848; the latter took some time, but did install successfully (reboot required): PS: While file NDP46-KB4024848-x86.exe obviously pertains to .NET Framework 4.6, when actually running it one sees references to .NET Framework 4.7 (also, file version is stated as 4.7.2102.5); this has me believe it actually adds 4.7 features to the 4.6.1 installed version of .NET Framework (whereas, as you know, 4.7 itself won't install on Vista SP2). 2. Update for Windows Server 2008 SP2 (KB4019276); MS Catalog link: KB4019276 This is a most important update, as it implements TLS 1.1/1.2 support systemwide (to the whole OS); you can read more at MS's KB article. TLS 1.2 is the recommended standard for server-client authentication via the HTTPS protocol, recent Firefox and several other browsers already offer support for the next iteration, TLS 1.3. One can't help but wonder why this wasn't offered earlier for the Vista OS (NT6.0), while it was still under Extended Support ; as said, it's a significant security and performance enhancement to the NT6.0 platform, making it overall more secure and robust, in tune with current tightened internet security implementations. I will post a separate topic on how to enable TLS 1.1/1.2 support on Internet Explorer 9, Vista SP2 version - I don't have WS 2008 SP2 to check, but on my Vista SP2 Home Premium (x86) OS, just installing KB4019276 (and rebooting) wasn't enough . KB4019276 requires a reboot afterwards, other than that it installed fine:

This act just Rememberize me something familler with the "System" its start simple building infrastructure for anything that needed health, government and so on, and then come the law or the template that set by who know his name, and cant be change back and will hold still for ever Windows 10 just going this path, its start nice and dice everyone is happy building their infrastructure based on windows platform and everything is ticking till the "evil" force come on and start changing things everytime it going small step by step till no one can go back to the way its was, and we stuck with this c**** forever so is our internet freedom and net neutrality

Well, this thread and similar like it have really opened my eyes.....even if I need glasses nowadays... I think we can all agree that something is seriously wrong in the Microsoft camp.... I don't like the idea of Microsoft taking care of any data at all....Yes, I understand that is hard to avoid....just have no respect for them as a company any more... bookie32

I see no problem with my analogy. Microsoft is MOST CERTAINLY not qualified to drive my computers, nor to go through my data. That they engineered some components of my systems / network makes them qualified to supply components, and only after serious validation. I think this touches on the crux of the problem. They are trying to take the stance that they're qualified to run systems only after having shown themselves to be (barely) qualified to supply parts. -Noel

Like I said, a good learning experience, not dissimilar from keeping the car keys out of the little ones' hands - though I'm not sure I'd hand over the keys first in order to find out what could happen. "With great computing power comes great responsibility." But if I understand you correctly, the computer IS server-connected, right? Just to Microsoft's servers. The servers that manage your "Microsoft Account". Microsoft's point with "Windows as a Service" goes along the lines of "user's can't be expected to manage their own systems or data, so hand it over to us and we'll take care of it". I'm not sure I agree with that. Sure, not everyone wants to be a computer geek, but does the pendulum have to swing ALL THE WAY the other way? Maybe instead of "taking over", Microsoft should be building robust systems that keep the control in users' hands but help them in new and unprecedented ways to keep their data safe. Windows 7 gave us the ability to back our systems up, and even reminded us to set up a backup process that was useful to us. SOME people actually listened and did it, because they realized their data has value to them. More recently, it's as if Microsoft wants people to feel as though their data has no value, and that they should be "living in the moment" only. Perhaps I'm weird, but I consider handing over my administrative account information (and telemetric data, data files, etc.) to Microsoft in the same light as handing car keys to kids. Why does anyone think that's a good idea? -Noel

Disc burning or mounting software: DAEMON Tools Pro v7.0 ($$$, CS) - last Vista/XP supported version UltraISO ($$$, CS) - still supported Multimedia: PowerDVD 15 ($$$, CS) - last supported version DVD/BD rippers: AnyDVD HD ($$$, CS) - still supported DVDFab ($$$, CS) - still supported

I made a small Ndis2 inf-file for personal use. You can try. It works for me in case of Realtek RTL8111DL and RTL8111E. As I only have a 100 Mbps LAN, I cannot test the 1000 Mbps LAN that should be possible according to Realtek. Although I think ragnargd don't need a HOWTO anymore , maybe others. Installation instructions. 1) Find "Realtek NDIS2 driver ( Support DOS MSclient,Lantastic,Lanman,Norton Ghost )" on Realtek's Global site. Download will give you 0002-RTGBND2.152_EXE68.zip. Unzip RTGND.DOS and place this file together with my inf-file in a directory of your choice. 2) If Windows detects during boot-up "PCI Ethernet Controller", follow Windows installation-wizard. In case you already have a yellow exclamation marked "PCI Ethernet Controller" in Device Manager, choose "Install again". 3) After reboot, first go to real mode. If everything is all right, you will see during boot an installation-screen of the driver with "Link speed: 1000 Mbps" and "Duplex mode: full-duplex". On the MS-DOS command-line "mem /a/c/p" will show RTGND, PROTMAN and NDIS2 in conventional/upper memory. RTGND will take 42kb of memory! 4) Type "win" and go inside Windows to Properties of Network Neighborhood and look for "RTL8168/8111 PCI-E Family Ethernet Adapter". Properties will show that there is a "Real mode (16 bit) Ndis2-driver", choice of other drivers is grayed out. Bindings shows TCP/IP and Advanced will show only Link Speed choices. Default is "Auto Detect", other possibilities are "1000 Mbps full-duplex", "100 Mbps full-duplex", "100 Mbps half-duplex", "10 Mbps full-duplex" and "10 Mbps half-duplex". During reboot you will see your choice in the MS-DOS installation screen of the driver. There is one small drawback in using this real mode Ndis2-driver. After "Exit to MS-DOS" you cannot return again to Windows and using the driver. The driver needs always a full reboot. It should have to do something with flushing the cache of the NIC So don't mess around with Config.sys, Autoexec.bat or Protocol.ini. Let the Windows Installer do the job. Please report your findings. WARNING: you make this installation at your own risk, no warranty at all! NetrtgRM.inf

NEWS: I was able to load windows media player 10.... It's a little buggy because there are some missing functions I have not added yet, but now it loads