If you get Windows Update error 0x80092004 on Windows 7 or Server 2008 R2 do this - gHacks Tech News

If you get Windows Update error 0x80092004 on Windows 7 or Server 2008 R2 do this

Microsoft released updates for all supported versions of Windows -- client and server -- on the August 2019 Patch Day. You can check out our overview of the updates if you have not done so already.

Reports suggest that some administrators and home users face issues with the released updates on machines running Windows 7 or Windows Server 2008 R2.

Attempts to install the updates KB4512506 (monthly rollup update) or KB4512486  (security-only update) fail with the error 0x80092004. The error associated with the error code, CRYPT_E_NOT_FOUND, suggests that Windows Update rejects the updates because cryptographic values that the update packages contain are not found.

windows 7 server 2008 r2 update error 0x80092004

Microsoft changed the signing of update packages for Windows 7 and Windows Server 2008 R2 devices on the August 2019 Patch Day for the first time. The company signs packages only with SHA-2 since August 2019; it signed them with SHA-1 and SHA-2 previously but decided to drop SHA-1 because of known weaknesses.

We published an article in 2018 about the change stating that Windows 7 and Server 2008 R2 systems needed certain patches to continue receiving updates.

It appears that affected Windows systems are looking for SHA-1 in the update package and ignore SHA-2. SHA-1 is not included anymore and that appears to be the reason why error 0x80092004 is thrown on those systems.

Tip: it is always good to research Windows updates before installing updates.

Microsoft revealed that certain Symantec and Norton software installed on Windows 7 or Windows Server 2008 R2 systems does not play nice with the change and Microsoft made the decision to block updates on machines running Symantec and Norton software until the issue is resolved.  The security solutions may block or delete Windows Updates.

While it is possible that the issue is related, e.g. that other antivirus solutions are causing issues with Windows Updates as well, it is more likely that a required update is missing.

Two updates need to be installed on Windows 7 and Windows Server 2008 R2 systems so that SHA-2 signed updates are installed correctly:

  • KB4474419 -- SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019
  • KB4490628 -- Servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1: March 12, 2019

If one of these is not installed, SHA-2 signed updates won't be accepted and the error is thrown instead.

Microsoft confirms that KB4474419 is a prerequisite on the support website. The company lists KB4490628 on the page as well stating that it strongly recommends that it is updated. SSU updates are installed automatically if Windows Updates is used but need to be installed manually if updates are installed manually. It is unclear why Microsoft does not list the SSU as a prerequisite more clearly.

You can verify that these updates are installed by checking the "Installed Updates" listing in the Control Panel or by running third-party software such as Nirsoft's WinUpdatesList.

If at least one of the updates is not installed, install it on the device and run a new check for updates after installation; the August 2019 update should install just fine this time.

Now You: Did you run into any issues installing the August 2019 updates? (via Born)

If you get Windows Update error 0x80092004 on Windows 7 or Server 2008 R2 do this
Article Name
If you get Windows Update error 0x80092004 on Windows 7 or Server 2008 R2 do this
if you are getting error 0x80092004 during installation of the latest updates for Windows 7 SP1 or Windows Server 2008 R2, you are missing a critical update.
Ghacks Technology News

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Previous Post: «
Next Post: »


  1. TelV said on August 15, 2019 at 11:05 am

    No problems with Windows 8.1, but as I understand it Microsoft will apply the same criteria to this OS as well with the upcoming September patch releases.

  2. P Koryn said on August 15, 2019 at 11:38 am

    I’m not clear – if I already have KB4490628 installed prior to the August updates – do I need to have KB4474419 already installed as well? (A check of my system shows 4490628 already installed but 4474419 is not.) Or is just 4490628 installed enough to keep from getting the error?

    1. EP said on August 15, 2019 at 7:01 pm

      you need BOTH 4474419 and 4490628 updates installed, P Koryn.

