It is stuck when you install the security update in August 2019
Microsoft is currently experiencing a problem that occurred shortly after forwarding the latest security updates for August. As Gunter Born writes in his blog Borncity for IT and Windows, there is an error interacting with KB4512506 or KB4512486 for Windows 7 SP1 and Windows Server 2008 R2, which interrupts the installation by hinting "0x80092004". Thus, Windows Update issues "CRYPT_E_NOT_FOUND" so that it cannot complete the installation due to a lack of cryptographic value – an important term in finding the source of the error.
Yesterday, we were able to report that there may be problems with the transition to SHA-2 support for Windows 7. Now, again, it seems that the cause of the security update errors has been identified. Microsoft started this month with the cancellation of the signing of the FA-1 and only shipping packages with the SHA-2 hash. Bourne looks at the error code mentioned above indicating that Windows Update fails while trying to read the SHA-1 signature and refuses to install it.
SHA-2 alone is unlikely
Based on the information currently available, it can only be assumed that Microsoft is actually stalling during the long planned transition to signing without SHA-1 – on Windows, support for issuing error code for SHA-2 signing-only updates , it just doesn't look like they are present In support for 4472027, Microsoft already mentioned in early March all the necessary updates for Windows 7 SP1, Windows Server 2008 R2 SP1 and SP2. While debugging, it can currently help to check that updates KB4474419 and update KB4490628 are already installed on the system.
As always, the WinFuture Updates packages, where we've collected all the important updates into a useful package, can be found in our Download Center.