Standalone installer script for Windows 7 ESU, regardless the license

[abbodi86]

# W7ESUI #

Automated batch script to install Windows 7 Extended Security Updates, regardless the ESU license and without requiring any eligibility check bypass.

* Pros:

– Process the updates from one same location

– Detect and install servicing stack update first

– Check required stack installer version for each update

– Include the Telemetry neutralize tweaks

– Works with Group A: Monthly Quality Rollup, or Group B: Security Only update / IE11 cumulative update

* Limitations:

– SHA2 support updates KB4490628 and KB4474419 are prerequisites for ESU updates.
Either install them yourself first, or put their msu files with ESU updates files together and the script will install them

– The script is specifically designed to process ESU updates only.

while it still can install regular updates, but it has no specific checks or conditions for their prerequisites
regular updates should be installed normally, manually, using Windows Update, or other tools

– You must always use the script for any future ESU updates, you cannot install them manually afterwards

* Download:

Includes corrections for those downloading using IE11:
https://github.com/abbodi1406/WHD/raw/master/scripts/W7ESUI_0.3.zip

* How to use on live OS:

– Download the ESU updates msu files from Microsoft Update Catalog, following history page or AskWoody Knowledge Base

a) if you are Group A user, you need:
latest Servicing Stack Update
latest Security Monthly Rollup
latest .NET rollup

b) if you are Group B user, you need:
latest Servicing Stack Update
latest IE11 Cumulative Update
Security Only Update for each month (e.g. February and March together)
every .NET Security Only Update (if any)

– Extract W7ESUI.cmd from the zip file, or extract the whole zip file

– Copy or move W7ESUI.cmd and place it next to (in the same folder as) the downloaded msu files
ini file W7ESUI.ini is not really necessary in this case

– Right-click on W7ESUI.cmd and “Run as administrator”

– If all goes well, you should get cmd window similar to this:

– Now press the zero 0 number on keyboard to start the process

– At the end, restart the system if prompted

See ReadMe.txt for more details, and how to use the script for offline integration.

******************************
******************************

The bypass is mainly meant for installing .NET 4 updates through WU, manual installation works too
but it has compatibility issue and cause other MSI programs to fail (including KIS 2020 or Office C2R)

the first installer was merely a simple script for installing .NET 4 updates manually using the ESU_LOCK workaround
the revived version include temporary self-bypass to work with July updates

dotNetFx4_ESU_Installer_r.zip is the safest approach so far

https://github.com/abbodi1406/WHD/raw/master/scripts/dotNetFx4_ESU_Installer_r.zip

******************************
******************************

REVISED January 2021:
Comments from 2020 have been archived here – continue posting on this page.

• This topic was modified 1 year, 4 months ago by abbodi86.
• This topic was modified 1 year, 3 months ago by PKCano.
• This topic was modified 1 year, 3 months ago by PKCano.
• This topic was modified 1 year, 3 months ago by PKCano.
• This topic was modified 6 months, 4 weeks ago by PKCano.

Total of 40 users thanked author for this post. Here are last 20 listed.

Kranium, MikeL, glnz, Stephen Henry, Metanis, MrChaz, Microfix, JimBean, Silenus, Charles Pugh, ioneye, Steve, thompsgd, NetDef, paintgregg, maisy2, byteme, JCCWsusser, AusJohn, deuce120

Reply | Quote

[italiangm]

Did you mean W7ESUI_0.2?  W7ESUI_0.2 is the current release.

Reply | Quote

[abbodi86]

Both work 🙂
v2 additionaly support installing SHA2 updates (KB4490628/KB4474419) if not already installed

1 user thanked author for this post.

italiangm

Reply | Quote

[abbodi86]

W7ESUI v3

– Enhanced detection for updates files and KB number (to void issue with files downloaded from MU catalog via IE11)

10 users thanked author for this post.

byteme, TaskForce141, T, Cyrus Khambatta, AusJohn, SueW, Moonbear, RDRguy, zat_so, Microfix

Reply | Quote

[PKCano]

Here’s your .NET for January, 2021. There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
There were only updates for .NET 4.6-4-7-2 and 4.8 (non-Secruity only)
The other updates in the Rollup are older and should already be installed.

.NET Quality Rollup KB4598500
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 (Oct 2020)
.NET 4.6 – 4.7.2 KB4597239
.NET 4.8 KB4597254

5 users thanked author for this post.

byteme, jburk07, abbodi86, zat_so, SueW

Reply | Quote

[Moonbear]

When was the 3.5.1 patch in this rollup originally released?

Reply | Quote

[PKCano]

October 2020.

1 user thanked author for this post.

Moonbear

Reply | Quote

[Microfix]

Installed SMQR kb4598279 using W7ESUIv3 (it’s a double restart) and dotNET kb4598500 using dotnetfx4 on x86 Win7 Pro. No problems reported here in event viewer.
Another clean run, so far, so good 🙂
Peripherals still to check over..to be updated

Update: No issues with local Pixma Printer or scanner, SFC – no integrity violations.

| Quality over Quantity |

• This reply was modified 6 months, 3 weeks ago by Microfix.

3 users thanked author for this post.

TaskForce141, jburk07, abbodi86

Reply | Quote

[Susan Bradley]

KB4598500 is an optional .net – meaning that there is no new security fixes in it.  If you have your system set to not offer up optional updates in the same manner as important updates it’s not shown to you in Important, but rather the Optional section.

Susan Bradley Patch Lady

2 users thanked author for this post.

jburk07, abbodi86

Reply | Quote

[TaskForce141]

Jan. 2021 rollup (KB4598279) and .Net 4.8 update (KB4597254) installed without problems, using version 0.2 script, on both 32-bit desktop and 64-bit laptop.  I define “no problems” as Win loading normally or with a slightly longer 1st restart, and Firefox loading as usual and streaming youtube and basketball games.

One oddity: all of the entries for previous security monthly quality rollups are missing from the list of installed updates (Control Panel > Programs and Features > view installed updates).  Even the ones prior to Win 7 EOL Jan. 2020.   The servicing stack updates and .Net updates are still listed.   I just noticed this; perhaps this was always true, i.e. a by-product of the rollups or the installer script.

Reply | Quote

[abbodi86]

Monthly Rollups are chained together, only the latest one show up in the list

similar to KB2952664 multi versions

Reply | Quote

[glnz]

My wife’s Win 7 Pro 64-bit SoHo production machine wants to install Malicious Software Removal Tool KB890830 version 5.85 dated Jan 12, 2021.

Anyone have any problems with it?

Thanks.

 

Reply | Quote

[Pierre77]

KB890830 No problem with that update. It is only released on a 3 monthly basis.

Reply | Quote

[Paul T]

MSR is an additional protection mechanism provided by MS. There is no downside to running it.

cheers, Paul

Reply | Quote

[anonymous]

I have been running MSRT for a long time.  Never any problems with it.  Ran version 5.85 dated Jan 12, 2021 on Jan 15.

Reply | Quote

[anonymous]

On the morning of Jan. 31 I installed these two updates to two Windows 7 Home Premium,  Service Pack 1,  x64 machines using W7ESUI.

Latest .NET for 4.8 KB4597254

Jan. Rollup KB4598279

I have been using the machines and have not encountered any problems.

Reply | Quote

[anonymous]

Correction:

Jan. Rollup was installed using W7ESUI ,  but .NET was installed using dotNetFx4_ESU_Installer.cmd.

Sorry for the error in the original post.

Reply | Quote

[PKCano]

I will continue to post this information in this thread as of 2/9/2021.

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on February 9, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There was no February IE11 CU for Win7.

February Rollup KB4601347 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2342225.

5 users thanked author for this post.

byteme, Cyrus Khambatta, jburk07, SueW, abbodi86

Reply | Quote

[PKCano]

Here’s your .NET for February, 2021. There were Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
There were only updates for .NET 4.6-4-7-2 and 4.8
The other updates in the Rollups are older and should already be installed.