      1. Marlon said on August 21, 2019 at 9:47 pm

        One important detail you need to install 4474419 that was release on August 2019.
        If your system has 4474419 installed on March my advise is to removed and update it with the August version.Also the system needs to have installed KB3133977 and KB4490628

  3. wat said on August 15, 2019 at 1:28 pm

    Yes, we had problems with this update and had to disable protection of our security suite until restart in order to get this update installed successfully.

  4. EderC said on August 15, 2019 at 8:52 pm

    E para sistemas com Criptografia McAfee e Agent “Antivirus” McAfee. esta apresentando mesmo erro na instalação Atualizações do Windows KB4512486 – 0x80092004

  5. EderC said on August 15, 2019 at 9:15 pm

    And for systems with McAfee Encryption and McAfee Agent “Antivirus”. is experiencing same error while installing Windows Updates KB4512486 – 0x80092004 ?????

  6. Emery said on August 15, 2019 at 10:16 pm

    Not a problem for us, we disabled and blocked Windows updates a couple years ago, been smooth sailing ever since.

  7. Belga said on August 15, 2019 at 10:35 pm

    I can’t install the (two) KB4474419!
    Copy of the packages, initialization, installation in progress then … “the update could not be installed” (without error code).
    No more security updates for me thus, but whatever, their end is still close.

  8. Rick said on August 16, 2019 at 1:36 am

    I have both 4474419 and 4490628 installed, and still can’t install KB4512506. I’ve tried Windows Update and the standalone package. I’m getting error code 8024200D from Win Update. I’ve tried the system update readiness tool but that didn’t help either. Tried several reboots, stopped and started services, etc. Driving me nuts.

  9. Grzegorz said on August 16, 2019 at 11:14 am

    KB4512506 was failing during download stage at 11% with unknown error (code 80092004).

    KB4474419 (SHA-2 code signing support) was present, but KB4490628 (Servicing stack update) was missing for some reasons and not showing as available important update in Windows Update.

    After manually downloading KB4490628 as standalone package, installing and rebooting KB4474419 finally installed successfully.

    1. Bubba said on August 16, 2019 at 11:51 pm

      same exactly for me

    2. flat said on August 18, 2019 at 11:15 pm

      Yep, exact same problem and solution for me as well.

  10. Peterc said on August 16, 2019 at 5:15 pm

    I installed this month’s security-only updates on my Windows 7 x64 system using WSUS Offline Update. (I usually wait a bit longer for more fallout to emerge, but once again, this month’s RDP vulnerabilities are apparently “wormable” even if RDP isn’t in use or some-such. I have a freshly cloned system drive to fall back on in case my system gets borked, and it only takes me 5 minutes or so to swap it in, so I’m willing to take more chances with updating and fewer chances with security vulnerabilities than, say, Woody Leonhard of AskWoody.)

    I’d previously read this article and checked the WSUS Offline Update download log to make sure that the August 2019 version of KB4474419 got downloaded. It did. Both of WSUS Offline Update’s two stages (download/”generate” and install went without a hitch, and WPD (Windows Privacy Dashboard) showed that this month’s security-only updates hadn’t snuck in any unwanted telemetry (unlike last month’s).

    However, Belarc Advisor flagged the 2019-08-13 KB4474419 update as missing. Control Panel > Programs and Features > Installed Updates said KB4474419 was in fact installed but didn’t identify its date. An Everything search of my system showed that the latest KB4474419 was dated 2019-08-09, so I downloaded the 2019-08 KB4474419 from the Microsoft Update Catalog. That update was internally dated 2019-08-16, but it wouldn’t install because it identified itself as *already* installed.

    I suppose I could manually uninstall KB4474419 in Control Panel and then manually install the new version I just downloaded, but the other two security updates Belarc had previously flagged are no longer missing (meaning that the slightly older version of KBKB4474419 hadn’t prevented them from being installed), so I’m inclined to let sleeping dogs lie for now. I’m not missing any security-only updates proper, and maybe the issue will get sorted out by next month’s Patch Tuesday.

