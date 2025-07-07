The developers of Legacy Update, the tool that allows users of older Windows versions to keep downloading updates from Microsoft, recently discovered that users of the tool on Windows 7 were having issues. After doing some debugging they figured out it was DNS it was an expired Microsoft certificate. This certificate was set to expire on 1 July 2025, and when it did, nobody at Microsoft bothered to correct it until a few days later.

As you can see from <ExpiryDate> , it definitely stopped working because the expiry date lapsed. As seems to happen too often in our industry, apparently nobody set a reminder to make sure it would be updated in advance of the date. You might notice that it has an <IssuedDate> of 2017-12-01. That’s fairly recent! After digging further, we learned that this already happened once! On the 4th of that month, Bleeping Computer covered an error Windows 7 users were receiving when checking for updates. That error is 80248015 – pretty familiar, right? Microsoft allowed this file to expire, not on the 1st but rather on the 4th (more specifically, 35 seconds before midnight in US Pacific time, or 8:00 PM UTC), and did not manage to upload a new file until the 6th at 10:02 AM Pacific (6:02 PM UTC). This left Microsoft Update broken for 3 days. ↫ Adam Demasi

Microsoft moved the expiry date up to 2033, thereby fixing the problem. Legacy Update’s developer Adam Demasi expected that once 2033 comes around, Legacy Update will probably have to add Widnows 7 to its proxy server that it’s already using for older versions, as improvements in TLS and ciphers will probably lock Windows 7 out of Windows Update definitively.

But hey, 2033 is decades away. Right?