.NET Quality Rollup KB4603002
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 (Oct 2020)
.NET 4.6 – 4.7.2 KB4600945
.NET 4.8 KB4600944

.NET Security-only Quality Rollup KB4602958
.NET 4.6 – 4.7.2 KB4601090
.NET 4.8 KB4601089

7 users thanked author for this post.

Steve, Microfix, Cyrus Khambatta, zat_so, jburk07, SueW, abbodi86

Reply | Quote

[Moonbear]

@PKCano

I’ve been installing the .NET 3.5.1 & 4.7 updates from the .NET Quality Rollup. Can I switch to installing the .NET 3.5.1 & 4.7 updates from the Security-only Quality Rollup without breaking anything?

• This reply was modified 5 months, 3 weeks ago by Moonbear.

Reply | Quote

[PKCano]

The SOs are a part of the Rollups. But SOs by themselves are NOT cumulative.
You can install the SOs whenever you want, but if you have installed the Rollup of the same date, you already have that SO and any SO that came before b/c the Rollups are cumulative.

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

Okay, I didn’t think about the SOs not being cumulative updates.

• This reply was modified 5 months, 3 weeks ago by Moonbear.

Reply | Quote

[anonymous]

The first time I used the W7ESUI script it ran the anti-telemetry file but it hasn’t any time since.  Is that by design or should that file exist each time the script is run?

Thank you.

Reply | Quote

[abbodi86]

It’s created with each new installed Monthly Rollup

1 user thanked author for this post.

Microfix

Reply | Quote

[anonymous]

Where did everything go?

Reply | Quote

[Susan Bradley]

https://www.askwoody.com/2021/try-to-fix-one-thing-break-another/

Slight temporary bug.  Don’t panic.

Susan Bradley Patch Lady

Reply | Quote

[glnz]

Reminds me of Star Trek Next Generation episode in which Dr. Crusher notices that crew starts disappearing and the Enterprise gets smaller and smaller.

Am I the only one left?

Ready to use abbodi86’s lifesavers here (again) to install the following on my Win 7 Pro 64-bit:

In the W7ESUI:
KB4601347
KB4578952

In the dotNetFx4_ESU:
KB4600944

These are “permitted” in Susan’s latest list.  Do you agree these are OK?

And please say SOMETHING so I know someone in the whole wide universe is seeing this.  (Hello?)

Thanks!

Reply | Quote

[PKCano]

The SSU KB4578952 is from Oct 2020. You probably already have it installed. There wasn’t a Feb SSU.

KB4600944 is for .NET 4.8, KB4600945 is for .NET 4.6-4.7.2 depending on which version you have installed.

Reminder: We’re still on DEFCON-2 until maybe Sunday.

Reply | Quote

[Susan Bradley]

Officially I’m waiting until the newsletter goes out to make the change.  But I always look at the weekend as a good time to install updates.

Susan Bradley Patch Lady

Reply | Quote

[glnz]

Susan B – Thanks.  But I got your “Install” from your current Patch List.  Still wait for a few days?

Reply | Quote

[glnz]

PKCano – What would be the February update for .NET 3.5 for Win 7 Pro 64-bit? Looks like I got it wrong.

Reply | Quote

[abbodi86]

Latest update for .NET 3.5 is 2020-10 KB4578952

Reply | Quote

[PKCano]

There is information on this above, but you won’t be able to see it until the site is fixed Sun. morning (28th) server time. Wait a few.

Can you see #2342227 and #2342225?

Reply | Quote

[glnz]

PKCano – No, cannot see those two.

This is like getting on a NYC bus and seeing only the driver and me. (Drivers today, as we have abbodi86, Susan and yourself.) So, let’s go to Miami!

Reply | Quote

[glnz]

Just to let everyone know that on two Win 7 Pro 64-bit machines I successfully installed

in the W7ESUI:
KB4601347

in the dotNetFx4_ESU:
KB4600944

As PKCano pointed out, although I also put the KB4578952 installation file in the W7ESUI, it was ignored because it is just a regurgitation of the same file from before.

(Doing these updates is important for the production machine in my wife’s SoHo, a Dell Optiplex 780 I bought used on eBay seven years ago. But although she acknowledges my taste for keeping junky old computers running, she plans to throw it out and get an iMac. Oh well …)

Thanks again, and cheers!

• This reply was modified 5 months ago by glnz.
• This reply was modified 5 months ago by glnz.

1 user thanked author for this post.

jburk07

Reply | Quote

[anonymous]

See #2346543 above.  The latest  is SSU KB4578952 from Oct 2020.  There is no update for .NET 3.5 for Feb.

1 user thanked author for this post.

jburk07

Reply | Quote

[anonymous]

I wait until DEFCON says it is time to install.  (Hello back at ya!)

Reply | Quote

[anonymous]

With the advent of DEFCON-4 on Feb. 28 I installed the following on two Win 7,  SP 1,  x64 machines.

Using W7ESUI:

Feb Rollup KB4601347

Using dotNetFx4_ESU_Installer

Feb .NET 4.8 KB4600944

1 user thanked author for this post.

jburk07

Reply | Quote

[anonymous]

I tried to install ndp48-kb4600944-x64_20a6a012e02c9d905f6f3a24850f1218bc849a26.exe using  dotNetFx4_ESU_Installer, but it responded with the message “NDP45 exe update files are not detected.” The two files are in the same folder.

Please help. Thanks.

Reply | Quote

[Bob99]

I tried to install ndp48-kb4600944-x64_20a6a012e02c9d905f6f3a24850f1218bc849a26.exe…

Per the message you’re getting from the script, it’s looking for a file that starts “ndp45…” and per your statement above, you’re putting a file that starts with “ndp48…” in the folder.

Also, the update you’re trying to install is only for .NET version 4.8 and not for any other versions.

From the sounds of the installer script’s error message, you might have .NET version 4.5 on your system instead of 4.8. If that is indeed the version you have, then the last update released for it was back in October of last year, KB4578955, so you don’t need to worry about an update for .NET this month.  🙂

1 user thanked author for this post.

abbodi86

Reply | Quote

[anonymous]

Could anyone please tell me how I can install .NET 4.5.2 update (KB4578955) via administrative installation if I don’t have .NET and I would like to install it from scratch along with the latest update? I would like to avoid replacing system DLLs like dotNetFx4_ESU_Installer_r.zip does.

Reply | Quote

[PKCano]

Before you can install an update, you have to have .NET 4.5.2 installed on your PC.

If you do not know if .NET 4.5.2 is installed on your computer, download the .NET version checker mentioned here to find the version of .NET installed on your computer.
If you do not have v4.5.2 already installed, download the .NET 4.5.2 installer from Microsoft and install it. It will not be up to date.
If you have the ESU subscription, you should receive the update through Windows Update.

If you do not have the ESU subscription, to install the update, create a folder on your C: drive and unzip dotNetFx4_ESU_Installer_r.zip into the folder.
Download KB4578955 from the MS Catalog (link in #2342225 above) and place it in the same folder.
In an elevated command prompt (right click on cmd.exe and “Run as Administrator) right click on the .cmd file in the folder and “Run as Administrator. Follow the instructions.

1 user thanked author for this post.

abbodi86

Reply | Quote

[anonymous]

Thank you for your reply, but you haven’t got what I mean. Here abbodi86 wrote that it’s possible to install .NET updates in a way which I’ve described. dotNetFx4_ESU_Installer_r.zip replaces system DLL, I would like to avoid that. I don’t have ESU subscription. I’ve already downloaded .NET 4.5.2 installer as well as KB4578955. Now how can I install .NET along with the KB4578955 without bin folder which is stored in dotNetFx4_ESU_Installer_r.zip?

Reply | Quote

[PKCano]

You can probably install the .NET 4.5.2, and any updates for it up to and including Jan. 2020 using Windows Update.

