Looks like a clunker. @BobT reports: KB4556399 (Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8
[See the full post at: Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled]
![]() |
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled
Home » Forums » Newsletter and Homepage topics » Many reports of errors when trying to install the latest .NET patch on Win7 systems with Extended Security Updates enabled
- This topic has 85 replies, 28 voices, and was last updated 4 years, 10 months ago.
AuthorTopicwoody
ManagerMay 12, 2020 at 2:48 pm #2261948Viewing 23 reply threadsAuthorReplies-
gkarasik
AskWoody Plus -
Susan Bradley
ManagerMay 12, 2020 at 3:38 pm #2261990Can anyone impacted do the following:
(I’ll post there as well)
- go to http://aka.ms/vscollect.exe - download and run the log collector - collect and share the contents from %temp%\vslogs.zip? Send me an email to sb@askwoody.com
Susan Bradley Patch Lady/Prudent patcher
-
Susan Bradley
ManagerMay 12, 2020 at 3:51 pm #2262000Just a fyi – I can’t repro this on my Windows 7 ESU.
Mind you I installed https://www.catalog.update.microsoft.com/Search.aspx?q=KB4538483 the revised May version.
Susan Bradley Patch Lady/Prudent patcher
-
Susan Bradley
ManagerMay 12, 2020 at 4:09 pm #2262005It appears to me to be failing on those with the ESU bypass script. It works fine one my Windows 7 with a ESU key. Folks I’ll say it again, buy a ESU key. Microsoft has made it easy to get them now for us peons. Trying to go around the rules means you’ll get nailed like this.
Susan Bradley Patch Lady/Prudent patcher
-
anonymous
GuestMay 12, 2020 at 4:55 pm #2262020Could you post a link for the peons, please, Susan? I do have an ESU license, but I purchased it back when one had to sacrifice a goat and a limb of their choice, and I seem to have missed it when Microsoft dropped those requirements. Would be nice to know where to go if I need any other ESUs in the future.
-
PKCano
Manager -
Susan Bradley
ManagerMay 12, 2020 at 5:07 pm #2262037https://forms.office.com/Pages/ResponsePage.aspx?id=CEtIRBCvwEyPI4AgwsgbpPcTYf1jGDxMoOAm3rKwHJVUOTg0M1JXSUJKQjREMElWODdXQ1FVS0tDVy4u You enter your info there and Amy and Ted can get you a Windows 7 key.
Susan Bradley Patch Lady/Prudent patcher
-
Graham
AskWoody Plus -
Pim
AskWoody Plus
-
-
anonymous
GuestMay 15, 2020 at 9:48 am #2262861I think this advice was premature. The people at MDL have solved the problem.
Furthermore, the cost of a license is considerable. SusanBradley mentioned $65, but that’s apparently only for the first calendar year. This means that if you buy one today, it expires on 31 Dec 2020.
Someone on MDL wrote the following: “I’m not sure how it works in the USA, but after reading her comment, I contacted a friend here in Germany today who’s involved in his university’s contract with M$.
The university pays around 60 euros per machine – they only have a few still running Win 7 – but this is only for the current calendar year. That is, if you somehow bought a license today, it would expire at the end of 2020.
For 2021, you’d have to buy another one-year ESU license. However, my friend said the price is expected to double, and then double again for 2022. This last bit of info is speculation, but based upon well-sourced rumors.”
Again, I don’t know how things work in the US. Your mileage may vary.
1 user thanked author for this post.
-
-
-
woody
Manager
-
-
abbodi86
AskWoody_MVPMay 12, 2020 at 5:57 pm #2262058It has nothing to do with KB4538483 or the script
simply, .NET 4.x patches are using different validation method to verify ESU eligibility
W7ESUI only handle .NET 3.5.1 patch
i suspect that extracting the bundled msp file (inside exe) and installing directly should bypass the ESU check
or use repacked .NET installer (based on administrative MSI installation)
8 users thanked author for this post.
-
T
AskWoody LoungerMay 12, 2020 at 9:01 pm #2262098That’s interesting to know, i’ll be sure to grab that one.
I’d sort of forgotten about .net updates after win7 fell out of general support because if they’re no longer offered through update i just find them a confusing mess of which ones to download and install, particularly if you go the security only route and not quite fully knowing exactly which framework version i have installed.
