Windows Update Error 0x80092004

The error code “windows update error code 80092004” may be seen here.

Do this if you get the Windows Update error 0x80092004 on Windows 7 or Windows Server 2008, R2.

On August 2019 Patch Day, Microsoft released updates for all supported versions of Windows — client and server. If you haven’t already, you should take a look at our update overview.

According to reports, the published upgrades are causing problems for some administrators and home users on devices running Windows 7 or Windows Server 2008 R2.

The error 0x80092004 occurs when attempting to install the updates KB4512506 (monthly rollup update) or KB4512486 (security-only update). The error code CRYPT E NOT FOUND indicates that Windows Update rejects the updates because the cryptographic values contained in the update packages were not discovered.

If the KB4474419 and KB4490628 updates are not installed on the machine, the Windows Update Error 0x80092004 will occur. In truth, the Windows Update error Error Code 80092004 happens on PCs that lack SHA-2 code signing capabilities. Following the methods below, the SHA-2 code signing can be enabled after installing the KB4474419 and KB4490628 upgrades.

On August 2019 Patch Day, Microsoft delivered updates for all supported versions of Windows, including client and server. If you haven’t already, take a look at our overview of the updates.

According to reports, the published upgrades are causing problems for some administrators and home users on devices running Windows 7 or Windows Server 2008 R2.

On the August 2019 Patch Day, Microsoft modified the signature of update packages for Windows 7 and Windows Server 2008 R2 devices for the first time. Since August 2019, the company has exclusively signed packages with SHA-2; earlier, it signed them with both SHA-1 and SHA-2, but decided to abandon SHA-1 due to known flaws.

In 2018, we wrote an article regarding the change, indicating that certain fixes were required for Windows 7 and Server 2008 R2 PCs to continue receiving updates.

Affected Windows computers appear to be seeking for SHA-1 in the update package and disregarding SHA-2. SHA-1 is no longer included, which appears to be the cause of error 0x80092004 on such platforms.

Certain Symantec and Norton software installed on Windows 7 or Windows Server 2008 R2 computers does not play nice with the change, so Microsoft has decided to disable updates on PCs running Symantec and Norton software until the problem is rectified.

Windows Updates may be blocked or deleted by security solutions.

While it’s possible that the problem is related, such as other antivirus solutions interfering with Windows Updates, it’s more likely that a critical update is missing.

To correctly install SHA-2 signed updates on Windows 7 and Windows Server 2008 R2 computers, two updates must be installed:

KB4474419 — Update for Windows Server 2008 R2, Windows 7, and Windows Server 2008 to implement SHA-2 code signing: August 13, 2019
KB4490628 — Windows 7 SP1 and Windows Server 2008 R2 SP1 Servicing Stack Update: March 12, 2019

If one of these is missing, SHA-2 signed updates will not be accepted, and an error will be generated instead.

On the support website, Microsoft certifies that KB4474419 is a prerequisite. The corporation also includes KB4490628 on the page, noting that it is strongly advised to be updated. If Windows Updates is used, SSU updates are installed automatically; however, if updates are installed manually, they must be installed manually. It’s perplexing why Microsoft doesn’t make the SSU a more obvious need.

Check the “Installed Updates” list in the Control Panel or use third-party software like Nirsoft’s WinUpdatesList to make sure these updates are installed.

If at least one of the updates isn’t already installed, install it and run a new check for updates afterward; the August 2019 update should go smoothly this time.