But after Jan 2020, WIn7 is EOL and you cannot install any of the later updates without either the ESU or circumventing the EOL with abbodi86 ‘s script. They will not install in Win7 EOL.

1 user thanked author for this post.

SueW

Reply | Quote

[Pexiler]

Hello everyone
i tried to install .NET Framework 4.8 but it gives me this error

 

Reply | Quote

[PKCano]

Pexiler wrote:

i tried to install .NET Framework 4.8 but it gives me this error

KB4600944 is an update, not the installer for .NET 4.8. Is .NET4.8 already installed on your computer?

Reply | Quote

[Pexiler]

PKCano wrote:

Pexiler wrote:

i tried to install .NET Framework 4.8 but it gives me this error

KB4600944 is an update, not the installer for .NET 4.8. Is .NET4.8 already installed on your computer?

i don’t have framework installed.

how do I solve?

Reply | Quote

[PKCano]

The .NET 4.8 installer can be downloaded from Microsoft.
Win7 is EOL. The same restrictions will apply as for .NET 4.5.2 in #2347965 above. It will not be up to date.

You will be able to install updates up to , and including, Jan 2020 using Windows Update. For updates after Jan 2020, including KB4600944, you will need to have the ESU subscription or you will need to use @abbodi86 ‘s bypass mentioned at the top of this thread.

A word of caution.
Although you can install .NET 4.8 on Win7, it is better to use one of the earlier versions of .NET. (4.5.2, 4.6-4.7.2 Unless you have software that specifically needs .NET 4.8, I wouldn’t worry about installing it.

1 user thanked author for this post.

abbodi86

Reply | Quote

[anonymous]

Why do you think “,,,it is better to use one of the earlier versions of .NET. (4.5.2, 4.6-4.7.2,,,” rather than .NET 4.8?

Should I remove .NET 4.8 and install .NET 4.7.2?

PS. I have both .NET 3.5 and .NET 4.8 installed on my machine.

Reply | Quote

[PKCano]

If you already have .NET 4.8 installed, and you have no problems with it, then keep it as is.
Information about the updates still goes.

1 user thanked author for this post.

GoneToPlaid

Reply | Quote

[GoneToPlaid]

I agree. I held off on installing .NET 4.8 since it was initially buggy. Eventually I installed it on my Win7 computers. I haven’t encountered any obvious issues when running programs which require .NET 4.8 or earlier versions.

Reply | Quote

[GBWalk]

I could use a little help, I am not that tech savvy.

I use windows 7, with an ESU.

Worked fine last year.

When I installed the year 2 ESU and attempt to update, it gives me error Code 800B0101

That error message says the time on my PC is incorrect.

I 2x checked and the time and date are fine.

Any ideas on how I can fix this?

Thanks for your input.

Reply | Quote

[PKCano]

We haven’t seen problems with the Feb patches so far.
Since Feb is the first of the year-2 subscription, I would suggest you go back over the ESU setup and be sure it is correct.

For Feb, there was a Rollup (or SO if you are using Group B) and .NET 4.6-4.7.2 or 4.8 depending on what .NET you have installed. There was no new Servicing Stack or update for .NET 3.5 – the latest of these was Oct 2020.

Reply | Quote

[anonymous]

I had that 800B0101 with net framework recently and set date to febuary helped install without any problem,weird thing

2 users thanked author for this post.

kipock, T

Reply | Quote

[T]

Thanks for suggesting this, i was at my wit’s end wondering why it wouldn’t install (failed with error code – 2146762495) until i saw your comment, changed my system date to a month ago and it worked. I also noticed that it’s a known issue on the .Net 4x pages but i’m pretty sure i’ve installed .Net 4x updates outside of their release month previously so presumably the required certificate in the .Net package would not have matched the system time then either.

https://support.microsoft.com/en-us/topic/security-only-update-for-net-framework-4-6-4-6-1-4-6-2-4-7-4-7-1-4-7-2-for-windows-7-sp1-and-windows-server-2008-r2-sp1-and-windows-server-2008-sp2-kb4601090-582f84bd-c341-83c9-e428-eac9b50f021e

Reply | Quote

[anonymous]

Much appreciation for the comments regarding this little issue.
Thank you T, for your post and thank you very much anonymous. It worked like a charm.
The new month brought this on? Never realized.

I also had [Failed. Error code: -2146762495] today
for both of these (ndp47 downloads)
2021-02 Security and Quality Rollup for .NET Framework (KB4603002)
2021-02 Security Only Update for .NET Framework (KB4602958)

Thank for helping out!

Reply | Quote

[anonymous]

It worked, thanks for your help!!

Reply | Quote

[anonymous]

Wow thank you so much that worked like a charm I have been trying to install this update for a few days and this finally worked.

Reply | Quote

[PKCano]

I will continue to post this monthly information in this thread as of 2/9/2021.

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on March 9, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There is a March IE11 CU  KB5000800 for Win7. Download 32-bit or 64-bit.

March Rollup KB5000841 Download 32-bit or 64-bit. for those with Win7 ESU subscriptions.

You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2349123.

****UPDATE: On 3/22/2021, Microsoft released a fix for printer issues caused by the March Patch Tuesday updates.
Out-of-Band update KB5001639 – Download 32-bit or 64-bit

4 users thanked author for this post.

jburk07, SueW, Microfix, abbodi86

Reply | Quote

[PKCano]

Here’s your .NET for March, 2021. There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
NOTE: Updates for v3.5.1 are older (Oct 2020) and should already be installed.
Updates for v5.2,  v4.6 – 4.7.2 and v4.8 have been re-signed as version 2 and should be installed.

.NET Quality Rollup KB4579977 (2020-10)
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 v2
.NET 4.6 – 4.7.2 KB4578963 v2
.NET 4.8 KB4578977 v2

.Net Quality Rollup KB4603002 (2021-02)
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 v2
.NET 4.6 = 4.7.2 KB4600945 v2
.NET 4.8 KB4600944 v2

6 users thanked author for this post.

abbodi86, Pim, jburk07, Moonbear, SueW, Microfix

Reply | Quote

[abbodi86]

2021-03 Security and Quality Rollup for .NET Framework for Windows 7 (KB4579977)
2021-03 Security and Quality Rollup for .NET Framework for Windows 7 (KB4603002)

all .NET 4.x updates (including 4.5.2) were re-signed and bumped version, for both Rollups

4 users thanked author for this post.

Pim, jburk07, Microfix, PKCano

Reply | Quote

[Microfix]

indeed they were, well spotted 😉

no initial problems here SFC in tact /event viewer-no errors/no additional telemetry

| Quality over Quantity |

1 user thanked author for this post.

jburk07

Reply | Quote

[Microfix]

NONE exhibit ANY local (USB) printer printing/comms/crash issues and print queues as expected with no violations via SFC integrity check, all good here this month.

| Quality over Quantity |

2 users thanked author for this post.

jburk07, abbodi86

Reply | Quote

[abbodi86]

Both refreshed rollups pulled

however, the updated files were added to the old rollups: 2021-02 (KB4603002), 2020-10 (KB4579977)

3 users thanked author for this post.

jburk07, Pim, Microfix

Reply | Quote

[anonymous]

PKCano,

Microsoft Update Catalog cannot find any results for KB4578952 (for .NET 3.5.1).

Message returned from search: We did not find any results for “KB4578952”

Reply | Quote

[PKCano]

Because KB4578952 is not listed as an individual patch. It is included in the .NET Rollup. If you click the “Download” button for the Rollup (linked) in the Catalog, you will find all the .NET updates for a given Rollup KB. That is the usual listing.
The reason the others are listed separately is because they were re-released.

Reply | Quote

[Moonbear]

@PKCano

Do both kb4578963 v2 and kb84600945 v2 need to be installed to be up to date?

 

• This reply was modified 4 months, 1 week ago by Moonbear.

