Warning: Windows 7 Update Crashing NVRs

By: Brian Rhodes, Published on Aug 26, 2019

Windows 7 updates are causing VMS servers to fail to boot.

After running the update, impacted systems do not boot as normal, instead display this warning screen:

Windows 7 Update Crashing NVRs

In this note, we examine:

  • Which systems are impacted
  • What is causing the issue?
  • Vendor recommendations to fix
  • Dahua and Hikvision not impacted
  • End-of-Life Win 7 is coming
  • Is this a win for VSaaS?

The Problem

IPVM has received multiple reports of Windows 7 and Windows Server 2008R2 systems that will no longer boot after installing Microsoft 8/2019 Security update 'KB4512506 Security Monthly Quality Rollup'.

The problem occurs because this update uses now required SHA-2 signing, but mistakenly assumes the embedded OS servers and NVRs have been upgraded from SHA-1, which is not the case for many systems.

One site gave this explanation:

It looks like Microsoft forgot to make this update available for Windows 7 Embedded OS which installs the ability to use SHA-2 code signing.

As soon as the Aug 2019 security rollup update is installed, " KB4512506 " upon reboot, the OS indicates "Windows cannot verify the digital signature for this file " which of course is caused by the lack of the SHA-2 code sign support. I've had two NVR's go down due to this issue.

Below, we cover the impacted security vendors and how to fix the issue.

******* * ******* *** causing *** ******* ** fail ** ****.

***** ******* *** ******, impacted ******* ** *** boot ** ******, ******* display **** ******* ******:

Windows 7 Update Crashing NVRs

** **** ****, ** examine:

  • ***** ******* *** ********
  • **** ** ******* *** issue?
  • ****** *************** ** ***
  • ***** *** ********* *** impacted
  • ***-**-**** *** * ** coming
  • ** **** * *** for *****?

The *******

**** *** ******** ******** reports ** ******* * and ******* ****** ****** systems **** **** ** longer **** ***** ********** Microsoft */**** ******** ****** '********* ******** ******* ******* Rollup'.

*** ******* ****** ******* this ****** **** *** required ***-* *******, *** mistakenly ******* *** ******** OS ******* *** **** have **** ******** **** SHA-1, ***** ** *** the **** *** **** systems.

*** **** **** **** explanation:

** ***** **** ********* forgot ** **** **** update ********* *** ******* 7 ******** ** ***** installs *** ******* ** use ***-* **** *******.

** **** ** *** Aug **** ******** ****** update ** *********, " KB4512506 " **** ******, the ** ********* "******* cannot ****** *** ******* signature *** **** **** " ***** ** ****** is ****** ** *** lack ** *** ***-* code **** *******. *'** had *** ***'* ** down *** ** **** issue.

*****, ** ***** *** impacted ******** ******* *** how ** *** *** issue.

[***************]

Impacted ******* ****

**** *** **** ** attempted ******* **** * number ** ******* ** this *****. ******* ****** appears *****, **** **** experiencing **** ******* ** calls *** ** *** update, ***** ****** *** reporting ****:

  • ********:[******] ******** *** ********* that **** **** *** some ****** ** *** field **** ***** *******, but ** * ******* basis, *** **********. **** machines *** ** ****** running ******** ******** ** Windows.
  • ******* ********: [******]** *** ********* **** a **** ************** *** ***** ** how ** ******* ** on *** * ********* Series *********.***** **** ******* **** specifically ********* **** ** support ** ***** ** the *******, *** ******* has *** ********* ** IPVM. ** **** ****** when **** **.
  • *****:** ***** ** **** discussion, ***** *** ****** a ****** ** *** top ** ***** **** and ************** ****** ************.
  • *********: ** ********* *********, who **** ** **** have *** **** ******** of *** ******** ******* in *** **. ********* HQ ******* *** *** yet *********.
  • *******: *** ******* ****** official ****** *** ***** support ****** *** ******** dealers ** **** *** automatic ******* '***** ******* notice'.
  • ***: *** ****** ****** reported *** ***** ** a **** ****** ***** warning **** *****,****** **! *********.*** ******* 5 *** **** ****** ********.

*******, ***** ***** *** NVRs ***** ** ********, as ****. ** **** update **** **** ** other ******** ******* *** known.

Not ***** *** *********, *****, *** ***** ***** ****/*******

*************, *** ***** ** this ***** **** ******* older ******* ** ******** and ****.

********** ******** ******* ********* from ***** *** *********, who ******* ******* ***** an ******** ******* ** Linux.

Fix: ******* *** * ** ******** ********

** **** *****, ******** vendors *** ************ ******* repair *** ***** ** reimaging *** *** * OS ** * ******** version.