    PS: I’m not seeing an option to subscribe to comments to this article.

  11. Stan said on August 16, 2019 at 6:13 pm

    FWIW, Win 7 64bit Pro.

    KB4474419 offered via updates; installed


    KB4512486 Security Only update from MS update Catalogue.

    Installed fine after an extra restart.

    Thanks Martin :)

  12. Terrence Ronald Hinz said on August 17, 2019 at 10:19 pm

    I am having this problem with KB4512506. I downloaded KB4490628 but can’t install it because Windows says it is not applicable to my computer. Any suggestions?

    1. Jon C. said on August 19, 2019 at 2:41 pm

      Terrence, I had to apply both KB4474419 & KB4490628 before I could manually run KB4512506 from Windows catalog. I’m not sure but I think it’s because we’re Symantec customers though.

      1. Terrence Ronald Hinz said on August 20, 2019 at 2:02 am

        KB4474419 is already on my computer, but as indicated earlier, Windows won’t let me install KB4490628. Does anyone know how to deal with this?

  13. J8mie said on August 20, 2019 at 5:00 pm

    Thanks so much for posting this article.
    I have installed these two updates and now I can install this months Windows uodates to all my servers.

    Thanks again.

  14. jojo said on August 20, 2019 at 8:25 pm

    I tried these recommendations but I would still get “windows failed to start” after the update, had to boot with win7 cd and then do a restore to get back to point before the update. Finally found the fix, I installed all of the “optional” updates that were marked “recommended”, after do this I was able to install update KB4512506 without issue.

  15. ML Davis said on August 21, 2019 at 2:23 am

    On an older Dell laptop running Win 7 I got the 80092004 error when applying the Aug monthly rollup update (KB4512506) as described in this article. I found that KB4474419 had been just installed successfully by Windows Update. I downloaded and applied the second that is mentioned, KB4490628. After that the Aug Monthly update installed without problems via Windows Update. Many thanks.

  16. Paul said on August 21, 2019 at 5:51 pm

    have tried everything in this article to get the lastest 4512506 update and Im stumped. all required files for …506 have been installed and is the only “important update” listed in Windows Update.
    downloaded the file MUC to try and install manually with no success…


  17. Alice said on August 22, 2019 at 8:17 am

    Windows 7 has been updated in August and the desktop never opened. Can you help?

  18. patdu1 said on August 22, 2019 at 9:29 am

    Happened to me as well, and here is how I was able to fix it:

    No guaranty that it will work for you though…
    Good luck

  19. Mike E said on August 31, 2019 at 4:21 am

    Thanks so much for posting this issue and solution. I have a few virtual machines matching OS production systems. I noticed this error on my Server 2008R2 VM. I usually try and wait till following month to proceed with production updates and presto I found the answer here.

  20. reader said on September 1, 2019 at 3:32 am

    yeah. my mums computer generally works ok. she doesn’t want it to break. so I might send MS a msg shared by many, many, many other users globally – b0110x to the updates.

  21. Anonymous said on September 2, 2019 at 7:40 pm

    Thanks for the concise and easy to understand report…installed KB4490628….and patch was installed without the errror….thanks again….

  22. iamnewborn said on September 6, 2019 at 3:06 pm

    It is fixed now. Checked right now on clean installation of 2008R2. If you make a clean install, KB 4512506 is not offered in updates list before pre-requisites are installed. If you install updates manually, you still need to install KB4490628 at first.

  23. Todd B said on September 13, 2019 at 7:12 am

    Thank you so much for this helpful information. After installing KB4490628 the patch installed without a hitch.

  24. Emanuel said on September 15, 2019 at 5:43 am

    Dude, seriously thanks for this info. It worked like a charm and already solved it, I was trying to solve the error 80092004 the whole day, trying different ways and thinking in format my computer because couldnt see what was failing and I thought I screwed up my computer after doing a downgrade.

    What happened is that didnt have KB4490628 but after installing it the error dissapeared.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.