Windows Xp Kb 968730 X86 Ptb — Hotfix

After applying the hotfix, the following system files were updated (typical checksums available in original MS KB article):

C:\WINDOWS\system32\mshtml.dll
C:\WINDOWS\system32\ieframe.dll
C:\WINDOWS\system32\dxtrans.dll
C:\WINDOWS\system32\win32k.sys

The hotfix installer also updated the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Hotfix\KB968730

Release Date: June 2009 Architecture: x86 (32-bit) Language: PTB (Portuguese - Brazil) Classification: Critical Security Update

Positive:

Negative / Risks:

Obtain KB968730 directly from official Microsoft support channels or download links referenced in the Microsoft Knowledge Base article for KB968730. Do not download from untrusted third-party sites. windows xp kb 968730 x86 ptb hotfix

The KB968730 hotfix is a critical update for Windows XP and Windows Server 2003 designed to enable client support for SHA-2 (Secure Hash Algorithm 2) certificates. Without this patch, legacy systems are unable to communicate with modern Certification Authorities (CAs) or access websites secured with SHA-256, SHA-384, or SHA-512 encryption. What is the KB968730 Hotfix?

This hotfix primarily updates the crypt32.dll system file, allowing Windows XP to recognize and process newer, more secure cryptographic hashes. While Windows XP Service Pack 3 (SP3) introduced some basic SHA-2 support, it remained unable to request or enroll in certificates from a Windows Server 2008-based CA without this specific update.

The "x86 PTB" designation refers to the version specifically for 32-bit (x86) architecture in the Portuguese (Brazilian) language. Key Symptoms Addressed

Systems missing this update typically encounter the following issues when interacting with modern security infrastructure:

Certificate Enrollment Failure: Users cannot obtain certificates from a Windows Server 2008 (or newer) CA. After applying the hotfix, the following system files

Event ID 13 Error: The System Event Log may display an "AutoEnrollment" error with code 0x80092009, stating it "Cannot find the requested object".

SSL/TLS Handshake Errors: Browsers like Internet Explorer may fail to establish secure connections with websites that use SHA-2 certificates. Usage and Limitations

Client vs. Server Support: KB968730 enables SHA-2 certificates to be used for client purposes, such as web browsing or certificate enrollment. However, it does not enable Windows XP to use these certificates for server roles (like hosting an IIS site).

Supersession: KB968730 completely supersedes the older KB938397 update.

Replacement: In some later environments, KB968730 was replaced by KB3072630, which was delivered via Windows Update to provide broader SHA-2 support as older standards were phased out. Important Considerations for Legacy Users The hotfix installer also updated the registry key:

Because Windows XP is long past its end-of-life, finding official Microsoft downloads for this hotfix can be difficult. Users often have to rely on archival sites like the Internet Archive or community repositories.

Warning: Always verify the file's hash (such as SHA-1 or MD5) before installing legacy hotfixes from third-party sources to ensure they haven't been tampered with or replaced by malware. Windows Xp Kb 968730 X86 Ptb Hotfix - Google Groups

If you don’t understand Brazilian Portuguese, here are key wizard phrases:

| Portuguese (PTB) | English | |-----------------|---------| | Avançar | Next | | Voltar | Back | | Cancelar | Cancel | | Concluir | Finish | | Instalar | Install | | Aguarde | Please wait | | O sistema será reiniciado | The system will restart | | Falha na instalação | Installation failed | | Sucesso | Success |

Unlike cumulative updates or service packs, a hotfix is a targeted, often privately released patch addressing a specific bug. KB968730 was never pushed through Automatic Updates. It was typically provided by Microsoft Support upon request to organizations experiencing a particular localization error.