1 user thanked author for this post.
-
TonyC
AskWoody LoungerMay 13, 2020 at 3:10 am #2262147I am still running a W7 Home Premium system and updating it with the W7ESUI script. The system is not eligible for ESU. I would appreciate some clarification on what abbodi86 has stated.
My W7 system has only .NET Framework 3.5.1 installed. Suppose I were to download KB4552940 (2020-05 Security and Quality Rollup for .NET Framework 3.5.1) from the Microsoft Update Catalog, could I install this rollup directly? Or could I even install it using the W7ESUI script along with the other May 2020 W7 and IE11 updates?
(And yes, I know that I should wait for MS-DEFCON ≥ 3 before installing any May updates!)
-
ch100
AskWoody_MVPMay 13, 2020 at 5:46 am #2262185Still failing after applying the msp directly.
Here is the error in the Application Log.Windows Installer reconfigured the product. Product Name: Microsoft .NET Framework 4.7.2. Product Version: 4.7.03062. Product Language: 0. Manufacturer: Microsoft Corporation. Reconfiguration success or error status: 1603.
1 user thanked author for this post.
-
-
Nibbled To Death By Ducks
AskWoody LoungerMay 12, 2020 at 7:48 pm #2262077Just a fyi – I can’t repro this on my Windows 7 ESU.
Mind you I installed https://www.catalog.update.microsoft.com/Search.aspx?q=KB4538483 the revised May version.
Susan,
I already have the February 12 version of KB4538483; does this mean that, as an ESU user, I have to go install it _again_? Won’t Windows freak out and say “You already installed this patch,”?
Oh, my aching cerebellum.
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty -
Susan Bradley
ManagerMay 12, 2020 at 8:34 pm #2262092That’s what a Microsoft technical account manager told a customer, that we have to install it again.
Susan Bradley Patch Lady/Prudent patcher
1 user thanked author for this post.
-
Nibbled To Death By Ducks
AskWoody LoungerMay 13, 2020 at 12:28 am #2262120That’s what a Microsoft technical account manager told a customer, that we have to install it again.
Susan, a couple of questions:
- When did you twig to this need to update this existing KB? It bears the date stamp of 5/5/20, but I missed whatever n0tification was put out there to get it, if there was one.
- Shall we win 7 ESU’ers download this updated version now, or wait until this dust cloud settles?
- Is it just me, or is it dumb to update a KB and _not_ give it a new number? :/
Info: as of tonight 10PM PST WU “Important” shows:
A) 2020-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 for x64 (KB4556399) [unchecked-huh?]
B) 2020-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4556836) [checked]
Windows Malicious Software Removal Tool x64 – v5.82 (KB890830) [checked]
…and no mention of anyone needing a new KB4538483.
—
(Terribly confusing. MSFT seems to be going out of their way to make life miserable for WIN 7 ESU’ers. Broken mirrors, troubled waters, smoke and mirrors, things popping out at you from corners, it’s a malignant funhouse!)
BTW Many Thanks for all your great help; almost every month it seems like “The Charge of the Light Brigade” we all have to go through! (“…someone had blundered…”)
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty1 user thanked author for this post.
-
-
-
anonymous
GuestMay 12, 2020 at 8:33 pm #2262078Susan edit: This appears to only fail if you have used the bypass script. On a Windows 7 with an ESU key it installs just fine.
My client has 5000, Windows 7 with an ESU key and about 90% of the machines have the issue. It is not just bypass script.
6 users thanked author for this post.
-
Susan Bradley
Manager
-
-
rick41
AskWoody Plus -
armond
AskWoody LoungerMay 13, 2020 at 4:42 am #2262169Nope, I have an ESU key and can’t install this one either manually or via MU/MSU. Good job Microsoft.
2 users thanked author for this post.
