News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • New Win7 Extended Security Updates licensing package

    Home Forums AskWoody blog New Win7 Extended Security Updates licensing package

    Tagged: 

    • This topic has 23 replies, 13 voices, and was last updated 1 month ago.
    Viewing 8 reply threads
    • Author
      Posts
      • #2285311 Reply
        woody
        Da Boss

        Yesterday Microsoft released a new Licensing Prep package for those of you who are paying for Windows 7 Extended Security Updates. Per KB 4575903 This
        [See the full post at: New Win7 Extended Security Updates licensing package]

        4 users thanked author for this post.
      • #2285325 Reply
        redknight
        AskWoody Plus

        According to Gunter’s article, KB4575903 is for Enterprise users of Windows 7 SP1. Microsoft’s article does not specifically mention Enterprise which seems to indicate that Professional is included also.  Does KB4575903 apply to Professional? And, is it ok to install?

        • #2285346 Reply
          abbodi86
          AskWoody_MVP

          It apply to all supported ESU editions, including Ultimate, Embedded, and Servers

          if you are ESU user, yes it’s OK to install

          • #2285449 Reply
            redknight
            AskWoody Plus

            Thanks.  I downloaded KB4575903 from the Microsoft Update Catalog and installed it.

      • #2285353 Reply
        Alex5723
        AskWoody Plus

        Anyone care to explain why pay Microsoft x6 (for 3 years) for W7 ESU vs 0Patch Pro which also patching tens of other apps ?

        • This reply was modified 1 month, 2 weeks ago by Alex5723.
        1 user thanked author for this post.
        • #2285367 Reply
          AlexEiffel
          AskWoody_MVP

          Trust and uncertainty about legitimacy/legality?

          • #2285369 Reply
            Alex5723
            AskWoody Plus

            Trust in Microsoft ? Never.
            There is no question of legitimacy/legality.

            A huge plus to 0Patch. They only patch security bugs and doesn’t bundle Microsoft’s ‘trash’ with their patches.

            We’re not deploying Microsoft’s monthly updates at all but rather write our own micropatches, and only for the critical issues that are likely to be exploited. See this article for more information: https://0patch.zendesk.com/hc/en-us/articles/360009439780

            So naturally, there is no telemetry in our micropatches. However, 0patch does use a very light-weight telemetry itself to support basic functionality: Learn more here: https://0patch.zendesk.com/hc/en-us/articles/360018739694

            • This reply was modified 1 month, 2 weeks ago by Alex5723.
            • This reply was modified 1 month, 2 weeks ago by Alex5723.
            • #2285394 Reply
              Susan Bradley
              AskWoody MVP

              Legality and trust that truly all of the needed security patches are included.

              Susan Bradley Patch Lady

              • #2285427 Reply
                Cybertooth
                AskWoody Plus

                In this context, we’re talking about 0patch.

                With respect to trust that all the needed security patches are included, it would be a simple matter of comparing the patches that Microsoft issues to those issued by 0patch. (And as @Alex5723 pointed out, 0patch also covers other software in addition to the Windows OS.)

                With respect to legality, it’s unclear how that comes into play here. I can see how one might question the legality of the ESU Standalone Installer Script, but I don’t see how the same can be done to 0patch’s method.

                • This reply was modified 1 month, 2 weeks ago by Cybertooth.
              • #2285431 Reply
                redknight
                AskWoody Plus

                Although I built a new Win10 desktop and put it into service a week ago, there is nothing wrong with my 6-year old Win7 machine it replaced.  At this point I do not plan to put it out to pasture and am considering getting as much mileage out of it as possible which will include purchasing a year-2 ESU license and perhaps year-3.  When the time comes, will you publish year-2 ESU instructions?

              • #2285516 Reply
                Alex5723
                AskWoody Plus

                I like to remind Susan that not once but many times 0Patch has issued Security fixes to critical bugs way before Microsoft did. In this regard I trust 0Patch to fix critical bugs and not fix somethings that doesn’t need a fix, like Microsoft does (Intel microcode for AMD CPUs..)

              • #2285521 Reply
                Paul T
                AskWoody MVP

                And there is always the “don’t patch” and image backup regularly to external USB option for those with few funds.

                cheers, Paul

              • #2285522 Reply
                Alex5723
                AskWoody Plus

                You are right. I run a daily incremental backup to external HDD.
                Apart from price 0Patch is for those who doesn’t want to follow Microsoft’s patching, telemetry… or follow security patching for the tens of apps installed.

              • #2285523 Reply
                anonymous
                Guest

                50/50.

                True, many times 0Patch has issued Security fixes to critical bugs way before Microsoft did. This is what they advertise as one of the greatest advantage of their service. OTOH their patches/service already caused compatibility problems with basic/popular software and given the method they apply their patches (in memory/on the fly), it can happen again at anytime, most likely issues with various 3rd party security/AV software or even with the built-in Windows Defender or other components.

                Also true, MS often fails with their patches and sometimes drops unneeded ones on you, especially in form of wrong drivers (the microcode update you cite is a bad example since that patch is actually a microcode database upgrade and the microcode is only applied [at every boot] when the current CPU the OS run on has an older version than in the database). W7 ESU does not cover microcode updates and neither driver upgrades so such kind of harm is less likely.

