Fix updating windows root certificates in update check (#19448)
Fixes #19443
### Summary of the issue:
NVDA fails to check for updates on corporate networks which make use of
HTTPS interception.
### Description of user facing changes:
NVDA should again be able to check for updates on these networks.
### Description of developer facing changes:
None
### Description of development approach:
`winBindings.crypt32.CertCreateCertificateContext` expects its 2nd
argument to be a byte pointer. Passing a Python `bytes` object directly
to ctypes treats it as a char pointer to the address of the first byte
in memory. Since this is memory compatible, cast the `bytes` to a byte
pointer.
### Testing strategy:
* [x] Commented out the block preventing `updateCheck` from being
imported when running from source. Attempted to run
`_updateWindowsRootCertificates` directly.
* On an alpha, got the expected exception.
* With this patch, no exception was raised.
* [x] Set up [mitmproxy](https://www.mitmproxy.org/) to act as a
stand-in for enterprise HTTPS interception, and checked for updates.
Note that I did *not* install its CA, as doing so bypasses the call to
`_updateWindowsRootCertificates`.
* NVDA alpha-54296,aa95ea8e: Error as described in the issue, ultimately
boiling down to a ctypes error.
* NVDA 2025.3.2 and
try-i19443-54246,566d6fea:
I get the same `certificate verify failed: unable to get local issuer
certificate (_ssl.c:1006)` exception. Given this is the same between
these two versions and update check seems to work correctly on networks
using HTTPS interception in 2025.3.2, I think this is an issue with my
setup.
* [ ] User testing.
### Known issues with pull request:
None known