-
PKCano
Manager
-
-
abbodi86
AskWoody_MVPMay 13, 2020 at 7:51 am #2262211This bypass the check, thanks to @vinzf
run in Command Prompt as administrator
for x86:
ndp48-kb4552921-x86_608b67e4011b9e103ca18deadbfc013d1c328508.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"
for x64:
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"
for .NET 4.5.2 or 4.6-4.7.2 , choose the appropiate patch file name
-
Cybertooth
AskWoody PlusMay 13, 2020 at 9:14 am #2262236When I went to the Microsoft Update Catalog to download KB4556399, I got the following download window:
What’s the proper procedure here–do I download all of the lsted files, and does it matter in which order they get installed?
-
PKCano
ManagerMay 13, 2020 at 9:32 am #2262244The Rollup is a bundle of separate individual patches for each version of .NET.
Instead of clicking on the “download” link in the Catalog, click on the name of the .NET Rollup, then click on “More Information” in the box that pops up. That will take you to the MS Support page where it lists the separate patch for each version of .NET
You only need the patches for the version(s) you have installed on your computer.
3 users thanked author for this post.
-
Cybertooth
AskWoody PlusMay 13, 2020 at 10:37 am #2262273So, to make sure I understand–
This Windows 7 PC has .NET Framework 4.7 installed, no other versions are listed under Programs. The page that’s reached when clicking on “More information” as you recommended, takes me to this page. Scrolling down to the section “Additional information about this update” on that page, if you have .NET Framework 4.7 you should download KB4552919. Therefore, I only need to download KB4552919 as stated in the section, “How to obtain and install the update,” from that link, is that right?
-
PKCano
ManagerMay 13, 2020 at 10:59 am #2262281Look under Control Panel\Programs & Features at “Turn Win features on or off.” If I am not mistaken, .NET3.5 (including 2.0 and 3.0) are also installed by default on Win7.
2 users thanked author for this post.
-
Cybertooth
AskWoody PlusMay 13, 2020 at 11:08 am #2262284This is so confusing! “Turn Windows features or or off” shows .NET Framework 3.5.1, but the list of installed programs in Control Panel lists only 4.7.2:
So, do I actually have both of these installed or only one, and if so, then which one??
-
PKCano
ManagerMay 13, 2020 at 11:20 am #2262288It is not unusual to have multiple versions of .NET installed. There is a program you can run to list installed versions. It has been mentioned on this site in the past, but I do not have the time to search for it at the moment. Vaguely remember something about a person’s name being part of it – perhaps you could Google.
Think this might be it.
-
This reply was modified 5 years ago by
PKCano.
1 user thanked author for this post.
-
This reply was modified 5 years ago by
-
anonymous
GuestMay 13, 2020 at 11:54 am #2262302I believe the “Raymond” tool may be out of date.
There is also a tool by a developer called ASoft – see
http://www.asoft.be/prod_netver.html and
https://www.majorgeeks.com/files/details/asoft_net_version_detector.html
4 users thanked author for this post.
-
Cybertooth
AskWoody PlusMay 13, 2020 at 12:35 pm #2262318This is a pretty neat tool:
So it looks like I should install the patches for both 3.5 (KB4552940) and 4.7 (KB4552919).
Not sure how or where KB4019990, as proposed by @abbod86, fits into this.
What is the sum total of all the files that I need to download and install, to keep .NET Framework up to date?
3 users thanked author for this post.
-
PKCano
ManagerMay 13, 2020 at 1:01 pm #2262326Ahhhhh, yes, it comes back.
kb4019990 is the d3dcompiler that is necessary for .NET 4.7 and was not installed by default. If you search for this on this site, there were several threads about it when it’s absence caused big problems for Win7.2 users thanked author for this post.
-
-
-
abbodi86
AskWoody_MVPMay 13, 2020 at 9:45 am #2262253Moreover, the NDP files names distingish them
ndp48 = .NET 4.8
ndp47 = .NET 4.7.2 downwards 4.6
ndp45 = .NET 4.5.26 users thanked author for this post.
-
Cybertooth
AskWoody PlusMay 13, 2020 at 10:40 am #2262276OK, but then what do I do with the three non-ndp files that are also listed on the screenshot (msipatchregfix, kb4552940, kb4019990)?
-
abbodi86
AskWoody_MVPMay 13, 2020 at 12:06 pm #2262308You don’t need msipatchregfix, it’s for WU installation only
you should install both kb4552940, kb4019990
1 user thanked author for this post.