*** ****** ******* ****** based ** *** ****** build/motherboard ****, *** *** process ********* ******** ******* to ******** * '******** version' *** **** ** a *** *****, **** travelling ** **** ******** NVR ** *** ***** and ******** *** ***.

Security ****** ********

******* ******** ******* **** released ******** ******* *** warnings ***** *** *****.

*** *******, ***** *** placed ******** ****** ** *** top ** ***** ****:

******* **** ****** ******** notice *** ***** ******* portal:

** ******** ** *** official ******, ******* **** clarified ** ****:

"** ***** ** ********** for **, **** ** affecting **-*** **/**/** ****. SV-PRO **/** *** ********** EOL, *** ** *** some ***** **** **** and ****** *** ******** regardless."

[******] ******* ******** ************ **** * **** instruction*** *** ***** ** how ** ******* ** on *** * ********* Series *********.

Undiscovered ********

**********, **** ******** ******* may **** ********** ******. Since **** ************ ******* (especially ******* ******* ***** impacted **** *** ********) are *** ******** *********, many ******* *** *** viewed ***** ******** ******* is ******.

***** ******** ****** ******* out, **** ** ****** to ****** ** ************ issues:

* ***** ** ******* to *** **** **** systems *** ***** **** be **** *** ****, weeks *** ***** **** months ****** ****** *******. Many ***** ******** *** homeowners **** ***** ***** cameras **** *****'* * problem. **** ******* ** there's * *********** ***** and **** **** *** the ****** *** **** down *** **** ** months?

Corrective ******: "**** *** ********* *******"

** ******* ****** ********, vendors *** ******* ********** to ******* ****** ********* Win * *******.

*******, **** ********** **** leaves *** ******* ********** to ******* * ******** threats *** ****** **** unpatched ******* ***** *****.

Win * ***-**-*****, ******* ****** **** ****

*** ******* ** *********** by *** ******** *** of ******* ********** * ** ******* 2020.

**** ** ******* ******* date ** ****, ******* will *** ******* ******* security ******* ***** ******* 13th, **** *** '******* Embedded ******** *'. *** company ****** ** ************ * ********* *****:

********* **** * ********** to ******* ** ***** of ******* ******* *** Windows * **** ** was ******** ** ******* 22, ****. **** **** 10-year ****** ****, ********* will *********** ******* * support ** **** ** can ***** *** ********** on ********** ***** ************ and ***** *** ***********.

** **** **** **** looming, ******** **** *** servers ******* *** ******** OS **** ********** **** to ******* ********* *******, or ** ********, ****** the **** **** **** risking *********** *********.

Impact ** *******

************* *** ******** *******, recourse ******* *******.

**** ****** ******** ******* from '** ********' ******** ******* ****** ************, ******* *** ********* placing ************** ** *** the ******* ** **********.

******* ******* ** **** spoken **** **** *** they *** '******* ****** on *** *** ****' and **** '** *** eating ***** ** **** manhours' ********* ******* ******.

*** ******** ****** ********* a*********** ****** ** ***** repairing ******** ********:

* **** ***** **** of *** ******* ********* affected ****. *** ******* based ** ****** ****** were *** ******* ** repair. * ****** ******* typed ** ****** ****** you ** * ****** to **** **** *** updates. *** ******* * embedded ***** *****'* ** easy. **** ********* *** to ** ******** ** out ** *** *** condition ****** **** ***** operate. **** ***** *********** all **** ******* (***** the **** **** ******* the *******) *** ********* them ** ***** ******.

***** *** ********* *** date *** ******** ** machines, ** ** *** expect ******* ** ****** significant ********** ********* ** the *****.

A *** *** *****?

****** ***** ******* *** going ** ***** **** is * **** ************* for ***** **** *** not ****** ** ***** about **** **** ** crisis.

*******, *** **** ****** who **** ******* * for ** **** *** also ****** *** ***** to ** ***** ** pay ******* **** *** upgrade ***** ** **** may ********* ** ******* systems.

******* **** ******* ******* tout ***** * *********** recording ****** ** *** is '* ****** ***** ** failure', *** ** ****** issues **** **** ******** similar *********.

Comments (7)

**** **** ******** ** me (*** *** ****** time ** *** **** year) ******* **** ****** Station ** * ******* 7 ******* (**** ***** NVR). * ** *** run ********* ******* *** do ******** ******* ******* from **** ** ****. Unfortunately, *** **** *** is ****** **-******* *** machine **** ***** **** Axis **** *******.

** **** ** ******** Win7 ***** ** **** Win7?

************** ****** ******* **** versions.

**** ****, ** ********* is *** ******** ******* that ** **** *** affected.

[******]DW ********

******* ******** ************ **** * **** instruction*** *** ***** ** how ** ******* ** on *** * ********* Series *********.

