Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled

Topic

New Reply

Looks like a clunker. @BobT reports: KB4556399 (Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8
[See the full post at: Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled]

3 users thanked author for this post.

Elly, GreatAndPowerfulTech, abbodi86

Reply | Quote

Replies

No problems on multiple Win7/32bit/Ent systems. I have seen problems with updates to 64bit systems that never manifested on 32bit systems.

GaryK

1 user thanked author for this post.

woody

Reply | Quote

Can anyone impacted do the following:

(I’ll post there as well)

- go to http://aka.ms/vscollect.exe 
- download and run the log collector
- collect and share the contents from %temp%\vslogs.zip?

Send me an email to sb@askwoody.com

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Just a fyi – I can’t repro this on my Windows 7 ESU.

Mind you I installed https://www.catalog.update.microsoft.com/Search.aspx?q=KB4538483 the revised May version.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

It appears to me to be failing on those with the ESU bypass script.  It works fine one my Windows 7 with a ESU key.  Folks I’ll say it again, buy a ESU key.  Microsoft has made it easy to get them now for us peons.  Trying to go around the rules means you’ll get nailed like this.

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

woody, AmbularD

Reply | Quote

Could you post a link for the peons, please, Susan?  I do have an ESU license, but I purchased it back when one had to sacrifice a goat and a limb of their choice, and I seem to have missed it when Microsoft dropped those requirements.  Would be nice to know where to go if I need any other ESUs in the future.

Reply | Quote

The updated License Preparation Pack link is here.

Reply | Quote

https://forms.office.com/Pages/ResponsePage.aspx?id=CEtIRBCvwEyPI4AgwsgbpPcTYf1jGDxMoOAm3rKwHJVUOTg0M1JXSUJKQjREMElWODdXQ1FVS0tDVy4u  You enter your info there and Amy and Ted can get you a Windows 7 key.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

What if you don’t happen to be one of those who live in the US? (I.e. the majority of those on this planet.)

Reply | Quote

You can still order from them (I asked the same question a couple of months ago).

ASRock Beebox J3160 - Win7 Ultimate x64
Asus VivoPC VC62B - Win7 Ultimate x64
Dell Latitude E6430 - Win7 Ultimate x64, Win10 Pro 22H2 x64 (multiboot)
Dell Latitude XT3 - Win7 Ultimate x86
Asus H170 Pro Gaming - Win10 Pro 22H2 x64

Reply | Quote

I think this advice was premature. The people at MDL have solved the problem.

Furthermore, the cost of a license is considerable. SusanBradley mentioned $65, but that’s apparently only for the first calendar year. This means that if you buy one today, it expires on 31 Dec 2020.

Someone on MDL wrote the following: “I’m not sure how it works in the USA, but after reading her comment, I contacted a friend here in Germany today who’s involved in his university’s contract with M$.

The university pays around 60 euros per machine – they only have a few still running Win 7 – but this is only for the current calendar year. That is, if you somehow bought a license today, it would expire at the end of 2020.

For 2021, you’d have to buy another one-year ESU license. However, my friend said the price is expected to double, and then double again for 2022. This last bit of info is speculation, but based upon well-sourced rumors.​”

Again, I don’t know how things work in the US. Your mileage may vary.

1 user thanked author for this post.

Cybertooth

Reply | Quote

Ouch.

@abbodi86, can you confirm?

Reply | Quote

It has nothing to do with KB4538483 or the script

simply, .NET 4.x patches are using different validation method to verify ESU eligibility

W7ESUI only handle .NET 3.5.1 patch

i suspect that extracting the bundled msp file (inside exe) and installing directly should bypass the ESU check

or use repacked .NET installer (based on administrative MSI installation)

8 users thanked author for this post.

Kranium, vandermeer, lanceboil, ch100, TonyC, GreatAndPowerfulTech, woody, T

Reply | Quote

That’s interesting to know, i’ll be sure to grab that one.

I’d sort of forgotten about .net updates after win7 fell out of general support because if they’re no longer offered through update i just find them a confusing mess of which ones to download and install, particularly if you go the security only route and not quite fully knowing exactly which framework version i have installed.

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

I am still running a W7 Home Premium system and updating it with the W7ESUI script. The system is not eligible for ESU. I would appreciate some clarification on what abbodi86 has stated.