-
alpha128
AskWoody PlusMay 13, 2020 at 6:29 pm #2262459You don’t need msipatchregfix, it’s for WU installation only
you should install both kb4552940, kb4019990
But you only need to install kb4019990 if you DON’T already have it, correct?
For example, on my system, I have:
Source Description HotFixID InstalledBy InstalledOn —— ———– ——– ———– ———– <USER>-PC Update KB4019990 NT AUTHORITY\SYSTEM 9/29/2017 …
According the Update Catalog, this patch was last updated on 5/15/2017.
-
PKCano
Manager -
BobT
AskWoody LoungerMay 14, 2020 at 6:43 am #2262541I just ran all 6 files to check, in order, from oldest first. It said I already had the patches, or weren’t applicable, for every file bar the ndp4.8 one (as expected).
Might have been because I already attempted to install the rollup itself through WU first? Unsure if it does a full rollback if one bit (ndp4.8) fails.
Either way I used the parameter workaround in #2262211 and it worked just fine. After a reboot and a manual WU check, the patch then disappears from WU so seems sorted.
Cheers!
-
-
-
-
woody
Manager -
abbodi86
AskWoody_MVP -
cadprofessor
AskWoody Lounger -
PKCano
Manager
-
-
-
T
AskWoody LoungerMay 27, 2020 at 9:17 pm #2266692Apologies for dragging this up again but i just tried this method and it worked great for the security only update kb4552951 (.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2) but failed on security only update kb4552952 (.NET Framework 4.5.2) with the error message – ‘Software Update KB4552952 Installation Wizard does not apply, or is blocked by another condition on your computer.’
I have all the prerequisites otherwise i assume kb4552951 would have failed so my question is, does .net 4.6-4.7.2 replace 4.5.2 and therefore the update is no longer applicable? That was my assumption but i was curious what you thought.
-
-
Purg2
AskWoody LoungerMay 13, 2020 at 12:34 pm #2262317Here is what I do when I need information about .NET Framework. From this location in NDP, one can see all versions applicable (v2.0, v3.0, v3.5, v4). Hope it helps.
No need for a tool, just go to the registry & have a peek. It won’t hurt to look.
C:\Windows\regedit.exe
This is the location to see v4.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full
On the right pane at the bottom of the list it will say Version. Mine says 4.5.51650.
Win 8.1 (home & pro) Group B, W10/11 Avoider, Linux Dabbler
-
John Riley
AskWoody LoungerMay 13, 2020 at 1:25 pm #2262328I have three 2008r2 test servers that were previously successfully licensed for the ESU patches in January/February in our corporate environment. Today, we began testing our SCCM/WSUS deployments on a small subset of test servers. The latest ESU patch (KB4538483) installed successfully, but KB4556399 (Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8) then failed. Looking at the ESU license (SLMGR /DLV), I see that all 3 servers are now “unlicensed”; all 3 are now refusing to re-activate. Frustrating!!
1 user thanked author for this post.
-
PKCano
Manager -
John Riley
AskWoody LoungerMay 13, 2020 at 2:17 pm #2262367Yes, these installed successfully:
KB4555449 – 2020-05 Servicing Stack Update for Windows Server 2008 R2
KB4556798 – 2020-05 Security Update for IE 11
KB4538483 – 2020-05 Extended Security Updates (ESU) Licensing Prep…
KB4557900 – 2020-05 Update for Windows Server 2008 R2
KB4556836 – 2020-05 Security Monthly Quality Rollup for Windows Server 2008 R2Server has been rebooted multiple times since, and I am unable to reactivate the ESU license due to error 0x80072F8F (“A security error occurred”). Previously, these systems took the ESU license on the first try, while I had to activate others via the Microsoft Mobile website. Now that website is no longer available, and its probably just going to be easier to restore these servers from a backup instead of trying to troubleshoot these inane patches.
-
PKCano
Manager -
Susan Bradley
Manager -
Susan Bradley
Manager -
John Riley
AskWoody LoungerMay 13, 2020 at 5:41 pm #2262448Microsoft had a website designed for offline product activation geared towards mobile users, but which also worked to activate other MS products. The website I was originally given by our TAM began https://msdev.gointeract.io/ but I have also seen some other users on various websites accessed it via microsoft.gointeract.io
Sadly, that whole set of pages seems to be down now. It was really very convenient.
