Warning: Windows 7 Update Crashing NVRs

By: Brian Rhodes, Published on Aug 26, 2019

Windows 7 updates are causing VMS servers to fail to boot.

After running the update, impacted systems do not boot as normal, instead display this warning screen:

Windows 7 Update Crashing NVRs

In this note, we examine:

  • Which systems are impacted
  • What is causing the issue?
  • Vendor recommendations to fix
  • Dahua and Hikvision not impacted
  • End-of-Life Win 7 is coming
  • Is this a win for VSaaS?

The Problem

IPVM has received multiple reports of Windows 7 and Windows Server 2008R2 systems that will no longer boot after installing Microsoft 8/2019 Security update 'KB4512506 Security Monthly Quality Rollup'.

The problem occurs because this update uses now required SHA-2 signing, but mistakenly assumes the embedded OS servers and NVRs have been upgraded from SHA-1, which is not the case for many systems.

One site gave this explanation:

It looks like Microsoft forgot to make this update available for Windows 7 Embedded OS which installs the ability to use SHA-2 code signing.

As soon as the Aug 2019 security rollup update is installed, " KB4512506 " upon reboot, the OS indicates "Windows cannot verify the digital signature for this file " which of course is caused by the lack of the SHA-2 code sign support. I've had two NVR's go down due to this issue.

Below, we cover the impacted security vendors and how to fix the issue.

Impacted ******* ****

**** *** **** ** attempted ******* **** * number ** ******* ** this *****. ******* ****** appears *****, **** **** experiencing **** ******* ** calls *** ** *** update, ***** ****** *** reporting ****:

  • ********:[******] ******** *** ********* that **** **** *** some ****** ** *** field **** ***** *******, but ** * ******* basis, *** **********. **** machines *** ** ****** running ******** ******** ** Windows.
  • ******* ********: [******]** *** ********* **** a **** ************** *** ***** ** how ** ******* ** on *** * ********* Series *********.***** **** ******* **** specifically ********* **** ** support ** ***** ** the *******, *** ******* has *** ********* ** IPVM. ** **** ****** when **** **.
  • *****:** ***** ** **** discussion, ***** *** ****** a ****** ** *** top ** ***** **** and ************** ****** ************.
  • *********: ** ********* *********, who **** ** **** have *** **** ******** of *** ******** ******* in *** **. ********* HQ ******* *** *** yet *********.
  • *******: *** ******* ****** official ****** *** ***** support ****** *** ******** dealers ** **** *** automatic ******* '***** ******* notice'.
  • ***: *** ****** ****** reported *** ***** ** a **** ****** ***** warning **** *****,****** **! *********.*** ******* 5 *** **** ****** ********.

*******, ***** ***** *** NVRs ***** ** ********, as ****. ** **** update **** **** ** other ******** ******* *** known.

Not ***** *** *********, *****, *** ***** ***** ****/*******

*************, *** ***** ** this ***** **** ******* older ******* ** ******** and ****.

********** ******** ******* ********* from ***** *** *********, who ******* ******* ***** an ******** ******* ** Linux.

Fix: ******* *** * ** ******** ********

** **** *****, ******** vendors *** ************ ******* repair *** ***** ** reimaging *** *** * OS ** * ******** version.

*** ****** ******* ****** based ** *** ****** build/motherboard ****, *** *** process ********* ******** ******* to ******** * '******** version' *** **** ** a *** *****, **** travelling ** **** ******** NVR ** *** ***** and ******** *** ***.

Security ****** ********

******* ******** ******* **** released ******** ******* *** warnings ***** *** *****.

*** *******, ***** *** placed ******** ****** ** *** top ** ***** ****:

******* **** ****** ******** notice *** ***** ******* portal:

** ******** ** *** official ******, ******* **** clarified ** ****:

"** ***** ** ********** for **, **** ** affecting **-*** **/**/** ****. SV-PRO **/** *** ********** EOL, *** ** *** some ***** **** **** and ****** *** ******** regardless."

[******] ******* ******** ************ **** * **** instruction*** *** ***** ** how ** ******* ** on *** * ********* Series *********.

Undiscovered ********

**********, **** ******** ******* may **** ********** ******. Since **** ************ ******* (especially ******* ******* ***** impacted **** *** ********) are *** ******** *********, many ******* *** *** viewed ***** ******** ******* is ******.

***** ******** ****** ******* out, **** ** ****** to ****** ** ************ issues:

* ***** ** ******* to *** **** **** systems *** ***** **** be **** *** ****, weeks *** ***** **** months ****** ****** *******. Many ***** ******** *** homeowners **** ***** ***** cameras **** *****'* * problem. **** ******* ** there's * *********** ***** and **** **** *** the ****** *** **** down *** **** ** months?