My W7 system has only .NET Framework 3.5.1 installed. Suppose I were to download KB4552940 (2020-05 Security and Quality Rollup for .NET Framework 3.5.1) from the Microsoft Update Catalog, could I install this rollup directly? Or could I even install it using the W7ESUI script along with the other May 2020 W7 and IE11 updates?

(And yes, I know that I should wait for MS-DEFCON ≥ 3 before installing any May updates!)

Reply | Quote

Yes, W7ESUI can handle and install KB4552940

the issue is in .NET 4.x patches, because they use different eligibility check

Reply | Quote

Installing KB4552940 (for .NET 3.5.1) separately should work.

Reply | Quote

Still failing after applying the msp directly.
Here is the error in the Application Log.

Windows Installer reconfigured the product. Product Name: Microsoft .NET Framework 4.7.2. Product Version: 4.7.03062. Product Language: 0. Manufacturer: Microsoft Corporation. Reconfiguration success or error status: 1603.

1 user thanked author for this post.

abbodi86

Reply | Quote

Susan Bradley wrote:

Just a fyi – I can’t repro this on my Windows 7 ESU.

Mind you I installed https://www.catalog.update.microsoft.com/Search.aspx?q=KB4538483 the revised May version.

Susan,

I already have the February 12 version of KB4538483; does this mean that, as an ESU user, I have to go install it _again_? Won’t Windows freak out and say “You already installed this patch,”?

Oh, my aching cerebellum.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

Reply | Quote

That’s what a Microsoft technical account manager told a customer, that we have to install it again.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

Susan Bradley wrote:

That’s what a Microsoft technical account manager told a customer, that we have to install it again.

Susan, a couple of questions:

1.  When did you twig to this need to update this existing KB? It bears the date stamp of 5/5/20, but I missed whatever n0tification was put out there to get it, if there was one.
2. Shall we win 7 ESU’ers download this updated version now, or wait until this dust cloud settles?
3. Is it just me, or is it dumb to update a KB and _not_ give it a new number? :/

Info: as of tonight 10PM PST WU “Important” shows:

A) 2020-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 for x64 (KB4556399) [unchecked-huh?]

B) 2020-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4556836) [checked]

Windows Malicious Software Removal Tool x64 – v5.82 (KB890830) [checked]

…and no mention of anyone needing a new KB4538483.

—

(Terribly confusing. MSFT seems to be going out of their way to make life miserable for WIN 7 ESU’ers. Broken mirrors, troubled waters, smoke and mirrors, things popping out at you from corners, it’s a malignant funhouse!)

BTW Many Thanks for all your great help; almost every month it seems like “The Charge of the Light Brigade” we all have to go through! (“…someone had blundered…”)

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

1 user thanked author for this post.

cadprofessor

Reply | Quote

Susan edit: This appears to only fail if you have used the bypass script. On a Windows 7 with an ESU key it installs just fine.

My client has 5000, Windows 7 with an ESU key and about 90% of the machines have the issue. It is not just bypass script.

6 users thanked author for this post.

Kranium, vandermeer, ch100, Pim, Nibbled To Death By Ducks, woody

Reply | Quote

Can you send me the log files please?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

I have a Win7 64-bit ESU license (from Harbor).  FWIW, upon “checking for updates,” KB4556399 remained on the update list but is no longer pre-selected.

2 users thanked author for this post.

ch100, abbodi86

Reply | Quote

Nope, I have an ESU key and can’t install this one either manually or via MU/MSU. Good job Microsoft.

2 users thanked author for this post.

vandermeer, Pim

Reply | Quote

Have you installed the revised License Preparation Pack KB4538483 dated 5/6/2020?

See #2262000 and #2262092.

Reply | Quote

This bypass the check, thanks to @vinzf

run in Command Prompt as administrator
for x86:
ndp48-kb4552921-x86_608b67e4011b9e103ca18deadbfc013d1c328508.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"

for x64:
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"

for .NET 4.5.2 or 4.6-4.7.2 , choose the appropiate patch file name

11 users thanked author for this post.

T, lanceboil, jburk07, RDRguy, PKCano, alpha128, vandermeer, KP, ch100, woody, Cybertooth

Reply | Quote

When I went to the Microsoft Update Catalog to download KB4556399, I got the following download window:

What’s the proper procedure  here–do I download all of the lsted files, and does it matter  in which order they get installed?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

The Rollup is a bundle of separate individual patches for each version of .NET.