-
-
-
-
ch100
AskWoody_MVP
-
-
rick41
AskWoody PlusMay 13, 2020 at 2:37 pm #2262376I usually practice Update Distancing until MS-Defcon 3 or better. But something possessed me to try installing the new .NET patch KB4556399 on one of my Win7 64-bit Pro ESU systems, a Lenovo Thinkpad W530, even though as I stated above WU had changed it from pre-selected to unticked. I did *not* reinstall KB4538483, which was originally installed on Feb 13.
It went fine, and I haven’t noticed any side effects so far (other than strangely being offered a 2012 fingerprint driver update in the Optional section, which I promptly hid). My ESU from Harbor was installed on Jan 15.
-
vandermeer
AskWoody Lounger -
PKCano
Manager
-
-
Nibbled To Death By Ducks
AskWoody LoungerMay 13, 2020 at 5:27 pm #2262446I did *not* reinstall KB4538483, which was originally installed on Feb 13. It went fine,
OK, now there’s some evidence that it’s NOT the lack of the 5/5/ KB4538483 that causes trouble.
As one user above had his ESU license fouled up, I’m crawling back in the foxhole because the dust has definitely not settled on this one!
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty -
vandermeer
AskWoody Lounger -
georgea
AskWoody LoungerMay 16, 2020 at 10:24 am #2263068BypassESU-v7-AIO fixes the .net update issue.
abbodi86 just posted an update to his script package on his mydigitallife “Bypass Windows 7 Extended Security Updates Eligibility” thread.
And.. poor Susan B took quite an undeserved beating from some of the commenters in that thread. Ouch.
-
This reply was modified 5 years ago by
georgea.
-
This reply was modified 5 years ago by
-
GoneToPlaid
AskWoody LoungerJune 2, 2020 at 9:12 am #2268710Yet v7 of BypassESU causes errors in the MS Installer. Specifically, msiexec.exe will frequently crash due to verifier.dll crashing. It is best to uninstall v7 and revert to v6 or v5 for the time being, and use the manual workaround to install the .NET update.
I reverted to v5. Excluding the .NET update which I am still holding off on installing, I had no issues installing the other April and May updates. Note that I did not install version 2 of KB4538483 which is the ESU Licensing Preparation Package since the documentation for the May updates mentions that only the February version must be installed.
-
This reply was modified 4 years, 11 months ago by
GoneToPlaid.
-
This reply was modified 4 years, 11 months ago by
-
georgea
AskWoody LoungerJune 2, 2020 at 8:30 pm #2268900Huh. I’ve used V7 [which is V6 with an extra component for .net patches] on at least half a dozen W7-pro systems with no problems. Just V1 of the ESU Licensing Preparation Package. I have not tried installing much since using V7 but I see an update from May 25 on the main MDL page for V7 saying:
Notice: Regarding .NET 4 ESU Bupass option in BypassESU-v7
it has incompatibility issue and may cause msiexec.exe to crash
in that case, it’s recommended to remove it, and use the manual workaround listed below to install NDP4 updates.So this is good to know.
-
This reply was modified 4 years, 11 months ago by
georgea.
-
This reply was modified 4 years, 11 months ago by
-
-
-
anonymous
Guest -
PKCano
Manager
-
-
anonymous
GuestMay 16, 2020 at 4:40 pm #2263155Screen shot of error. I fail to see context error.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Windows\system32>ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8
.exe /msioptions “ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9”
‘ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe’ is not recogn
ized as an internal or external command,
operable program or batch file.C:\Windows\system32>
-
anonymous
GuestMay 16, 2020 at 5:59 pm #2263163 -
RDRguy
AskWoody LoungerMay 16, 2020 at 9:02 pm #2263191You’re getting this error because you’re running the command from within the default administrators command prompt directory “C:\Windows\system32”.
You need to run the command from within the directory that the .NET update file “ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8
.exe” is stored in.Suggestion:
1) Create the folder “ESU” in the “C:” drive root directory (or any other drive)2) Copy / Move the appropriate .NET update file to the ESU folder just created
3) Open the Administrators Command Prompt
4) Assuming that the ESU folder was created on drive “C:”, change the active directory to where the .NET update file is located by entering the following command => CD C:\ESU (the command prompt should now be … “c:\ESU>” not “C:\Windows\system32>”)
5) Run @abbodi86’s .NET update command listed in his previous post #2262211.