Reply | Quote

[abbodi86]

No need if v1 of both are already installed

otherwise, just install kb4600945 v2

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

Will doing that also bring the October upadate to v2 as well?

Reply | Quote

[abbodi86]

You don’t need that
kb4578963 v2 is ment for Windows 7 Embedded family

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

Should the MSRT (KB890830) be considered as under the Def-Con umbrella or can it be installed at any time?

Reply | Quote

[Susan Bradley]

Installed at any time or skipped.

Susan Bradley Patch Lady

1 user thanked author for this post.

Moonbear

Reply | Quote

[JimBean]

Win7 HP x64, W7ESUI_0.2

Installed;

• Jan – March 2021 SO updates (KB 4598289, KB 4601363, KB 5000851)
• Mar 2021 (IE11) – KB 5000800

No problems to report.

Thanks,all.

1 user thanked author for this post.

SueW

Reply | Quote

[Microfix]

Heads Up!
For those who are having issues with printers post March SO/CU updates for Win7/ Windows Server 2008 R2 SP1
MSFT have released OoB updates kb5001639 for x86 and x64 versions

available from the catalog:
https://www.catalog.update.microsoft.com/Search.aspx?q=kb5001639

MSFT documentation: kb5001639

| Quality over Quantity |

4 users thanked author for this post.

jburk07, SueW, PKCano, abbodi86

Reply | Quote

[PKCano]

AKB2000003 has been updated for both Win7 and Win8.1.

5 users thanked author for this post.

Susan Bradley, jburk07, Kirsty, SueW, Microfix

Reply | Quote

[unleashed]

Need to re-install windows.

I assume I don’t need to re-install all prior ESU updates, just the latest one.

Is that the correct path?

Let MS Windows Update install the regular updates.

Then by using W7ESUI …

Latest Servicing Stack Update
Latest Security Monthly Rollup
Latest .NET Rollup

Thanks

Reply | Quote

[PKCano]

I have helped several with a new Win7 install. This information may be of some help to you.

Because there are several prerequisites along the install route, and because the updates associated with Meltdown/Spectre caused so much trouble, the installation was done in segments.
You can get Win7 up to date as of Jan 2020 EOL using Windows Update, but it is wise to to it in steps as described in Any advice on how to safely update a new Win7 installation. The outlined steps begin at #1982141, but it would probably be a good idea to read through the whole thing to understand the method used.
After your reach Jan 2020 updates, see the instructions at the top of this thread and #2349121 above to use the installer scripts for ESU updates. If you use the Rollups, they are cumulative, Security-only patches are not. The Rollups contain the IE11 CUs, so you do not need to install them separately, but be aware of the prereq’s (read “before installing this update” here).

Another similar thread for navigating a clean install is #1907521.

2 users thanked author for this post.

unleashed, abbodi86

Reply | Quote

[anonymous]

I assume DEFCON-3 applies to these Win7 updates.  Therefore I have a question.

Do both kb5000841 and kb5001639 go into the folder with W7ESUI.cmd at the same time, or does each need to be run separately (in sequence), or is only the later update, KB5001639, needed?

 

1 user thanked author for this post.

jburk07

Reply | Quote

[PKCano]

I did it that way, both at the same time. The script processed both and both show installed.

If you are installing the Rollup (KB5000841), I believe you need both. KB5001639 is not a cumulative update and doesn’t contain the IE11 CU.

2 users thanked author for this post.

jburk07, glnz

Reply | Quote

[anonymous]

Am I correct in the following?

1.) Both .NET 4.8 4578977 and .NET 4.8 4600944 need to be installed again and can be put            into the folder with dotNetFx4_ESU_Installer together.

2.) Again,  there is no SSU for March.  The last SSU was KB4592510 released in December 2020.

Reply | Quote

[PKCano]

anonymous wrote:

1.) Both .NET 4.8 4578977 and .NET 4.8 4600944 need to be installed again and can be put into the folder with dotNetFx4_ESU_Installer together.

See #2349123 above. Yes both in the same place together.

anonymous wrote:

2.) Again, there is no SSU for March. The last SSU was KB4592510 released in December 2020.

See #2349121 above.

Reply | Quote

[anonymous]

With the DEFCON System moving to  DEFCON-4 I installed the following on two Win 7,  SP 1,  x64 machines yesterday (Mar. 27).

Using W7ESUI:

Mar. Rollup KB5000841

Mar. Rollup fix  KB5001639

Using dotNetFx4_ESU

Mar. .NET 4.8 KB4578977

Mar. .NET 4.8 KB4600944

No problems to report as of late today (Mar. 28).

 

2 users thanked author for this post.

glnz, jburk07

Reply | Quote

[anonymous]

Sorry, that should be DEFCON-3 not DEFCON-4.

Reply | Quote

[Moonbear]

Is anyone else not able to download the patches from the update catalog?

When I tried to to begin downloading the update this morning, all 3 patches had the same strange behavior. Clicking the download button would bring up the window with the patch as normal, but clicking the patch did not trigger the download as it should.

Clicking the patch a second time triggered the blocked download warning as if clicking the first time had actually triggered the download.

Right-clicking and selecting open link in new tab acts as if your using a popup blocker to keep new tabs from opening.

If you right click and select open in a new window, all you get is a black window with untitled in the tab.

I’m posting this here in case the direct download links in the posts by @PKCano are misbehaving as well.

Reply | Quote

[PKCano]

All worked for me – see screenshots.
The SO, OOB< and IE11 CU download links are available from AKB2000003.

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

I actually figured out what was happening.

Google Chrome in tightening the settings for insecure content on a secure site.

I had to add the update catalog to the allow list.

Reply | Quote

[anonymous]

Yes,  I had the problem and could not figure out what was happening so I went to Firefox and did the downloads there.

Thank you for solving the problem for me,  and for sharing the solution with all of us.

 

Reply | Quote

[anonymous]

Where did you find the allow list in  Chrome?

Reply | Quote

[anonymous]

While on the Microsoft Update Catalog website,
tap on the lockpad icon on the top left of Chrome.
Choosing, Site settings, toggled down to ‘Insecure content’
and changed ->Block (default) to Allow

That worked for me 🙂
My thanks too, to Moonbear for solving this, much appreciated.

Reply | Quote

[Moonbear]

This is how I made the catalog downloads work.

Open the Chrome settings, scroll down to and click Site settings.

In Site settings, Scroll down to where it says Content and click on Additional content settings.

After that, scroll down to Insecure content and click.

You’ll then see 2 buttons: Add & Block

Click the Add button and type this:

https://[*.]www.catalog.update.microsoft.com

(Be sure to type this as copy/paste acts weird in the settings menus and can sometimes add random characters to what your pasting.)

Now the patch downloads should start as normal.

Reply | Quote

[anonymous]

I spent hours in Chrome help as well as on the internet trying to find out where the “allow list” is in Chrome.  The trouble is that there is nothing called “allow list” in Chrome.

Reply | Quote

[anonymous]

It looks like this is the “correct” way to do it,  with Chrome doing it.  Very easy to do when you know how.  Thank you for posting this.

Reply | Quote

[anonymous]

Of course #2354415 must refer to #2354237 as the “correct” way to do it. Many thanks to anonymous for that bit of Chrome education.

Reply | Quote

[anonymous]

Interesting, I just updated Chrome to Ver.90.0.4430.72 (Official Build) as ‘Google rolls out Chrome 90, which defaults to HTTPS instead of HTTP’ and downloaded a catalog file with Block (default) insecure content back on – it’s fine again!

Google’s release notes say that Chrome 90 contains 37 security fixes, six of which are categorised as “high”, including a zero-day vulnerability that was recently revealed to be affecting all Chromium-based browsers.

The news comes as the company gears up to release its FLoC system, which is designed to replace third-party cookies for ad tracking through a new API which was recently added to Google Chrome. However the system has already met opposition, with a number of other browser makers saying they won’t support FLoC over concerns around user privacy.

