News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • What happened to the Win7 Windows Update Troubleshooter?

    Posted on August 22nd, 2020 at 10:55 woody Comment on the AskWoody Lounge

    I have an old Win7 virtual machine that I’d like to get updated – but Windows Update keeps throwing an error 80092004.

    Normally, that means Win7 still needs the SHA-2 update, KB4474419 – but I already have that update. And since I’m using Windows Update, the latest Servicing Stack Update should get installed, too.

    Next step? Download the trusty, old (very old) Windows Update Troubleshooter. One problem: If the Troubleshooter is still around, it isn’t located where it should be. Here’s what I see:

    I know I can download the old Troubleshooter from about a gazillion different places on the web. But how do I know I’m getting the right one?

  • FBI Private Industry Notification: Win7 is a leaky boat

    Posted on August 5th, 2020 at 07:42 woody Comment on the AskWoody Lounge

    The US Federal Bureau of Investigation released PIN number 20200803-002 which says, inter alia,

    The FBI has observed cyber criminals targeting computer network infrastructure after an operating system achieves end of life status. Continuing to use Windows 7 within an enterprise may provide cyber criminals access into computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered. Microsoft and other industry professionals strongly recommend upgrading computer systems to an actively supported operating system.

    Migrating to a new operating system can pose its own unique challenges, such as cost for new hardware and software and updating existing custom software. However, these challenges do not outweigh the loss of intellectual property and threats to an organization.

    The announcement is long on conventional wisdom but, as best I can tell, presents no new information. There are some old examples of long-patched security holes (EternalBlue, BlueKeep) and advice that you check your antivirus, spam filters, and close up Remote Desktop access. Most of all, though, the FBI says you should move from Win7 to Win10.

    Which shouldn’t surprise anybody.

    Catalin Cimpanu has a detailed look on ZDNet.

  • New Win7 Extended Security Updates licensing package

    Posted on August 1st, 2020 at 08:11 woody Comment on the AskWoody Lounge

    Yesterday Microsoft released a new Licensing Prep package for those of you who are paying for Windows 7 Extended Security Updates. Per KB 4575903

    This update provides an additional set of licensing changes to enable installation of the ESU add-on key. This is one of the steps to prepare for installation of Extended Security Updates. For the full set of steps, please see KB4522133.

    If you previously successfully installed and activated your ESU key on your Windows 7 SP1 device, you do not have to re-install or reactivate it after applying this update.

    It’s my understanding that you don’t need to install this particular update in order to get the August patches (which aren’t out yet), but that you will need it to install the September ESU patches.

    Thx Günter Born

  • Yes, you read that correctly: Win7 machines don’t get free security patches, but they do get a free copy of Chredge

    Posted on June 19th, 2020 at 16:55 woody Comment on the AskWoody Lounge

    Microsoft has officially announced that those of you with Win7, who (accidentally?) run Windows Update, will get a fresh, new copy of the Chromium based version of Edge.

    And it’ll happen whether you’ve signed up (and paid) for Extended Security Updates or not.

    You need to have at least the March, 2019 Servicing Stack Update, and the SHA-2 update KB 4474419. But if you have those, you get Chredged.

    Imagine. MS can’t give you security updates, but they sure as shootin’ will push Chredge on ya.

    Same applies, mutatis mutandis, for Win8.1.

  • 0patch posts a patch for the “PrintDemon” security hole CVE-2020-1048

    Posted on May 21st, 2020 at 07:29 woody Comment on the AskWoody Lounge

    I still haven’t seen any in-the-wild exploits for the security hole announced last week, PrintDemon or CVE-2020-1048 — and I still don’t recommend that you install this month’s patches — but those of you running Windows 7 without the paid Extended Security Updates should take note of the latest “micropatch” offering from 0patch.

    According to the 0patch blog:

    Windows 7 and Server 2008 R2 users without Extended Security Updates have just received a micropatch [from 0patch] for CVE-2020-1048, a privilege elevation vulnerability allowing a local non-admin attacker to create an arbitrary file in an arbitrary location.

    When time comes to install this month’s patches, if you don’t have Win7 Extended Security Updates, you should keep this micropatch in mind. (It’s OK, I’ll remind you if you forget.)

    Just a reminder: We’re still at MS-DEFCON 2. There are no widespread threats out and about and you don’t need to patch just yet. Go outside and get some fresh air. At a distance, of course.

    Thx @etguenni

  • Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled

    Posted on May 12th, 2020 at 14:48 woody Comment on the AskWoody Lounge

    Looks like a clunker.

    @BobT reports:

    KB4556399 (Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1) is failing with error 643 for me and many others on the MyDigitalLife forum.

    W7 Ultimate x64.

    And sure enough, MDL is lit up. See the lengthy list of problems starting here.

    Bottom line: Even if you’ve paid for Win7 Extended Security Updates, wait for MS to re-issue KB4556399.

    Susan edit:  This appears to only fail if you have used the bypass script.  On a Windows 7 with an ESU key it installs just fine.

  • Patch Lady – KB4538483 revised

    Posted on May 10th, 2020 at 16:23 Susan Bradley Comment on the AskWoody Lounge

    KB4538483 for Windows 7 was updated on May 6th.  For my machine behind WSUS it automatically got it on May 9th (I have security approvals set to install updates on Saturdays.)

    My understanding is this fixes up some issues with the various licensed versions of Win7 ESUs.

    …but…. I’m not sure if it will impact the script.  Based on folks posting in the forums I don’t think it does.

    Per Abbodii “this is mostly to fix ESU keys activation issues listed in this article:

    https://support.microsoft.com/en-us/help/4547184/troubleshoot-issues-in-extended-security-updates

    Remember with these Windows 7’s there are servicing stack update patches that need to be installed EVERY month otherwise you won’t see the NEXT month’s updates.  So make sure you have KB4550738 

    This update gets offered up after the main April updates and you’ll need to have it installed otherwise you won’t see May’s updates.

     

     

  • Microsoft will continue supporting Chredge (the Chromium-based version of Edge) on Windows 7 at least until July 15, 2021

    Posted on April 11th, 2020 at 16:44 woody Comment on the AskWoody Lounge

    No security patches for Win7, unless you pay extra, but you can keep Chredge up to date:

    We will continue to support Microsoft Edge on Windows 7 and Windows Server 2008 R2 until July 15, 2021. These operating systems are out of support and Microsoft recommends you move to a supported operating system such as Windows 10. While Microsoft Edge helps keep you more secure on the web, your PC may still be vulnerable to security risks. In order for IE mode to be supported on these operating systems the devices will need to have the Extended Security Updates for Windows 7. Without the Windows 7 Extended Security updates Internet Explorer functionality will be vulnerable to security risks. Additionally, IE mode functionality may cease to work without the continued servicing through the extended security updates.