Instead of clicking on the “download” link in the Catalog, click on the name of the .NET Rollup, then click on “More Information” in the box that pops up. That will take you to the MS Support page where it lists the separate patch for each version of .NET

You only need the patches for the version(s) you have installed on your computer.

3 users thanked author for this post.

alpha128, KP, Cybertooth

Reply | Quote

So, to make sure I understand–

This Windows 7 PC has .NET Framework 4.7 installed, no other versions are listed under Programs. The page that’s reached when clicking on “More information” as you recommended, takes me to this page. Scrolling down to the section “Additional information about this update” on that page, if you have .NET Framework 4.7 you should download KB4552919. Therefore, I only need to download KB4552919 as stated in the section, “How to obtain and install the update,” from that link, is that right?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

Look under Control Panel\Programs & Features at “Turn Win features on or off.” If I am not mistaken, .NET3.5 (including 2.0 and 3.0) are also installed by default on Win7.

2 users thanked author for this post.

GoneToPlaid, Cybertooth

Reply | Quote

This is so confusing! “Turn Windows features or or off” shows .NET Framework 3.5.1, but the list of installed programs in Control Panel lists only 4.7.2:

So, do I actually have both of these installed or only one, and if so, then which one??

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

[PKCano]

It is not unusual to have multiple versions of .NET installed. There is a program you can run to list installed versions. It has been mentioned on this site in the past, but I do not have the time to search for it at the moment. Vaguely remember something about a person’s name being part of it – perhaps you could Google.

Think this might be it.

https://www.raymond.cc/blog/how-to-check-what-version-of-microsoft-net-framework-is-installed-in-computer/2/

• This reply was modified 3 years, 4 months ago by PKCano.

1 user thanked author for this post.

Cybertooth

Reply | Quote

I believe the “Raymond” tool may be out of date.

There is also a tool by a developer called ASoft – see

http://www.asoft.be/prod_netver.html  and

https://www.majorgeeks.com/files/details/asoft_net_version_detector.html 

4 users thanked author for this post.

alpha128, KP, Cybertooth, PKCano

Reply | Quote

This is a pretty neat tool:

So it looks like I should install the patches for both 3.5 (KB4552940) and 4.7 (KB4552919).

Not sure how or where KB4019990, as proposed by @abbod86,  fits into this.

What is the sum total of all the files that I need to download and install, to keep .NET Framework up to date?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

3 users thanked author for this post.

GoneToPlaid, georgea, alpha128

Reply | Quote

Ahhhhh, yes, it comes back.
kb4019990 is the d3dcompiler that is necessary for .NET 4.7 and was not installed by default. If you search for this on this site, there were several threads about it when it’s absence caused big problems for Win7.

2 users thanked author for this post.

KP, Cybertooth

Reply | Quote

Moreover, the NDP files names distingish them

ndp48 = .NET 4.8
ndp47 = .NET 4.7.2 downwards 4.6
ndp45 = .NET 4.5.2

6 users thanked author for this post.

jburk07, alpha128, vandermeer, KP, Cybertooth, PKCano

Reply | Quote

OK, but then what do I do with the three non-ndp files that are also listed on the screenshot (msipatchregfix, kb4552940, kb4019990)?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

You don’t need msipatchregfix, it’s for WU installation only

you should install both kb4552940, kb4019990

1 user thanked author for this post.

Cybertooth

Reply | Quote

abbodi86 wrote:

You don’t need msipatchregfix, it’s for WU installation only

you should install both kb4552940, kb4019990

But you only need to install kb4019990 if you DON’T already have it, correct?

For example, on my system, I have:

Source Description HotFixID InstalledBy InstalledOn
—— ———– ——– ———– ———–
<USER>-PC Update KB4019990 NT AUTHORITY\SYSTEM 9/29/2017 …

According the Update Catalog, this patch was last updated on 5/15/2017.

Reply | Quote

That is correct – only if you don’t already have it.

1 user thanked author for this post.

alpha128

Reply | Quote

I just ran all 6 files to check, in order, from oldest first. It said I already had the patches, or weren’t applicable, for every file bar the ndp4.8 one (as expected).

Might have been because I already attempted to install the rollup itself through WU first? Unsure if it does a full rollback if one bit (ndp4.8) fails.

Either way I used the parameter workaround in #2262211 and it worked just fine. After a reboot and a manual WU check, the patch then disappears from WU so seems sorted.

Cheers!

Reply | Quote

So is it true that “Error 643” only shows up on machines that don’t have the official ESU activated?