Reply | Quote

[anonymous]

With the previous version of Chrome I had to go to Firefox to download from the Update Catalog.  It seems crazy,  but I just did a download and can confirm catalog downloads are fine again with Ver.90.0.4430.72 (Official Build) (64-bit) with insecure content turned on.

Reply | Quote

[Microfix]

Observation:
Older dotNET won’t update with a newer SSU using slc redirect method here!
Nand and Nor gates at work with 2021 SSU’s and 2020 dotNET’s (SMQR)
Abbodi86 can you confirm this? Is this date/year affected by SSU?
Thanks in advance

| Quality over Quantity |

Reply | Quote

[abbodi86]

SSU and .NET 4.x updates are totally separated
which updates failed?

dotNetFx4_ESU_Installer is manual installer, not via WU

Reply | Quote

[Microfix]

kb4592510 SSU Dec 2020 and attempted to install dotNET 4.5.2 kb4578955, failed
Although I just installed March 2021 kb4578955 v2 without issue. Yeah I know it’s not a NET security update but has the security within AFAIK (Originally from an image at EOL Feb 2020)
this is what I done from EOL image resurrection:

SSU Jul 2020 ( manual restart)
ESU LLP Jul 2020 (manual restart)
SSU Dec 2020 (manual restart)
SMQR CU Feb 2021 (double restart)
.NET Oct 2020 kb4578955 Failed
.NET Mar 2021 kb4578955 v2 (manual restart)
All ok with no violations

Edit: All .NET 3.5.1 patches installed also.

| Quality over Quantity |

• This reply was modified 3 months, 3 weeks ago by Microfix.

Reply | Quote

[abbodi86]

Like i said, SSUs has no affect on .NET 4.x updates at all 🙂

regarding the failed installation, it’s digital signature issue, thus they created v2

see the “Known issues”
http://support.microsoft.com/kb/4578955

2 users thanked author for this post.

Microfix, PKCano

Reply | Quote

[Microfix]

Yeah, no SSU or dotNET updates this month 🙂
Although kb4601275 (?) is there..no documentation yet

| Quality over Quantity |

Reply | Quote

[EP]

KB4601275 appears to be a standalone timezone patch of some sort (I checked the contents of a KB4601275 cab file and has a bunch of timezones.resources manifest files)

no need to install KB4601275

• This reply was modified 3 months, 3 weeks ago by EP.

2 users thanked author for this post.

Microfix, abbodi86

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on April 13, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There was no April IE11 CU for Win7.

April Rollup KB5001335 Download 32-bit or 64-bit. for those with Win7 ESU subscriptions.

You must have at least the August Servicing Stack KB4570673 previously installed to receive these updates).
The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There were no new .NET updates listed for Win7. See #2357362.

There is a Time Zone Change update for The Republic of South Africa and Sudan KB4601275 for Win7 and Win8.1 if you want to install it.

6 users thanked author for this post.

byteme, jburk07, unleashed, Microfix, SueW, abbodi86

Reply | Quote

[PKCano]

Here’s your .NET for April, 2021. There were no new .NET updates for April, 2021.

There were metadata (only) changes to the following  Security-only .NET updates. You do not have to reinstall the updates.

+ 2020-05 Security Only Rollup KB4556403 (.NET 4.5.2-4.8)
KB4552952 (.NET 4.5.2), KB4552951 (.NET 4.6-4.7.2), and KB4552953 (.NET 4.8)
+ 2020-07 Security Only Rollup KB4566466 (.NET 4.5.2-4.8)
KB4565583 (.NET 4.5.2), KB4565586 (.NET 4.6-4.7.2), and KB4565589 (.NET 4.8)
+ 2020-08 Security Only Rollup KB4570500 (.NET 4.5.2-4.8)
KB4569743 (.NET 4.5.2), KB4569740(.NET 4.6), and KB4569733 (.NET 4.8)
+ 2020-09 Security Only Update  KB4576490 (.NET 4.8)
+ 2020-10 Security Only Rollup KB4580467 (.NET 4.5.2-4.8)
KB4578983 (.NET 4.5.2), KB4578987 (.NET 4.6), and KB4578990 (.NET 4.8)
+ 2021-02 Security Only Rollup KB4602958 (.NET 4.5.2-4.8)
KB4601090 (.NET 4.6-4.7.2), and KB4601089 (.NET 4.8)

4 users thanked author for this post.

jburk07, Microfix, unleashed, abbodi86

Reply | Quote

[Microfix]

Noticed both aitstatic (Application Impact Telemetry Static Analyzer) and CompatTelRunner were updated with kb5001335 SMQR. Due to the nature of the bypass script, it may be something to monitor/ check for those who do not use it.
Otherwise, seems like a a clockwork update so far.
No errors in event viewer and SFC post patch output below:

Will update should anything go south, west ot otherwise, generally too early to commit..

aitAgent, aitstatic and CompatTelRunner are already on the firewall outgoing blocklist here, as a secondary precaution.

UPDATE: nothing to report, all good here 🙂

| Quality over Quantity |

• This reply was modified 3 months, 3 weeks ago by Microfix.
• This reply was modified 3 months, 1 week ago by Microfix.

1 user thanked author for this post.

jburk07

Reply | Quote

[Microfix]

Those using .NET <4.8, you want to read this post as a warning:
Various .NET End of Service Date

| Quality over Quantity |

3 users thanked author for this post.

jburk07, SueW, abbodi86

Reply | Quote

[Microfix]

Reminder: This post is Important if you are upgrading from a previous version of .NET using the SMQR updates.

(NOTE: Applies to all Win7 ESU users whether using the bypass or not)

PKCano wrote:

Here’s your .NET for March, 2021. There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
NOTE: Updates for v3.5.1 are older (Oct 2020) and should already be installed.
Updates for v5.2,  v4.6 – 4.7.2 and v4.8 have been re-signed as version 2 and should be installed.

.NET Quality Rollup KB4579977 (2020-10)
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 v2
.NET 4.6 – 4.7.2 KB4578963 v2
.NET 4.8 KB4578977 v2

.Net Quality Rollup KB4603002 (2021-02)
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 v2
.NET 4.6 = 4.7.2 KB4600945 v2
.NET 4.8 KB4600944 v2

| Quality over Quantity |

Reply | Quote

[Alex5723]

Microfix wrote:

Those using .NET <4.8, you want to read this post as a warning:
Various .NET End of Service Date

No rush. There is another year (April 2022) before EOL.

Reply | Quote

[EP]

though at least .NET 4.6.2 will be the minimum .NET version supported beyond April 22

Reply | Quote

[anonymous]

DEFCON 4!  Time to install KB5001335 using W7ESUI.

I just installed it on two Win 7,  SP 1,  x64 machines.

Reply | Quote

[Moonbear]

kb5001335 installed smoothly. (including a double restart.)

System is running fine.

Something I did notice though, the 2 restore points created by the installation are labeled Windows Module Installer instead of Windows Update.

Is this because of the ESU script?

Reply | Quote

[abbodi86]

Yes, Dism.exe = Windows Module Installer

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

Which means its been showing up that way since last year.

This is what happens when i skip my morning coffee.

Reply | Quote

[Moonbear]

One more question if I may, can the Windows Server version of a patch be installed on a normal Windows system?

And, if it was installed on a non-server how could you tell?

Do server patches even work with the ESU script?

(For context, after I asked my question about the Windows Module Installer restore points, I began to wonder if I had managed to download and install the wrong version of the patch before you answered me @abbodi86 I don’t still think I did this, now I’m just curious.)

Reply | Quote

[abbodi86]

Update files (monthly rollup or security only) are the same for Server 2008 R2 x64 and Win7 x64 and Win 7 Embedded x64

except few old specific updates for each

1 user thanked author for this post.

Moonbear

Reply | Quote

[Moonbear]

I didn’t know the files were the same.