Corrective ******: "**** *** ********* *******"

** ******* ****** ********, vendors *** ******* ********** to ******* ****** ********* Win * *******.

*******, **** ********** **** leaves *** ******* ********** to ******* * ******** threats *** ****** **** unpatched ******* ***** *****.

Win * ***-**-*****, ******* ****** **** ****

*** ******* ** *********** by *** ******** *** of ******* ********** * ** ******* 2020.

**** ** ******* ******* date ** ****, ******* will *** ******* ******* security ******* ***** ******* 13th, **** *** '******* Embedded ******** *'. *** company ****** ** ************ * ********* *****:

********* **** * ********** to ******* ** ***** of ******* ******* *** Windows * **** ** was ******** ** ******* 22, ****. **** **** 10-year ****** ****, ********* will *********** ******* * support ** **** ** can ***** *** ********** on ********** ***** ************ and ***** *** ***********.

** **** **** **** looming, ******** **** *** servers ******* *** ******** OS **** ********** **** to ******* ********* *******, or ** ********, ****** the **** **** **** risking *********** *********.

Impact ** *******

************* *** ******** *******, recourse ******* *******.

**** ****** ******** ******* from '** ********' ******** ******* ****** ************, ******* *** ********* placing ************** ** *** the ******* ** **********.

******* ******* ** **** spoken **** **** *** they *** '******* ****** on *** *** ****' and **** '** *** eating ***** ** **** manhours' ********* ******* ******.

*** ******** ****** ********* a*********** ****** ** ***** repairing ******** ********:

* **** ***** **** of *** ******* ********* affected ****. *** ******* based ** ****** ****** were *** ******* ** repair. * ****** ******* typed ** ****** ****** you ** * ****** to **** **** *** updates. *** ******* * embedded ***** *****'* ** easy. **** ********* *** to ** ******** ** out ** *** *** condition ****** **** ***** operate. **** ***** *********** all **** ******* (***** the **** **** ******* the *******) *** ********* them ** ***** ******.

***** *** ********* *** date *** ******** ** machines, ** ** *** expect ******* ** ****** significant ********** ********* ** the *****.

A *** *** *****?

****** ***** ******* *** going ** ***** **** is * **** ************* for ***** **** *** not ****** ** ***** about **** **** ** crisis.

*******, *** **** ****** who **** ******* * for ** **** *** also ****** *** ***** to ** ***** ** pay ******* **** *** upgrade ***** ** **** may ********* ** ******* systems.

******* **** ******* ******* tout ***** * *********** recording ****** ** *** is '* ****** ***** ** failure', *** ** ****** issues **** **** ******** similar *********.

Comments (7)

**** **** ******** ** me (*** *** ****** time ** *** **** year) ******* **** ****** Station ** * ******* 7 ******* (**** ***** NVR). * ** *** run ********* ******* *** do ******** ******* ******* from **** ** ****. Unfortunately, *** **** *** is ****** **-******* *** machine **** ***** **** Axis **** *******.

** **** ** ******** Win7 ***** ** **** Win7?

************** ****** ******* **** versions.

**** ****, ** ********* is *** ******** ******* that ** **** *** affected.

[******]DW ********

******* ******** ************ **** * **** instruction*** *** ***** ** how ** ******* ** on *** * ********* Series *********.

**** ***** *******, ** also ********* ******* *** automatic ******* ** ******* similar ******:

** *** ********* ***, Windows ******* **** *** configure ** ******** *** install ************* **** *** factory *** ** *** unforeseen *** ********** ****** the ******* ******* *** cause ** *** *********** of *** ****** *** DW ********.

** *** **** ****** last **** *** ******* Radius (*** ****, ***** uses *****) *** ***** Digital ****** (****** ******).

******: ******** *** ********* that **** **** *** some ****** ** *** field **** ***** *******, but ** * ******* basis, *** **********. **** machines *** ** ****** running ******** ******** ** Windows.

***** **** ** *** conspiracy ******** ** ** or *’** ****** *** cynical *** * ***** Microsoft *** **** ** purpose ** ***** **** to ******* ** ******* 10 ** ****** ****. If ** *** **** this ***** ** ***** NOT **-******* ******* *; we ***** ******* ******* 10 ** ****** ****.

Login to read this IPVM report.

