News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • A new list of minimal updates for Windows 7

    Posted on September 9th, 2016 at 11:48 woody Comment on the AskWoody Lounge

    If you’re installing Windows 7 on test machines – or re-installing on your trusty old production machine – ch100 has come up with a worthwhile set of patches that you should include (and, by implication, ones you can safely avoid), in addition to all of the Important updates.

    Keep in mind that this is for fresh Win7 installations only.

    Here’s what he says:

    I installed a new VM and did Windows Update with Important updates only.

    I came up with a new list (yes, another one!) which I consider the minimal list of updates for the current state of Windows 7 – before September 2016 patches.

    It may be useful to post it before the major October 2016 Windows Update overhaul to assist your readers to be well prepared for what will soon follow.

    Here it is with full instructions:

    Set Windows Update on Never check for updates and run only manually, at least until the following list is completely installed.
    Install manually in this order first (this is essential on a new installation):

    KB2533552
    KB3138612

    Next, run Windows Update, still with the setting on Never check for updates and select all Important updates, (not Recommended) and non-security.

    Here is the list of what will eventually get installed as reference:

    KB976902 (this should come with the SP1 ISO)
    KB2506014
    KB2533552 (installed previously, manually – if not installed manually, it may come up as “Service Pack 1” which means is the last bit of SP1 and it is correct)
    KB2552343
    KB2718704
    KB2786081
    KB2798162
    KB2836942
    KB2836943
    KB2868116
    KB2929733
    KB3020369
    KB3138612 (Recommended to be installed second manually after KB2533552 and BEFORE running Windows Update to avoid 7.6.7600.320 which is broken and superseded by KB3138612)
    KB3177723

    Note: I am actively avoiding KB971033 which I consider Optional, although it comes as Important. I still have to find a current use case for it, because I believe that the original purpose for it, to verify the authenticity of Windows, was largely abandoned. I don’t have an opinion either in favour or against, it is entirely each user’s option what to do with it.

    After installing this set of updates which can be easily verified by anyone by following exactly the steps that I did, the installation should be well-prepared for what is to be installed next.

    I am aware that there are users who do not install any update or any security update (if it ain’t broke…)

    The previous list is for them, and minimal for any reliable Windows 7 installation.

    A few recommendations for those installing patches:

    • Do not install too many updates at the same time, you will run out of physical memory and slow down the process.
      About 10 -20 updates at a time depending on RAM installed, should be OK.
    • Restart when asked.
    • Always install ALL Important Updates non-security and non-recommended. They are the most important updates of all for the reliability of the system. Those are named Critical Updates, although are not labelled as such in Windows Update, only in documentation and WSUS.

    Further updates suggested as useful and minimal for most users:

    • .NET Framework 4.5.2 (or 4.6.1)
    • KB2670838 – Platform Update. This is Optional but becomes Important in the context of installing Internet Explorer 10/11 for which is a pre-requisite.
    • Internet Explorer 11 (Internet Explorer 10 is as good or better, but many web sites are dropping support).

    There are additional updates which are installed automatically with IE10/11.

    • KB982018 – Native support for 4k sector disks
    • KB2852386 – Disk Cleanup add-on for deleting superseded updates (very useful after too many patches installed on the system!)

    Next, go ahead and install everything else!

    Note: The regular end-users should never use Microsoft Catalog or other direct Microsoft download sites for updates, unless fixing something that otherwise cannot be fixed – patches refusing to install otherwise.

    The practice of installing manually is very likely to break interdependencies because some updates come with further hidden updates and this has been happening forever, regardless of the big thing coming October 2016. Just look at the (in)famous patch KB2992611 re-release and there are many more examples.

    If that helped, take a second to support AskWoody on Patreon