I knew the rollups were the same size but I never really thought about why that might be.

Thanks again.

Reply | Quote

[joao_h]

Hi all

Updated my win7 until jan2020 (i’m almost a year and half late…) and was trying to use the W7ESUI script to update from there.

When I run the initial command I get options 1, and E, but not D… Though it  allows me to go on with february 2020 patches but then i get the error 0x80004005 at the end  (dism log and screenshot attached).

Does anyone have any ideas about what to do?

Thanks a LOT to the author of W7ESUI

Reply | Quote

[PKCano]

To make the script work (instructions in at top of thread):
+ Create a folder (best in the root of C:
+ Add the downloaded .zip file and expand it.
+ Add the Rollup, and you will also need the Servicing Stack Update, to that folder.
+ Right click on the .cmd file and choose “Run as Administrator”
+ Choose “0” to run the sctipt – and WAIT (it takes a while).

 

See #2357353 for some information about prerequisites. (Just ignore the “for people with ESU”)
Also, the .NET updates have to be treated differently, put in a different folder, and use a different script. The instructions are in the top Post on this thread.

1 user thanked author for this post.

joao_h

Reply | Quote

[joao_h]

“+ Add the Rollup, and you will also need the Servicing Stack Update, to that folder.”

I thought I should install the Servicing Stack Update that the script was asking for, instead of just adding it to the folder. IDK if it is that action that caused the successive 0x80004005 errors,

I tried to rollback/restore the system to previous points but now there is a BIG mess.  the “view update history” shows the last updates but the installed updates does not show them at all (see screenshots).

Already run update troubleshooter but to no avail. Any recommendations?

Reply | Quote

[PKCano]

You don’t seem to have success using whatever you are doing.

I’ve been using the method above for 1 1/2 years on 6 Win7 machines. since Win7 went EOL without any problems or error codes.
In addition to helping a lot of people here do the same.

My suggestion would be to follow the instructions in the top post, which are the same as above. You don’t need the ESU stuff (license, prep pack). The rest of the links are in #2357353 except for the latest SHA-2 update (KB4474419) released September 10, 2019, which is also a prerequisite. The computer should be up to date as of Jan Patch Tuesday. The Prerequisites are listed in the MS Support Pages for the latest Rollup KB5001335 if you want to be sure you are not missing some of them. After the prereqs are installed, you will only need the latest Rollup (it’s cumulative) and latest SSU.
Only the .NET  installer (.msu file) goes in that folder. The .NET updates (.exe files) do not belong in the same folder – they require the other script mentioned in the top post.

Reply | Quote

[MikeL]

Hello and Greetings to all,

First I would Like to show appreciation to abbodi86 for the W7ESUI script. Many thanks.

I do have a question the Script left some temp files on one of my drives and i would like to know if it’s ok to delete them and any others left after installations are finished? It usually deletes the folders but some have been missed and I was wondering if there is a reason for this?

Again Thanks for the script!!!!

Reply | Quote

[PKCano]

Could you tell us the name of the folder and contents? And the Path would be helpful too.
And the path to the folder you ran the script from?

Reply | Quote

[MikeL]

I have my user folders in a drive other than the C Drive
The path I have been installing from: F:UsersEaglecomanderDownloads-Win 7 ESU
The Path and name of the first folder: F:W7ESUItemp_4301 and inside that folder is a Folder named Windows6.1-KB4592510-x64 and inside that is a file named x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.24563_none_0bb911db3ed3f553.manifest
The Path and name of the first folder: F:W7ESUItemp_13364 and inside that folder is three Folders (See screenshot 1). 1st folders name is 201E78BA-F422-45A9-8B80-39561070AA4D (It has a lock icon on it) and contents are 1 folder named en-US and several files (See Screenshot2) contents of Folder en-US are shown in screenshot 3. 2nd folders name is 0870618B-7276-4673-B7FA-EC4B0EC1550F and it doesn’t have any contents. 3rd folders name is Windows6.1-KB4592510-x64 and it has 2 folders and numerous files (See screenshot 4) contents of folder amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.24563_none_67d7ad5ef7316689 are (See screenshot 5) and contents of folder x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.24563_none_0bb911db3ed3f553 are (See Screenshot 6)

 

Reply | Quote

[PKCano]

The installation has nothing to do with your User folders.
The .msu files for the Rollups and the SSUs contain .cab files. You do not extract anything in the update files.

If you want this to work, please follow the instructions.
To make the script work (instructions in at top of thread):
+ Create a folder (best in the root of the system drive C:) See screenshot above)
+ Add the downloaded W7ESUI_0.3.zip file and expand it. (see screenshot above)
+ Add the Rollup (.msu file), and you will also need the Servicing Stack Update, (.msu file) to that folder. (Do not expand them, the installation script does that)
+ Right click on the W7ESUI.cmd file and choose “Run as Administrator”
+ Choose “0” to run the sctipt – and WAIT (it takes a while).
+ Restart your computer.

When you log in again, you can delete the .msu files if the updates installed. The script cleans up the .cab files and they are no longer there. If you leave the folder on the C: drive with the extracted W7ESUI_0.3.zip, it will make it easier next month.
You use this same procedure to install any .msu files.

1 user thanked author for this post.

abbodi86

Reply | Quote

[MikeL]

The updates were already installed I just think these were left over for some reason. I had to restore my computer from an older image and did all the updates after all the updates were done I found those Temp file folders on my F user drive I just want to know if I can delete them since the updates are already installed and I have rstarted numerous times I probably should have found them earlier. So since I have restarted since these folders were made would it be safe for me to delete all three?

Again thanks for the script it has worked flawlessly and I have been using it since you first posted it and this is the first time I found any left overs. When the cab files were unpacked they were saved in the root of my F drive and thats the first time it ever did that or at least the first time it didn’t delete the temp files/folders.

And I think you deserve a great big hurrah for making that script.

Reply | Quote

[PKCano]

You don’t need the .cab files if the updates are installed. You can delete those.
I suspect that if you had installed from the C: drive, those would have been deleted by the script.

Each Patch Tuesday, I publish the Win7 information in this thread (like #2357353 and the .NET information below it) and on the main Blog under the Patch Tuesday post. The direct Catalog download links are included to make it easier.

BTW, @abbodi86 and the gurus on MDL are responsible for this workaround.
I’m just the helper here at AskWoody.

1 user thanked author for this post.

MikeL

Reply | Quote

[MikeL]

I’ve been installing from my F:UsersEaglecomanderDownloads-Win 7 ESU for the past year and it has always deleted everything before. I wonder if it was because I installed 3 months of updates one right after the other (After restarting of course). Thanks for the info and the Script!

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on May 11, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There is a May IE11 CU KB5003165 for Win7. Download 32-bit or 64-bit.

May Rollup KB5003233 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

You must have at least the August 2020 Servicing Stack KB4570673 previously installed to receive these updates).

The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2364213.

6 users thanked author for this post.

byteme, MrChaz, Microfix, abbodi86, pandarunnerpt, SueW

Reply | Quote

[PKCano]

Here’s your .NET for May, 2021 . There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.

.NET Quality Rollup KB5001878
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.6 – 4.7.2 KB5001848
.NET 4.8 KB5001843

Correction: My mistake. .NET 3.5.1 KB4578952 was issued in Oct 2020 and should already be installed.

9 users thanked author for this post.

byteme, jburk07, Moonbear, MrChaz, zat_so, SueW, Microfix, abbodi86, pandarunnerpt

Reply | Quote

[anonymous]

Thank you.

Reply | Quote

[Moonbear]

Does v2 of kb4578952 need to be installed if v1 already has been?

Or is v2 only metadata?

