Glad to hear that SIW2's slipstreamed ISO was able to patch you back to 11-Apr-2017 during your Vista SP2 reinstall.
I should add that there were five emergency out-of-band updates (KB4018271 / KB4018466 / KB4021903 / KB4024402 / KB4019204) released for Vista SP2 in June of 2017
(i.e., after end of extended support on 11-Apr-2017) that were posted in the Microsoft Update Catalog but were never released via Windows Update. These security updates will patch vulnerabilities for three NSA-leaked exploits (EnglishmanDentist, EsteemAudit and ExplodingCan)
and if you would like to install these patches manually see the MS Answers thread More Shadow Brokers Exploits Patched June 2017 for Win XP and Vista
for download links and installation instructions. I believe that SIW2's slipstreamed ISO includes Vista SP2 updates released up to 11-Apr-2017 (except the .NET Framework 4.5.2) so none of these out-of-band updates are likely installed on your system yet, but if you want to confirm you can search your installed updates at Control Panel | Programs | Programs and Features | View Installed Updates [search for the full KB number in the search box (e.g., "KB4018466" and not a partial string like "4018446")] to see if they're already installed.
View attachment 30885
Microsoft also released a Windows Server 2008 / Vista security update KB4499180
in May 2019 that patches the BlueKeep
remote desktop vulnerability CVE-2019-0708. See Microsoft's special advisory for Vista SP2 and other out-of-support OSs at Customer Guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability: May 14, 2019
for more information. That patch is available for download from the Microsoft Update Catalog at Microsoft Update Catalog
, but unlike the June 2017 out-of-band updates for the Shadow Brokers exploits, this KB4499180 Windows Server 2008 / Vista security update for the BlueKeep exploit will change your Vista SP2 OS from Build 2 (6.0.6002.xxxxx) to Build 3 (6.0.6003.xxxxx)
- see the Microsoft support article Build Number Changing to 6003 in Windows Server 2008
for more information.
When KB4499180 was first released the change to Build 3 (6.0.6003.xxxxx) caused some unexpected problems with Avast / AVG Antivirus v18.8 and a few other third-party programs (see PKCano's Are Bluekeep Patches Causing BSODs with Server 2008 SP2 and Vista?
in the AskWoody forum as well as the MSFN post <here
> about Avast's "micro-update" fix), so if you decide to install this security update be sure to monitor your system for any unexpected glitches or software conflicts and uninstall KB4499180 if necessary. Even better, use Macrium Reflect Free
or some other disk imaging software to create a full disk image and emergency recovery media before you install KB4499180 so that you can perform an emergency recovery if this update triggers a BSOD.
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Malwarebytes Premium v3.5.1-1.0.365 * Macrium Reflect Free v7.3.5555
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS