Standalone installer script for Windows 7 ESU, regardless the license

[abbodi86]

# W7ESUI #

Automated batch script to install Windows 7 Extended Security Updates, regardless the ESU license and without requiring any eligibility check bypass.

* Pros:

– Process the updates from one same location

– Detect and install servicing stack update first

– Check required stack installer version for each update

– Include the Telemetry neutralize tweaks

– Works with Group A: Monthly Quality Rollup, or Group B: Security Only update / IE11 cumulative update

* Limitations:

– SHA2 support updates KB4490628 and KB4474419 must be already installed beforehand.

– The script is specifically designed to process ESU updates only.

while it still can install regular updates, but it has no specific checks or conditions for their prerequisites
regular updates should be installed normally, manually, using Windows Update, or other tools

– You must always use the script for any future ESU updates, you cannot install them manually afterwards

* Download:

https://github.com/abbodi1406/WHD/raw/master/scripts/W7ESUI_0.1.zip

* How to use on live OS:

– Download the ESU updates msu files from Microsoft Update Catalog, following history page or AskWoody Knowledge Base

a) if you are Group A user, you need:
latest Servicing Stack Update
latest Security Monthly Rollup
latest .NET rollup

b) if you are Group B user, you need:
latest Servicing Stack Update
latest IE11 Cumulative Update
Security Only Update for each month (e.g. February and March together)
every .NET Security Only Update (if any)

– Extract W7ESUI.cmd from the zip file, or extract the whole zip file

– Copy or move W7ESUI.cmd and place it next to the downloaded msu files
ini file W7ESUI.ini is not really necessary in this case

– Right-click on W7ESUI.cmd and “Run as administrator”

– If all goes well, you should get cmd window similar to this:

– Now press the zero 0 number on keyboard to start the process

– At the end, restart the system if prompted

See ReadMe.txt for more details, and how to use the script for offline integration.

• This topic was modified 2 weeks ago by abbodi86.

Attachments:

You must be logged in to access attached files.

Total of 26 users thanked author for this post. Here are last 20 listed.

paintgregg, maisy2, byteme, JCCWsusser, AusJohn, deuce120, davinci953, pandarunnerpt, SueW, sr1515, liamZ, Sinclair, E Pericoloso Sporgersi, RDRguy, alpha128, lanceboil, italiangm, ch100, Moonbear, Cybertooth

[jabeattyauditor]

Woody, you’re on board with this?

3 users thanked author for this post.

lanceboil, b, woody

[woody]

Yep. 100%.

9 users thanked author for this post.

Moonbear, JCCWsusser, pandarunnerpt, SueW, Kranium, RDRguy, lanceboil, SilenceIsG0lden, Pim

[Pim]

Just out of curiosity: why? My reason for asking: I have seen other contributors on AskWoody claiming this is illegal.

I myself take a practical approach: I have lost so very many hours (> 100) because of Microsoft’s absence of client focus that I honestly do not care whether it is illegal (normally I do). One example: only informing that Ultimate is also covered by ESU in late November which caused me much stress trying to get my systems on Windows 10 in the months before November 2019, which failed, because of a lack of time and energy on my part caused by insufficient health.

ASRock Beebox J3160 - Win7 Ultimate x64
Asus VivoPC VC62B - Win7 Ultimate x64
Dell Latitude E6430 - Win7 Ultimate x64
Dell Latitude XT3 - Vista Ultimate x86 (still...)
Gigabyte GA-H110M-HD3 DDR3 - Win10 Pro 1809 x64

1 user thanked author for this post.

PerthMike

[Susan Bradley]

Does it violate licenses and eulas….. yes …but my morals are slipping.  We are in unusual times where people are using Win7’s to remote in from home.  I’ve sent an email to Satya to ask him to open up 7 patching for all given the circumstances.

Susan Bradley Patch Lady

18 users thanked author for this post.

Moonbear, Ulti P. Uzer, Pim, PerthMike, abbodi86, pandarunnerpt, SueW, rontpxz81, Bluetrix, woody, RDRguy, jburk07, satrow, Seff, ch100, KWGuy, SilenceIsG0lden, Melvin

[woody]

I don’t feel so guilty. 🙂

Don’t know of any specific EULA or license that says you can’t use freely available patches on a licensed copy of Win7….

Playing devil’s advocate, of course.

10 users thanked author for this post.