Reply | Quote

[abbodi86]

v2 is for ndp45-kb4578955-v2
it’s not needed if v1 is installed, or you have .NET 4.6 or later

2 users thanked author for this post.

jburk07, Moonbear

Reply | Quote

[Microfix]

Test Win7 Pro x86 (ESUb)imaged prior to installation.
SMQR = kb5003233 (May 2021 CU)
Smooth installation, no issues via Event Viewer,
Nothing re-activated in ‘Data Collector Sets’
Canon Pixma local printer working as intended.
SFC check as below:

Any issues encountered will be added here..tbc

| Quality over Quantity |

3 users thanked author for this post.

jburk07, MrChaz, abbodi86

Reply | Quote

[MrChaz]

Missed March and April’s ESU patches which entailed a double restart when May’s patch was installed. No issues here whatsoever. Thank you again abbodi86

illegitimi Non Carborundum

Reply | Quote

[pandarunnerpt]

Installed April rollup kb5001335 using W7ESUI 0.3 on a Windows 7 Pro 64bit SP1.

Had installed .NET 4578977 v.2 and 4600944 v.2 previously with no problems at all (manual restart) but skipped the March rollup to avoid the printer issue.

Kb5001335 caused my computer to repeatedly and quickly fluctuate CPU from 10 to 45% or so (when it usually runs under 5%). I rebooted twice  restarted completely twice but it didn’t settle down. Finding no other reason save the April rollup, I uninstalled it. Now all is back to normal.

Win 7 Professional, 64 bit, was Defiantly Group B, but installed 0Patch and needed to become group A to comply.

1 user thanked author for this post.

jburk07

Reply | Quote

[pandarunnerpt]

Oh, I see my signature – I was group B I am no longer, since installing 0Patch  a year + ago I’ve been group A.

Win 7 Professional, 64 bit, was Defiantly Group B, but installed 0Patch and needed to become group A to comply.

Reply | Quote

[Alex5723]

pandarunnerpt wrote:

since installing 0Patch  a year + ago I’ve been group A.

Since you installed 0Patch (Pro?) you should be Group 0P. No need of any of Microsoft updates, A or B.

Reply | Quote

[pandarunnerpt]

Alex5723 wrote:

pandarunnerpt wrote:

since installing 0Patch  a year + ago I’ve been group A.

Since you installed 0Patch (Pro?) you should be Group 0P. No need of any of Microsoft updates, A or B.

I do have 0Patch Pro and have continued with group A  based on this info from opatch:

“As long as original vendor’s security updates are available and free, we recommend applying them as quickly as you can. Monthly Windows Updates, as well as any other software product’s updates, often include fixes for vulnerabilities we don’t have micropatches for…” https://0patch.zendesk.com/hc/en-us/articles/360018988493-Can-0patch-be-used-as-a-substitute-for-Windows-Updates-

I was hoping that I was better covered.

Win 7 Professional, 64 bit, was Defiantly Group B, but installed 0Patch and needed to become group A to comply.

1 user thanked author for this post.

Alex5723

Reply | Quote

[Moonbear]

KB5003233 and KB5001848 installed with no issue and system is running fine.

I tried to install KB4578952 but it was not detected by the ESU script even though it was in the same folder as KB5003233,

1 user thanked author for this post.

jburk07

Reply | Quote

[abbodi86]

KB4578952 is released in October 2020, it should already be installed since then

2 users thanked author for this post.

jburk07, Moonbear

Reply | Quote

[Moonbear]

KB4578952 was installed in October

I mistakenly thought the KB4578952 that’s part of KB5001878 was a replacement for the original.

Thanks again

Reply | Quote

[PKCano]

Ooops. See correction in #2364213 above.

3 users thanked author for this post.

jburk07, abbodi86, Moonbear

Reply | Quote

[anonymous]

I am very confused because PKCano made this entry in #2364213.
.NET 3.5.1 KB4578952 v2 non-security, install v2 (Other ver. updated to v2 in March)
Based on this message I thought KB4578952 v2 needed tobe installed. Note the entry says there was an update to v2 in March.
The version installed on my machines is dated October 2020, as you say it should be. Since W7ESUI was giving me the message “All applicable updates are installed” I was about to uninstall it and install this new v2.
Thank goodness I saw your message. Now I am confident in leaving KB4578952 dated October 2020 installed.

Reply | Quote

[anonymous]

DEFCON 4!  Time to install May updates.

using DOTNETFX4 for

.NET Framework 4.8 – KB5001843

and W7ESUI for

Windows Monthly Rollup – KB5003233

I installed these updates on two Win 7,  SP 1,  x64 machines.

 

1 user thanked author for this post.

jburk07

Reply | Quote

[glnz]

I turned on a Win 7 Pro 64-bit desktop that was out of service since January, and I used the techniques here to install ONLY

KB5003233 for Win 7 64-bit and
KB4600944v2 for .NET 4.8

I did not install updates that came out between January and these, hoping that these are cumulative.

1. So, am I OK?
2. Is KB4600944v2 the last good update for .NET 4.8?

Thanks!

Reply | Quote

[PKCano]

You should have the SSU from Dec 2020 already installed (?)

Reply | Quote

[glnz]

PKCano – You wrote “You should have the SSU from Dec 2020 already installed (?)”

What is its KB?

Thanks.

Reply | Quote

[RDRguy]

It’s KB4592510

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

Reply | Quote

[PKCano]

See #2364212 above.
The current information is posted on this thread every month on Patch Tuesday. Check back next week on the 8th for June updates.

Reply | Quote

[abbodi86]

Yes
although, you could install latest .NET 4.8 update KB5001843, but it’s non-security update

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on June 8, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There was a June IE11 CU KB5003636 for Win7. Download 32-bit or 64-bit.

June Rollup  KB5003667 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

You must have at least the August 2020 Servicing Stack KB4570673 previously installed to receive these updates).

The latest is the December Servicing Stack KB4592510 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2369921.

8 users thanked author for this post.

byteme, TaskForce141, Pim, jburk07, Moonbear, abbodi86, Microfix, SueW

Reply | Quote

[PKCano]

Here’s your .NET for June, 2021. There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
There were only updates for .NET 4.6-4.7.2 and 4.8
The other updates in the Rollups are older and should already be installed.

.NET Quality Rollup KB5003779
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 (Oct 2020)
.NET 4.6 – 4.7.2 KB5003547
.NET 4.8 KB5003543

7 users thanked author for this post.

byteme, TaskForce141, jburk07, Pim, SueW, Moonbear, abbodi86

Reply | Quote

[anonymous]

I think there is a typo here.  Microsoft Update Catalog shows KB5003543 as the June, 2021 .NET 4.8 Rollup,  not KB5004543.

3 users thanked author for this post.

Microfix, Pim, SueW

Reply | Quote

[PKCano]

Yes, both 4.6-4.7.2 and 4.8 corrected to 35. Thanks.

2 users thanked author for this post.

Pim, SueW

Reply | Quote

[Microfix]

PKCano wrote:

There is a Security-only Update for those with Win7 ESU subscriptions.
There was no/a June IE11 CU KBxxxxxxx for Win7. Download 32-bit or 64-bit

KB5003636 for IE not included?

MSRC Number: n/a
MSRC severity: Critical
KB article numbers: 5003636
More information:
https://support.microsoft.com/help/5003636

| Quality over Quantity |

Reply | Quote

[PKCano]

Can you not read?

PKCano wrote:

Under construction……….

It’s not finished yet. MS still hasn’t published the June History page

Reply | Quote

[JimBean]

Hi,

Win7 HP x64, W7ESUI_0.2

Installed;

• Apr – Jun 2021 SO updates (KB 5001392, KB 5003228, KB 5003694)
• Jun 2021 (IE11) – KB 5003636

No problems to report.

Thanks,all.

3 users thanked author for this post.