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS -
anonymous
GuestMay 17, 2020 at 7:44 pm #2263369Thank goodness you are smart enough to realize how dumb I am and to do two things to help me out.
- Explaining why I was getting the error I was getting so I could understand my problem.
- Giving explicit, easy to follow, step by step instructions even I could follow to get things to work properly.
Thanks to you KB4552921 has successfully updated my version 4.8 NET Framework. I don’t think this would ever have happened without your help
Thank you very much!
-
RDRguy
AskWoody LoungerMay 17, 2020 at 11:18 pm #2263414You’re welcome – that’s why we’re all here & I couldn’t have done it without you 1st posting the pertinent details (transcript of your screen shot) about the problem.
I’ve done this a time or 2 myself when I’m in a hurry not paying enough attention trying to get something done quick.
Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS
-
-
-
-
rick41
AskWoody PlusMay 18, 2020 at 3:21 pm #2263618I usually practice Update Distancing until MS-Defcon 3 or better. But something possessed me to try installing the new .NET patch KB4556399 on one of my Win7 64-bit Pro ESU systems, a Lenovo Thinkpad W530, even though as I stated above WU had changed it from pre-selected to unticked. I did *not* reinstall KB4538483, which was originally installed on Feb 13.
It went fine, and I haven’t noticed any side effects so far (other than strangely being offered a 2012 fingerprint driver update in the Optional section, which I promptly hid). My ESU from Harbor was installed on Jan 15.
Where I say, “I did *not* reinstall KB4538483, which was originally installed on Feb 13,” I should have also pointed out that it was not offered to me by WU, so I would have had to install it via the catalog.
I wonder if the fact that KB4538483’s May revision wasn’t offered to me via WU means MS did an assessment and determined that my system didn’t need it? (…Even though the original version, which was definitely required, was available *solely* via the catalog.)
-
Nibbled To Death By Ducks
AskWoody LoungerMay 19, 2020 at 12:29 am #2263721That’s what a Microsoft technical account manager told a customer, that we have to install it again.
Susan, I did what you said and installed the May version of KB4538483, but WU is STILL showing the .Net update as “unchecked”:
2020-05 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 for x64 (KB4556399)
I see on your patch list 399’s on “Hold”, just as 2020-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4556836) is.
—
Just thought I’d add some input. The new KB4538483 seems to have had no effect on KB4556399’s “unchecked” status. Something still fishy going on here.
…and thanks for the tip on the new KB4538483; it wasn’t in WU, and I would not have known about it except through you; MSFT has been “hiding their light under a bushel”, or in the 3rd sub-basement janitor’s closet behind the sign “Beware The Leopard”.
Madness!
Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty-
This reply was modified 4 years, 12 months ago by
Nibbled To Death By Ducks. Reason: Grammar
-
This reply was modified 4 years, 12 months ago by
-
glnz
AskWoody PlusJune 1, 2020 at 7:16 pm #2268506One thing I don’t understand. Where should I be when I run for x64:
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"
?That is, am I running any cmd window from my Start button, or am I running only abbodi86’s special tool in the WE7UI folder I created for it? And should I first go to (cd) the folder where I downloaded
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe
?Thanks.
-
PKCano
Manager -
glnz
AskWoody PlusJune 1, 2020 at 7:39 pm #2268516Thanks again PKCano. I’ll try it your way next time.
Meantime, I succeeded just now by starting cmd as Administrator, using cd to go to the folder where I had downloaded the
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe
and then pasting in the complete command from above
ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe /msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"
It worked.
Amazing!!! Many thanks again to abbodi86 and you.
-
glnz
AskWoody PlusJune 2, 2020 at 7:28 am #2268677I tried it PKCano’s way on a different Win 7 Pro 64-bit machine, and it worked very nicely. Faster than using cmd.
If you follow PKCano’s links just above, this means (a) making a shortcut of the .NET update file, and (b) in the shortcut’s “target” adding the
/msioptions "ESU_LOCK=2D40812E-974C-4EA2-8DCC-63C992D505B9"
(preceded by a space by the way). Then running the shortcut as Administrator.