**** ***** *******, ** also ********* ******* *** automatic ******* ** ******* similar ******:

** *** ********* ***, Windows ******* **** *** configure ** ******** *** install ************* **** *** factory *** ** *** unforeseen *** ********** ****** the ******* ******* *** cause ** *** *********** of *** ****** *** DW ********.

** *** **** ****** last **** *** ******* Radius (*** ****, ***** uses *****) *** ***** Digital ****** (****** ******).

******: ******** *** ********* that **** **** *** some ****** ** *** field **** ***** *******, but ** * ******* basis, *** **********. **** machines *** ** ****** running ******** ******** ** Windows.

***** **** ** *** conspiracy ******** ** ** or *’** ****** *** cynical *** * ***** Microsoft *** **** ** purpose ** ***** **** to ******* ** ******* 10 ** ****** ****. If ** *** **** this ***** ** ***** NOT **-******* ******* *; we ***** ******* ******* 10 ** ****** ****.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

China DVR/NVR Backdoor Discovered, Huawei Refutes on Feb 07, 2020
A backdoor was found in Chinese-produced DVRs and NVRs that secretly allowed access to the recorders. While it was first attributed to Huawei...
Genetec Security Center 5.9 Release Examined on Feb 06, 2020
Genetec released the next major version of Security Center, less than a year after version 5.8. This also follows no Genetec major releases in...
Remote Access (DDNS vs P2P vs VPN) Usage Statistics 2019 on Oct 25, 2019
Remote access can make systems more usable but also more vulnerable. How are integrators delivring remote access in 2019? How many are using...
ONVIF Exposure To "Devastating DDoS Attacks" Examined on Sep 06, 2019
ZDnet reported "Protocol used by 630,000 devices can be abused for devastating DDoS attacks", citing exposure of ONVIF devices. And after an...
Critical Vulnerability Across 18+ Network Switch Vendors: Cisco, Netgear, More on Aug 26, 2019
Cisco, Netgear and more than a dozen other brands, including small Asian ones, have been found to share the same critical vulnerability, discovered...
Axis Suffers Outage, Provides Postmortem on Aug 15, 2019
This week, Axis suffered an outage impacting their website and cloud services. Inside this note, we examined what happened, what was impacted...
CheckMySystems Company Profile on Aug 14, 2019
CheckMySystems says that too many users respond, "I get an email when something is wrong" when talking about their video system maintenance plan,...
LifeSafety Power NetLink Vulnerabilities And Problematic Response on May 20, 2019
'Power supplies' are not devices that many think about when considering vulnerabilities but as more and more devices go 'online', the risks for...
Security Fail: ASISNYC Auto Emails Passwords In Plain Text on May 14, 2019
ASIS NYC automatically emails a user with the password the user just entered, in plain text, when one registers for the site / event, as the...
HTTPS / SSL Video Surveillance Usage Statistics on Apr 01, 2019
HTTPS / SSL / TLS usage has become commonplace for websites to improve security and, in particular, to help mitigate attackers reading or modifying...

Most Recent Industry Reports

USA's Feevr Thermal Temperature System Examined on Mar 31, 2020
This US company has burst on to the scene, brashly naming itself 'feevr' and branding itself as a "COVID 19 - AI BASED NON CONTACT THERMAL...
JCI Coronavirus Cuts on Mar 31, 2020
JCI has made coronavirus cuts, the company told employees in an email that IPVM has reviewed. Inside this note, we examine the cuts made, the...
Add Door Operators To Fight Coronavirus on Mar 31, 2020
IPVM recommends that integrators advocate and end-users consider adding door operators to fight the spread of coronavirus. This delivers...
Video Surveillance Business 101 on Mar 30, 2020
This report explains the fundamental elements of the video surveillance business for those new to the industry. This is part of our Video...
FDA Gives Guidance on 'Coronavirus' Thermal Fever Detection Systems on Mar 30, 2020
The US FDA has given IPVM guidance on the use of thermal fever detection systems being marketed for coronavirus, as an explosion of such devices...
Worsen: Integrators Hit Even Harder By Coronavirus on Mar 30, 2020
Integrator's problems have worsened over the past 2 weeks, according to new IPVM survey results. Inside this report, we share statistics and...
Pivot3 Mass Layoffs on Mar 27, 2020
Pivot3 has conducted mass layoffs, the culmination of grand hopes, a quarter of a billion dollars in VC funding, and multiple failures to gain...
Athena CEO Criticizes 'Deplorable' 'Nitpicking', IPVM Refutes on Mar 27, 2020
UPDATE: NBC News Report Cites IPVM On Coronavirus 'Fever Detection' Cameras Athena Security's CEO Lisa Falzone has strongly objected to IPVM's...
Hikvision Admits Sanctions Harming Its Financial Performance on Mar 27, 2020
While Hikvision initially downplayed being sanctioned for human rights abuses, the company is now admitting a significant impact in a new PRC...