Microfix, TaskForce141, SueW

Reply | Quote

[MrChaz]

Installed June rollup kb5003667 using the script last weekend and no issues to report, all working well here 🙂

illegitimi Non Carborundum

3 users thanked author for this post.

jburk07, Microfix, TaskForce141

Reply | Quote

[anonymous]

Thank you for reporting no issues with June rollup kb5003667

Reply | Quote

[anonymous]

DEFCON 4!  Time to install June updates.

using DOTNETFX4 for

.NET Framework 4.8 – KB5003543

and W7ESUI for

Windows Monthly Rollup – KB5003887

I installed these updates on two Win 7,  SP 1,  x64 machines.

1 user thanked author for this post.

jburk07

Reply | Quote

[A1ex]

Can’t find KB5003887 in the Widows Update Catalogue.
Did you mean KB5003667?

A1ex

Reply | Quote

[anonymous]

Ooooops, my bad.  Yes the correct Windows Monthly Rollup KB is KB5003667.

Sorry.

 

Reply | Quote

[glnz]

I might have fallen behind in my updates for .NET 4.8 on my old Win 7 Pro 64-bit production machine.  The last ones I installed using the methods here were in late February — KB 4597254 and KB 4600944.

Which ones have I missed that should now be installed under DefCon 4?

Thanks.

Reply | Quote

[PKCano]

Scroll up.
There is a .NET entry just below the monthly information entry each month. Start here.
The information is there.
I don’t think there have been any security contents in the .Net updates since Feb.

Reply | Quote

[glnz]

PKCano – Thanks.  Looks like the latest .NET 4.8 (after my prior) is KB5003543.

Now, I had also downloaded but not yet installed KB5001843 – should I install that one first or just skip to KB5003543 ?

Reply | Quote

[PKCano]

I’d put both in the folder. Can’t hurt.
If both are needed, they will install. If not, the one needed will install.

Reply | Quote

[abbodi86]

July updates are released 1 week earlier

2021-07 Security Monthly Quality Rollup for Windows 7 (KB5004953)
2021-07 Security Only Quality Update for Windows 7 (KB5004951)

Edit:
false alarm, they are Out of Band
https://docs.microsoft.com/en-us/windows/release-health/windows-message-center#1646

couldn’t they just release small separate update instead?

1 user thanked author for this post.

PKCano

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on July 6, 2021. A Monthly Rollup and Security-only Out-of-band have been released to address the Print spooler exploit (PrintNightmare).

There is a Security-only Update for those with Win7 ESU subscriptions.

2 users thanked author for this post.

SueW, abbodi86

Reply | Quote

[abbodi86]

I guess the entry should say (Out-of-band), not (Monthly Rollup Out-of-band)

Reply | Quote

[PKCano]

Repeating what’s on the Win7 history page – says “(Monthly Rollup) Out-of-band” 🙂

Support pages aren’t up yet as of this post.

Reply | Quote

[abbodi86]

I ment that AKB 2000003 is for Security-only updates 🙂

KB5004951 s a security only update (replace June update KB5003694)

1 user thanked author for this post.

SueW

Reply | Quote

[PKCano]

OK, SO was linked, wording wrong. Fixed. Thanks.

2 users thanked author for this post.

abbodi86, SueW

Reply | Quote

[glnz]

Question about this out-of-band “July 6, 2021—KB5004951 (Security-only update) Out-of-band” —

In my wife’s mini-office, we have two Win 7 Pro 64-bit PCs that I keep updated with the techniques here (and thanks again).  We also have an HP OfficeJet Pro 8600 All in One that the PCs connect to on the LAN.  Do I need to install this KB5004951 out-of-band rush that deals with this “exploit in the Windows Print Spooler service, known as PrintNightmare” because the exploit is serious, or should I wait for DefCon 4 for the next monthly updates (as I usually do)?

Reply | Quote

[abbodi86]

I think the exploit mainly affect Print servers

Reply | Quote

[Paul T]

Windows 7 is not affected as far as we know – this may change.
Home users are not targeted as far as we know – this may change.

Keep an eye on the home page for updates.

cheers, Paul

1 user thanked author for this post.

glnz

Reply | Quote

[MrChaz]

Think I’m going to hang off untill the July week B patch is released.

illegitimi Non Carborundum

Reply | Quote

[MrChaz]

From my experience for July patches, installed SSU kb5004378 and Monthly Rollup kb5004289 using the bypass method. Restarted then installed Net4.8 kb5004116 using the slc redirection method. No problems to report since installation on the 15th july, all working well here, long live Windows 7!

illegitimi Non Carborundum

1 user thanked author for this post.

jburk07

Reply | Quote

[PKCano]

AKB 2000003 has been updated for Group B Win7 (ESU) and Win8.1 on July 13, 2021.

There is a Security-only Update for those with Win7 ESU subscriptions.
There is a July IE11 CU KB5004233 for Win7. Download 32-2it or 64-bit.

July Rollup KB5004289 Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

You must have at least the August 2020 Servicing Stack KB4570673 previously installed to receive these updates).

Note: There is a new July Servicing Stack KB5004378 – Download 32-bit or 64-bit for those with Win7 ESU subscriptions.

There is a revised Licensing Preparation Package KB4575903 dated 7/29/2020 for Win7 ESU subscriptions, if you need it.

There are .NET updates listed for Win7. See #2377439.

7 users thanked author for this post.

byteme, jburk07, MrChaz, RDRguy, abbodi86, Microfix, SueW

Reply | Quote

[PKCano]

Here’s your .NET for July, 2021. There were no Security-only .NET updates.

Download only the update for the version(s) installed on your PC.
There were only updates for .NET 4.6-4-7-2 and 4.8
The other updates in the Rollups are older and should already be installed.

.NET Quality Rollup KB5004229
.NET 3.5.1 KB4578952 (Oct 2020)
.NET 4.5.2 KB4578955 (Oct 2020)
.NET 4.6 – 4.7.2 KB5004120
.NET 4.8 KB5004116

8 users thanked author for this post.

byteme, jburk07, glnz, MrChaz, RDRguy, abbodi86, SueW, Microfix

Reply | Quote

[anonymous]

Are you saying July Serving Stack KB5004673 should be installed only if I have a Win7 ESU subscription,  and if I do not have a Win7 ESU subscription I should NOT install July Serving Stack KB5004673 using WIN7ESUI?

 

Reply | Quote

[PKCano]

Ignore the ESU part (everything says ESU). Install the Servicing Stack the same way you install the Rollup or SO (put it in the same folder). You don’t need the ESU if you are using this method.

Reply | Quote

[RDRguy]

I suspect you meant to say … “KB5004378” not … “KB5004673” {this doesn’t exist}

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

Reply | Quote

[anonymous]

You are correct.  I saw the error as soon as it was posted,  but could not figure out how to make a correction.

Reply | Quote

[Moonbear]

All July updates installed with no issues.

2 users thanked author for this post.

SueW, jburk07

Reply | Quote

[EricB]

Although the July 2021 Rollup (KB5004289) installed without issues the script would not install the July 2021 Servicing Stack (KB5004378).  First attempt was with the Rollup and it was ignored.  Second attempt was separately and the script did not seem to recognize it.

My mistake.  I forgot that I previously installed the July SSU after the June 2021 Rollup.

Reply | Quote

[anonymous]

DEFCON 4!  Time to install July updates.

using DOTNETFX4 for

.NET Framework 4.8 – KB5004116

and W7ESUI for

Windows Monthly Rollup – KB5004289

Service Stack Update – KB5004378

I installed these updates on two Win 7,  SP 1,  x64 machines.

P.S. Chrome would not download from Microsoft Update Catalog.  Is anyone else having this problem with Chrome?  Does anyone know what the problem is/how to fix the problem?

 

1 user thanked author for this post.

jburk07

Reply | Quote

[PKCano]

Go to the Microsoft site instead of the Catalog. There is a page specifically for Chromium Edge.

https://www.microsoft.com/en-us/edge

1 user thanked author for this post.

jburk07

Reply | Quote

[anonymous]

The name is in the link – Edge.  All see there is ads for, hype about,  and links for downloading,  Edge.

Reply | Quote

[Author]

Posts