Related Reports

Terrible Convergint Coronavirus Thermal Camera Recommendation on Apr 01, 2020
A week after Convergint disclosed falling revenue, pay and job cuts,...
Faked Coronavirus Fever Detection, Athena Used Hikvision; Responds - Selling NDAA Compliant Cameras, Pledging 50% Of Profits to Victims on Mar 24, 2020
US company, Athena Security, faked its coronavirus fever detection marketing,...
Uniview Deep Learning Camera Tested on Jul 14, 2020
Uniview's intrusion analytics have performed poorly in our shootouts. Now,...
Pivot3 Mass Layoffs on Mar 27, 2020
Pivot3 has conducted mass layoffs, the culmination of grand hopes, a quarter...
Beware Of Feevr on Apr 14, 2020
Beware of "Feevr". The company is marketing a 'Feevr' solution that...
Fever Camera Sales From Integrators Surveyed on Jun 01, 2020
Fever cameras are the hottest trend in video surveillance currently but how...
Face Masks Increase Face Recognition Errors Says NIST on Aug 04, 2020
COVID-19 has led to widespread facemask use, which as IPVM testing has shown...
FLIR Markets Windows Temperature Screening, Violates IEC And Causes Performance Problems on Jul 17, 2020
FLIR, one of the largest thermal screening manufacturers, is marketing...
Facial Recognition: Weak Sales, Anti Regulation, No Favorite, Says Security Integrators on Jul 07, 2020
While facial recognition has gained greater prominence, a new IPVM study of...
Use Access Control Logs To Constrain Coronavirus on Apr 09, 2020
Access control users have included capabilities that are not commonly used...
Worst Over But Integrators Still Dealing With Coronavirus Problems (June Statistics) on Jun 30, 2020
While numbers of integrators very impacted by Coronavirus continue to drop,...
Dahua Critical Cloud Vulnerabilities on May 12, 2020
Dahua has acknowledged a series of cloud vulnerabilities that researcher...
Clinton Public View Monitor (PVM) Mask Detection Tested on Jul 09, 2020
Face mask detection, or more specifically not wearing one, is expanding...
Alabama Schools Million Dollar Hikvision Fever Camera Deal on Aug 11, 2020
The Baldwin County, Alabama public schools purchased a $1 million, 144-camera...
Forced Door Alarms For Access Control Tutorial on Aug 17, 2020
One of the most important access control alarms is also often ignored....

Recent Reports

Virtual ISC West and GSX+ Exhibiting Contrasted on Sep 17, 2020
Both ISC West and ASIS GSX are going virtual this year, just weeks apart, but...
X.Labs Sues FLIR on Sep 16, 2020
X.Labs, the maker of Feevr, has sued FLIR, the publicly traded thermal...
Video Surveillance 101 September Course - Last Chance on Sep 16, 2020
Today is the last chance to sign up for the Fall Video Surveillance 101...
No Blackbody Mistake, Half Million Dollar, Hikvision Fever Camera System in Georgia on Sep 16, 2020
A Georgia school district touted buying Hikvision fever screening "about...
Costar Technologies / Arecont H1 2020 Financials Examined on Sep 16, 2020
Costar's financial results have been hit by the coronavirus with the company...
Startup Cawamo Presents Live Alerts With Edge AI and Cloud VMS on Sep 15, 2020
Cawamo, an Israeli edge-to-cloud analytics and VMS startup, presented its...
Favorite Access Control Credentials 2020 on Sep 15, 2020
Credential choice is more debated than ever, with hacking risk for 125kHz and...
Dangerous Hikvision Fever Screening Marketing In Africa on Sep 15, 2020
A multi-national African Hikvision distributor is marketing dangerously...
New Products Show Fall 2020 Announced - Register Now on Sep 14, 2020
IPVM's sixth online show will feature New Products from over 25...
Hanwha 8K / 33MP Camera Tested on Sep 14, 2020
Hanwha Techwin has released an 8K / 33MP resolution camera, the TNB-9000 with...
Gait Recognition Examined on Sep 14, 2020
Facial recognition faces increasing ethical and political criticisms while...
Comparing 2020 Reality To 2010 Expectations on Sep 11, 2020
What can we learn from where the industry was in 2010 and what was believed...
China Dali Fever Cameras and Booming Sales Examined on Sep 11, 2020
Zhejiang Dali, one of China's original thermal technology developers, has...
Risks Of Managing End User Passwords (Statistics) 2020 on Sep 11, 2020
Alarmingly, most integrators used spreadsheets to manage passwords, IPVM...
Dedicated Vs Converged IP Video Networks Statistics 2020 on Sep 10, 2020
Running one's video system on a converged network with other devices can save...