Thanks again, PKCano.
-
-
-
-
AmyO
AskWoody PlusJune 2, 2020 at 10:58 am #2268746Hi Susan,
Hope all is well. About to do the May security rollup (KB 4556836) for my Win 7 Pro x64 systems, and wasn’t sure if when I run windows update:
(1) if the KB4538483 ESU 5/9/20 version shows up if I should download/install it? I (obviously) have the prior ESU (Feb?) version (via Harbor I have the purchased ESUs- thanks to your help!.), and if (2) KB4556403/4556399 Net update shows up with (assuming so) check in box if I should install too? Haven’t run windows update yet. Thanks in adv for your advice. Amy -
anonymous
Guest -
Elly
AskWoody MVPJuly 17, 2020 at 9:09 pm #2281448A more recent thread to refer to: Win7 KB4566517 update failed to install
Non-techy Win 10 Pro and Linux Mint experimenter
-
Viewing 23 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
A CVE-MITRE-CISA-CNA Extravaganza
by
Nibbled To Death By Ducks
4 hours, 39 minutes ago -
Sometimes I wonder about these bots
by
Susan Bradley
56 minutes ago -
Does windows update component store “self heal”?
by
Mike Cross
17 hours, 36 minutes ago -
Windows 11 Insider Preview build 27858 released to Canary
by
joep517
18 hours, 36 minutes ago -
Pwn2Own Berlin 2025: Day One Results
by
Alex5723
18 hours, 1 minute ago -
Windows 10 might repeatedly display the BitLocker recovery screen at startup
by
Susan Bradley
14 hours, 31 minutes ago -
Windows 11 Insider Preview Build 22631.5409 (23H2) released to Release Preview
by
joep517
21 hours, 18 minutes ago -
Windows 10 Build 19045.5912 (22H2) to Release Preview Channel
by
joep517
21 hours, 19 minutes ago -
Kevin Beaumont on Microsoft Recall
by
Susan Bradley
9 hours, 53 minutes ago -
The Surface Laptop Studio 2 is no longer being manufactured
by
Alex5723
1 day, 5 hours ago -
0Patch, where to begin
by
cassel23
23 hours, 29 minutes ago -
CFPB Quietly Kills Rule to Shield Americans From Data Brokers
by
Alex5723
1 day, 19 hours ago -
89 million Steam account details just got leaked,
by
Alex5723
1 day, 6 hours ago -
KB5058405: Linux – Windows dual boot SBAT bug, resolved with May 2025 update
by
Alex5723
2 days, 3 hours ago -
A Validation (were one needed) of Prudent Patching
by
Nibbled To Death By Ducks
1 day, 18 hours ago -
Master Patch Listing for May 13, 2025
by
Susan Bradley
1 day, 5 hours ago -
Installer program can’t read my registry
by
Peobody
2 hours, 42 minutes ago -
How to keep Outlook (new) in off position for Windows 11
by
EspressoWillie
1 day, 16 hours ago -
Intel : CVE-2024-45332, CVE-2024-43420, CVE-2025-20623
by
Alex5723
1 day, 23 hours ago -
False error message from eMClient
by
WSSebastian42
2 days, 14 hours ago -
Awoke to a rebooted Mac (crashed?)
by
rebop2020
2 days, 23 hours ago -
Office 2021 Perpetual for Mac
by
rebop2020
3 days, 1 hour ago -
AutoSave is for Microsoft, not for you
by
Will Fastie
3 hours, 37 minutes ago -
Difface : Reconstruction of 3D Human Facial Images from DNA Sequence
by
Alex5723
3 days, 4 hours ago -
Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit
by
Alex5723
11 hours, 59 minutes ago -
Outdated Laptop
by
jdamkeene
3 days, 10 hours ago -
Updating Keepass2Android
by
CBFPD-Chief115
3 days, 15 hours ago -
Another big Microsoft layoff
by
Charlie
3 days, 15 hours ago -
PowerShell to detect NPU – Testers Needed
by
RetiredGeek
17 hours, 13 minutes ago -
May 2025 updates are out
by
Susan Bradley
27 minutes ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.