Moonbear, abbodi86, Ulti P. Uzer, Pim, PerthMike, GoneToPlaid, SueW, Kranium, Elly, Bluetrix

[Ulti P. Uzer]

@Woody, with this development, I hope you didn’t buy a ESU license for 7 Semper Fi. Are you still using that machine? I also know personally that abbodi86’s other script that brings 7 ESUs through WU also works magnificently.

[KWGuy]

Every time I think I’ve found a way to outsmart Mother Microsoft re: updating, it usually backfires…or at least causes more anxiety and takes more time than it’s worth.

My gut tells me that this unsanctioned (and per SB , a license violation) approach is not a good option.  I acknowledge that I’m a non-techie home user with a less adventurous spirit than most.  I agree, though, that MS should extend traditional W7 patching due to current circumstances.

 

2 users thanked author for this post.

RDRguy, ch100

[Qnu]

KWGuy wrote:

Every time I think I’ve found a way to outsmart Mother Microsoft re: updating, it usually backfires…or at least causes more anxiety and takes more time than it’s worth.

My gut tells me that this unsanctioned (and per SB , a license violation) approach is not a good option.  I acknowledge that I’m a non-techie home user with a less adventurous spirit than most.  I agree, though, that MS should extend traditional W7 patching due to current circumstances.

 

Here’s my take on this: MS does not give me, a private user, the option to even buy these updates. How am I supposed to feel guilt for something I can not buy. I just want to use the latest updates that are available and I would be willing to pay. But MS does not allow a way for me to buy ESU. What am I supposed to do?

[b]

Qnu wrote:

How am I supposed to feel guilt for something I can not buy.

There are many things in this world which a private person cannot buy, but it doesn’t give anyone a right to steal them.

Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

[anonymous]

When the instructions say to put W7ESUI.CMD “next to” the MSU files, does that mean “in the same directory as”?

 

[PKCano]

It means: Put it in the same folder.

2 users thanked author for this post.

Moonbear, Elly

[honx]

if i decide to install february and march group b patches on win7, is there anything to consider about these patches (bugs or anything else)?

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[PKCano]

See this thread for information, especially the note at the top about the Group B patches. And the similar blogpost about the Feb Patch Tues.

There are also notes in AKB2000003.

2 users thanked author for this post.

RDRguy, Elly

[honx]

PKCano wrote:

See this thread for information, especially the note at the top about the Group B patches. And the similar blogpost about the Feb Patch Tues.

There are also notes in AKB2000003.

thx, how can i check, if ssu kb4490628 is installed already? i know i have kb4474419 (because i had to install 3 times kb4474419 last year which i clearly remember) but i can’t find the kb4490628 which is required by march esu patches in windows update (unfortunately there is no search-box in windows update).

and in which order is that new ssu kb4550735 to be installed? after february win7/ie patches?
for example like this?
february kb4537813 (win7)
february kb4537767 (ie)
reboot
ssu kb4550735
( i downloaded the file linked in:
https://www.askwoody.com/forums/topic/initial-impressions-of-patch-tuesday-march-2020/#post-2189166 )
reboot
march kb4541500 (win7)
march kb4540671 (ie)
reboot
office and other non-windows patches
reboot (just to make sure)

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[PKCano]

To see if kb4490628 is installed look in Windows Update. On the lower left corner click on “View installed updates.”
You can sort by any column. Click on the column title to choose the column to sort by. It is a toggle, alternating ascending/descending.
kb4490628 was issued in april 2019, so if you sort by date it will be 3/12/2019 or later. If you sort by title, each category will have the KB number sorted numerically.

3 users thanked author for this post.

honx, Elly, abbodi86

[PKCano]

You can collect the updates and the needed file(s) in one folder.
If you are using @abbodi86 ‘s script, you should follow those instructions.
The Office, MSRT updates are still available through Windows Update for supported versions.

1 user thanked author for this post.

Elly

[honx]

can’t edit my post anymore, so i have to reply: what do i have to deactivate in order to get rid of this diagtrack thingamajigs in march update? (microsoft are now charging for win7 updates and these to purchase patches still contain spyware – i don’t get it…)

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[PKCano]

See AKB2000012.

5 users thanked author for this post.

Sinclair, SilenceIsG0lden, honx, Elly, woody

[anonymous]

Open Windows Update > click on View Update History (in left navigation) > click on the linked Installed Updates > copy & paste the KB number into the top left search field.

That way you don’t have to waste time sorting and searching by date.

Hope I could help.