1 user thanked author for this post.

ch100

Reply | Quote

Yes, failed ESU check is what (should) trigger it

2 users thanked author for this post.

ch100, woody

Reply | Quote

I am confused.  I have 5 ESU lic that have been working and updating fine over the last several months.  Can I just run the updates like I have been doing or do I need to run kb4538483 (ESU update??) before installing any of May updates.  Thanks.

Reply | Quote

See these two posts #2262000 and #2262092.

1 user thanked author for this post.

abbodi86

Reply | Quote

Apologies for dragging this up again but i just tried this method and it worked great for the security only update kb4552951 (.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2) but failed on security only update kb4552952 (.NET Framework 4.5.2) with the error message – ‘Software Update KB4552952 Installation Wizard does not apply, or is blocked by another condition on your computer.’

I have all the prerequisites otherwise i assume kb4552951 would have failed so my question is, does .net 4.6-4.7.2 replace 4.5.2 and therefore the update is no longer applicable? That was my assumption but i was curious what you thought.

Reply | Quote

Yes, you don’t need 4.5.2 update in this case

1 user thanked author for this post.

T

Reply | Quote

Wonderful! Thank you.

Reply | Quote

Here is what I do when I need information about .NET Framework.  From this location in NDP, one can see all versions applicable (v2.0, v3.0, v3.5, v4).  Hope it helps.

anonymous wrote:

No need for a tool, just go to the registry & have a peek.  It won’t hurt to look.

C:\Windows\regedit.exe

This is the location to see v4.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full

On the right pane at the bottom of the list it will say Version.  Mine says 4.5.51650.

 

Win 8.1 (home & pro) Group B, Linux Dabbler

Reply | Quote

I have three 2008r2 test servers that were previously successfully licensed for the ESU patches in January/February in our corporate environment.  Today, we began testing our SCCM/WSUS deployments on a small subset of test servers.  The latest ESU patch (KB4538483) installed successfully, but KB4556399 (Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8) then failed.  Looking at the ESU license (SLMGR /DLV), I see that all 3 servers are now “unlicensed”; all 3 are now refusing to re-activate.  Frustrating!!

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

Do you have the April SSU installed?

Reply | Quote

Yes, these installed successfully:
KB4555449 – 2020-05 Servicing Stack Update for Windows Server 2008 R2
KB4556798 – 2020-05 Security Update for IE 11
KB4538483 – 2020-05 Extended Security Updates (ESU) Licensing Prep…
KB4557900 – 2020-05 Update for Windows Server 2008 R2
KB4556836 – 2020-05 Security Monthly Quality Rollup for Windows Server 2008 R2

Server has been rebooted multiple times since, and I am unable to reactivate the ESU license due to error 0x80072F8F (“A security error occurred”).  Previously, these systems took the ESU license on the first try, while I had to activate others via the Microsoft Mobile website.  Now that website is no longer available, and its probably just going to be easier to restore these servers from a backup instead of trying to troubleshoot these inane patches.

Reply | Quote

Check back in a while. I have thouched bases with Susan Bradley

Reply | Quote

What do you mean by the Microsoft mobile website?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Also stupid question – is the date and time on these servers correct?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Microsoft had a website designed for offline product activation geared towards mobile users, but which also worked to activate other MS products.  The website I was originally given by our TAM began https://msdev.gointeract.io/ but I have also seen some other users on various websites accessed it via microsoft.gointeract.io

Sadly, that whole set of pages seems to be down now.  It was really very convenient.

Reply | Quote

Are your servers able to connect to the Internet, or only internally?
There may be additional checks required.

Reply | Quote

I usually practice Update Distancing until MS-Defcon 3 or better.  But something possessed me to try installing the new .NET patch KB4556399 on one of my Win7 64-bit Pro ESU systems, a Lenovo Thinkpad W530, even though as I stated above WU had changed it from pre-selected to unticked.   I did *not* reinstall KB4538483, which was originally installed on Feb 13.

It went fine, and I haven’t noticed any side effects so far (other than strangely being offered a 2012 fingerprint driver update in the Optional section, which I promptly hid).  My ESU from Harbor was installed on Jan 15.

Reply | Quote

It wasn’t a “clunker”; there was apparently an intentional change in Microsoft’s programming.

In any case, people working on the Bypass ESU effort at MDL have now come up with a solution that permits installation of the .NET patch.

