Microsoft boosts the security of Windows Update downloads
It has been a very long time coming, but Microsoft appears to have finally understood the value and importance of HTTPS. For reasons best known to the company, anyone looking to download updates from the Microsoft Update Catalog have had to do so via HTTP links -- but no longer.
In the last few days, Microsoft made a server-side change that means Microsoft Update Catalog downloads now use HTTPS connections. The switch to HTTPS affects everything from Windows 11 to Office, and everything in between.
- Microsoft introduces a new compatibility hold to block upgrades to Windows 11
- Microsoft releases PowerToys v0.57.0 -- and it's a huge update
- Microsoft reveals the Windows Update policies you should set and why
The change means that browsers will no longer throw up warnings when attempting to download updates from the Microsoft Update Catalog. It also means that it is no longer necessary to right-click a link and select the Save As option, and there is now also a new address for the catalog.
The Microsoft Update Catalog's previous address of http://download.windowsupdate.com has changed to https://catalog.s.download.windowsupdate.com. Any existing links that use the old format should automatically redirect, so there is no need for changes to be made to documentation, websites and blog posts.
For users of the Microsoft Update Catalog, the long awaited switch to HTTPS beings the peace of mind that comes from the added security and the knowledge that there is virtually no chance of updates being interfered with by bad actors.