                So I think the risk is similar using any of the methods, it’s rather the difference of the cost of the two services which can be a deciding factor. If that’s also similar then I’d stick with ESU.

      • #2285386 Reply
        RM
        AskWoody Plus

        In response to Defcon 3.  Why do all of the win 7 windows July updates on the master patch list on the sheet, Windows7/Server 2008R2, say DEFER as of 8-1-20?  All of the Office 2010 July updates are also DEFER- KB4484382, Kb4484456 etc. Why?

        • This reply was modified 1 month, 2 weeks ago by RM.
        • #2285398 Reply
          Susan Bradley
          AskWoody MVP

          The july 31 sheet hasn’t been posted yet.  It goes out this weekend.

          Susan Bradley Patch Lady

          • #2285401 Reply
            RM
            AskWoody Plus

            Thanks very much for letting me know the timing of the latest July sheets.  I appreciate all the work that it takes to keep it updated and your expertise on deciphering the MS output.

      • #2285419 Reply
        GreatAndPowerfulTech
        AskWoody Plus

        Anyone care to explain why pay Microsoft x6 (for 3 years) for W7 ESU vs 0Patch Pro which also patching tens of other apps ?

        • This reply was modified 1 month, 2 weeks ago by Alex5723.

        I’ve been using 0patch Pro for seven months now. It’s been excellent with nothing weird happening. At$30 year, it’s a real value. Plus, they patch zero days before Microsoft does.

        GreatAndPowerfulTech

        3 users thanked author for this post.
      • #2285558 Reply
        Geo
        AskWoody Plus

        You have no choice if you have Home Premium.  You have to use 0patch Pro.

        • This reply was modified 1 month, 2 weeks ago by Geo.
        • #2286142 Reply
          Alex5723
          AskWoody Plus

          Give me 1 reason to favor Microsoft’s ESU.

          • #2286331 Reply
            anonymous
            Guest

            Alex5723 wrote:
            Give me 1 reason to favor Microsoft’s ESU.

            Susan tried to help earlier when she wrote this above:
            Legality and trust that truly all of the needed security patches are included.

            Let me try…
            Because it is Microsoft’s ESU, specifically produced by Microsoft for the purpose of properly patching Microsoft’s Windows 7 Operating System.

            Previously you mentioned your “50 years in IT”. Maybe it might help if, for just a few minutes more, you try to consider things from the perspective of someone involved in decision-making for a business?

            Hope this helps.

            • #2286333 Reply
              Alex5723
              AskWoody Plus

              consider things from the perspective of someone involved in decision-making for a business?

              Decision-making for a business doesn’t throw $420 for 3 years for each PC vs $90 for the same 3 years.
              0Patch fixes only those security bugs which has the potential of being exploited eliminating all the “noise” Microsoft installs which have no benefits.
              Microsoft isn’t to be trusted, never was and never will be.

              • This reply was modified 1 month, 2 weeks ago by Alex5723.
              • #2286336 Reply
                Microfix
                AskWoody MVP

                Alex, considering that with ESU, the OS ‘binary integrity’ is as intended, after all, MSFT coded the OS and THEY know best. I’m not dissing 0Patch and is probably an excellent choice for homeusers and smaller businesses but, I don’t think saving $$$ is the issue from a technical POV in large organisations.

                Win8.1 Pro x64 + Linux Hybrids x86/x64 + Win7 Pro x86/64 O/L
              • #2286448 Reply
                anonymous
                Guest

                business doesn’t throw $420 for 3 years for each PC

                Not sure this is required. I was able to buy MS ESU for just one year needed for a few PCs. I was not asked to buy or commit to multiple years. Don’t recall exactly but unit cost was USD $65-$70. IIRC would have been less for business with volume license discount.

      • #2286422 Reply
        AmbularD
        AskWoody Plus

        Blargh.  As if the continual servicing stack updates weren’t enough…first MS couldn’t get us to take Windows 10 for free; then they couldn’t sneak it onto our systems on the sly; then making us pay to keep our machines up to date didn’t work; so now they’re trying to straight-up annoy us into switching.  Not too good at taking a hint, are they?

        i7-4790k - Z97X-Gaming 3 - DDR3 2133 x 32GB - GTX 1070 FTW - Windows 7 Pro x64 SP1 ESU

      • #2288045 Reply
        abbodi86
        AskWoody_MVP

        When you release an ESU Preparation Package, then supersede it with ESU updates
        yet, the package itself is still explicitly required to recieve ESU updates via WU

        FYI, any of the 3 preparation updates will work

        2 users thanked author for this post.
      • #2288303 Reply
        anonymous
        Guest

        It’s very odd isn’t it – this ESU patch shown as superseded by the SMQR and SOQU – my first thought when I saw it in SCCM was that this was a metadata error but the same info is all over the KB info pages as well.

        MS making it up as they go along?

        • #2288412 Reply
          abbodi86
          AskWoody_MVP

          They just want to make sure all ESU users to have the updating licensing, whether via preparation package or ESU updates themselves

    Viewing 8 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: New Win7 Extended Security Updates licensing package

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.