Reply | Quote

I believe @abbodi86 reported it earlier #2262211.

Reply | Quote

rick41 wrote:

I did *not* reinstall KB4538483, which was originally installed on Feb 13. It went fine,

OK, now there’s some evidence that it’s NOT the lack of the 5/5/ KB4538483 that causes trouble.

As one user above had his ESU license fouled up, I’m crawling back in the foxhole because the dust has definitely not settled on this one!

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

Reply | Quote

PKCano wrote:

I believe @abbodi86 reported it earlier #2262211.

He certainly did. I made my comment in an attempt to provide some additional context.

1 user thanked author for this post.

alpha128

Reply | Quote

[georgea]

BypassESU-v7-AIO fixes the .net update issue.

abbodi86 just posted an update to his script package on his mydigitallife “Bypass Windows 7 Extended Security Updates Eligibility” thread.

And.. poor Susan B took quite an undeserved beating from some of the commenters in that thread.  Ouch.

• This reply was modified 3 years, 4 months ago by georgea.

Reply | Quote

[GoneToPlaid]

Yet v7 of BypassESU causes errors in the MS Installer. Specifically, msiexec.exe will frequently crash due to verifier.dll crashing. It is best to uninstall v7 and revert to v6 or v5 for the time being, and use the manual workaround to install the .NET update.

I reverted to v5. Excluding the .NET update which I am still holding off on installing, I had no issues installing the other April and May updates. Note that I did not install version 2 of KB4538483 which is the ESU Licensing Preparation Package since the documentation for the May updates mentions that only the February version must be installed.

• This reply was modified 3 years, 4 months ago by GoneToPlaid.

Reply | Quote

[georgea]

Huh.  I’ve used V7 [which is V6 with an extra component for .net patches] on at least half a dozen W7-pro systems with no problems.  Just V1 of the ESU Licensing Preparation Package.  I have not tried installing much since using V7 but I see an update from May 25 on the main MDL page for V7 saying:

Notice: Regarding .NET 4 ESU Bupass option in BypassESU-v7
it has incompatibility issue and may cause msiexec.exe to crash
in that case, it’s recommended to remove it, and use the manual workaround listed below to install NDP4 updates.

So this is good to know.

• This reply was modified 3 years, 4 months ago by georgea.

Reply | Quote

When trayingh to run this I get  ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe is not recognized as an internal or external command

Reply | Quote

The correct syntax is in #2262211 above. To find what versions of .NET are installed on your computer, see #2262302. Screenshot is in the post immediately below.

Reply | Quote

Screen shot of error.  I fail to see context error.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8
.exe /msioptions “ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9”
‘ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe’ is not recogn
ized as an internal or external command,
operable program or batch file.

C:\Windows\system32>

Reply | Quote

Here is what I am giving to the command prompt just as copied from #2262211 above.

ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions “ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9”

I have .NET Framework version 4.8.03761 installed on my computer.

 

Reply | Quote

You’re getting this error because you’re running the command from within the default administrators command prompt directory “C:\Windows\system32”.

You need to run the command from within the directory that the .NET update file “ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8
.exe” is stored in.

Suggestion:
1) Create the folder “ESU” in the “C:” drive root directory (or any other drive)

2) Copy / Move the appropriate .NET update file to the ESU folder just created

3) Open the Administrators Command Prompt

4) Assuming that the ESU folder was created on drive “C:”, change the active directory to where the .NET update file is located by entering the following command => CD C:\ESU (the command prompt should now be … “c:\ESU>” not “C:\Windows\system32>”)

5) Run @abbodi86’s .NET update command listed in his previous post #2262211.

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

4 users thanked author for this post.

jburk07, lanceboil, Elly, Moonbear

Reply | Quote

Thank goodness you are smart enough to realize how dumb I am and to do two things to help me out.

1. Explaining why I was getting the error I was getting so I could understand my problem.
2. Giving explicit,  easy to follow,  step by step instructions even I could follow to get things to work properly.

Thanks to you KB4552921 has successfully updated my version 4.8 NET Framework.  I don’t think this would ever have happened without your help

Thank you very much!

2 users thanked author for this post.

lanceboil, RDRguy

Reply | Quote

You’re welcome – that’s why we’re all here & I couldn’t have done it without you 1st posting the pertinent details (transcript of your screen shot) about the problem.

I’ve done this a time or 2 myself when I’m in a hurry not paying enough attention trying to get something done quick.

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

Reply | Quote

rick41 wrote:

I usually practice Update Distancing until MS-Defcon 3 or better.  But something possessed me to try installing the new .NET patch KB4556399 on one of my Win7 64-bit Pro ESU systems, a Lenovo Thinkpad W530, even though as I stated above WU had changed it from pre-selected to unticked.   I did *not* reinstall KB4538483, which was originally installed on Feb 13.

It went fine, and I haven’t noticed any side effects so far (other than strangely being offered a 2012 fingerprint driver update in the Optional section, which I promptly hid).  My ESU from Harbor was installed on Jan 15.

Where I say, “I did *not* reinstall KB4538483, which was originally installed on Feb 13,” I should have also pointed out that it was not offered to me by WU, so I would have had to install it via the catalog.

I wonder if the fact that KB4538483’s May revision wasn’t offered to me via WU means MS did an assessment and determined that my system didn’t need it?  (…Even though the original version, which was definitely required,  was available *solely* via the catalog.)

Reply | Quote

[Nibbled To Death By Ducks]

Susan Bradley wrote:

That’s what a Microsoft technical account manager told a customer, that we have to install it again.

Susan, I did what you said and installed the May version of KB4538483, but WU is STILL showing the .Net update as “unchecked”:

2020-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 for x64 (KB4556399)

I see on your patch list 399’s on “Hold”, just as 2020-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4556836) is.

—

Just thought I’d add some input. The new KB4538483 seems to have had no effect on KB4556399’s “unchecked” status. Something still fishy going on here.

…and thanks for the tip on the new KB4538483; it wasn’t in WU, and I would not have known about it except through you; MSFT has been “hiding their light under a bushel”, or in the 3rd sub-basement janitor’s closet behind the sign “Beware The Leopard”.

Madness!

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

• This reply was modified 3 years, 4 months ago by Nibbled To Death By Ducks. Reason: Grammar

Reply | Quote

One thing I don’t understand.  Where should I be when I run for x64:
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"  ?

That is, am I running any cmd window from my Start button, or am I running only abbodi86’s special tool in the WE7UI folder I created for it?  And should I first go to (cd) the folder where I downloaded ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe ?

Thanks.

Reply | Quote

See #2268381 and the link therein. And #2263345 above it.

1 user thanked author for this post.

glnz

Reply | Quote

Thanks again PKCano.  I’ll try it your way next time.

Meantime, I succeeded just now by starting cmd as Administrator, using cd to go to the folder where I had downloaded the ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe
and then pasting in the complete command from above
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"

It worked.

Amazing!!!   Many thanks again to abbodi86 and you.

Reply | Quote

I tried it PKCano’s way on a different Win 7 Pro 64-bit machine, and it worked very nicely.  Faster than using cmd.

If you follow PKCano’s links just above, this means (a) making a shortcut of the .NET update file, and (b) in the shortcut’s “target” adding the
/msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"

(preceded by a space by the way).  Then running the shortcut as Administrator.

Thanks again, PKCano.

Reply | Quote

Thank @mattchu – he’s the one that came up with that method.

See #2262363.

1 user thanked author for this post.

Elly

Reply | Quote

When you use the bypass then run the .exe as admin, should the user be asked to accept a license agreement in the install wizard?

Reply | Quote

Yes. That was the way it worked in XP too. Remember?

1 user thanked author for this post.

Moonbear

Reply | Quote

Not really, no. Back then I never used anything but Windows Update.

Until Microsoft changed how patches were offered, I’d never installed a patch manually.

1 user thanked author for this post.

PKCano

Reply | Quote

Hi Susan,
Hope all is well.  About to do the May security rollup (KB 4556836) for my Win 7 Pro x64 systems, and wasn’t sure if when I run windows update:
(1) if the KB4538483 ESU 5/9/20 version shows up if I should download/install it?  I (obviously) have the prior  ESU (Feb?) version (via  Harbor I have the purchased ESUs- thanks  to your help!.),  and if (2) KB4556403/4556399 Net update shows up with (assuming so) check in box if I should install too?  Haven’t run windows update yet.  Thanks in adv for your advice.  Amy 🙂

Reply | Quote

2020-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 for x64 (KB4566517) Windows 7 Security Updates 7/10/2020

Failed. Error code 643.

Reply | Quote

A more recent thread to refer to: Win7 KB4566517 update failed to install

Non-techy Win 10 Pro and Linux Mint experimenter

Reply | Quote