1 user thanked author for this post.

abbodi86

[honx]

PKCano wrote:

You can collect the updates and the needed file(s) in one folder.
If you are using @abbodi86 ‘s script, you should follow those instructions.
The Office, MSRT updates are still available through Windows Update for supported versions.

so all february, march and that ssu in the same folder and that script takes care about the order and installs also that march ssu at the right time?

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[abbodi86]

Yes

You only need the latest SSU (March KB4550735), and the latest IE11 cumulative (March KB4540671)
in addition to security only update for both February and March

6 users thanked author for this post.

Kranium, RDRguy, honx, Elly, woody, PKCano

[Chriski]

Use 0patch or script installer (no ESU, Win 7 group B through Jan patches) or both?

I installed 0patch(free) after the Jan patches, and it’s been doing fine.

Also use the script installer because more is better and it will enhance things missing from 0patch, or is this 0patch tool probably sufficient?

Thanks for opinions..

C.

2 users thanked author for this post.

rontpxz81, gthomas

[Melvin]

Susan Bradley wrote:

Does it violate licenses and eulas….. yes …but my morals are slipping.  We are in unusual times where people are using Win7’s to remote in from home.  I’ve sent an email to Satya to ask him to open up 7 patching for all given the circumstances.

Yes, considering so many must now work from home, it would be good if Microsoft would step up and open up the ESU for some period of time.  I guess this is most applicable to people who have their “home” computer and until now have only used the IT-supported computers at their work place.

Indeed, I saw a report that bad actor’s may have increased their efforts against homes and home users anticipating increased opportunities in these new circumstances.

Win 7 Pro 64-bit, Office 2010.
Nethermost of the technically literate.

2 users thanked author for this post.

Moonbear, woody

[honx]

abbodi86 wrote:

Yes

You only need the latest SSU (March KB4550735), and the latest IE11 cumulative (March KB4540671)
in addition to security only update for both February and March

thanks, i’ll wait for ms defcon 3 or higher and for some observations by other users here before i try it myself.

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[Geo]

0patch pro is half the price of ESU and is working just fine.  I’m a home premium user .  Getting a number of micro patches lately.

• This reply was modified 2 weeks ago by Geo.
• This reply was modified 2 weeks ago by Geo.

5 users thanked author for this post.

rontpxz81, analogkid, jburk07, RDRguy, woody

[woody]

Reports I’ve seen about 0patch are uniformly positive.

3 users thanked author for this post.

rontpxz81, analogkid, jburk07

[anonymous]

Any known issues using this script on a Kaby Lake (intel 7xxx) box running wufuc ?

[T]

Thank you so much for this, abbodi86. This should tide me over until i figure out what i’m going to do long term, with no option being ideal. However, i am a little concerned implementing it because this violates the EULA and i worry microsoft will start deactivating the product keys of genuine installs and then you’re effectively using a pirate copy. Also, it was my understanding that this workaround had been prevented with the latest SSU.

2 users thanked author for this post.

KWGuy, woody

[woody]

OK. I’ll bite. How does running abbodi86’s script violate the Win7 EULA?

[T]

Oh, does it not? Susan upthread seems to agree that it does. My concern is just what microsoft will do to clamp down on obtaining ESUs for free.

Then again, we’re currently living through a period where so many more people are working from home and win7 still has a huge user base.

• This reply was modified 2 weeks ago by T.

1 user thanked author for this post.

KWGuy

[b]

woody wrote:

How does running abbodi86’s script violate the Win7 EULA?

8. SCOPE OF LICENSE.
You may not
· work around any technical limitations in the software;

Windows 10 Pro Version 2004: Group ASAP (chump/pioneer)

1 user thanked author for this post.

woody

[woody]

I hear ya but… I’m not so sure that applying updates is working around a technical limitation.

For example, I don’t think 0patch patches violate the EULA.

One could make the argument that running any Win7 utility is working around a technical limitation in the software…. antivirus…

6 users thanked author for this post.

jburk07, Ulti P. Uzer, Geo, abbodi86, liamZ, Kranium

[PKCano]

I have just run the script on one of my Win7 Ultimate x64 VMs that was updated through Jan.
There were no problems during the install.
There were two (2) reboots afterward.
Here is the result.

Attachments:

You must be logged in to access attached files.

10 users thanked author for this post.

PerthMike, Bluetrix, Kranium, abbodi86, RDRguy, satrow, T, Elly, Cybertooth, woody

[woody]

Excellent!

2 users thanked author for this post.

RDRguy, Elly

[alkhall]

No file to download, link gives blank page.

[Volume Z]

You’re doing it wrong.

Attachments:

You must be logged in to access attached files.

[ch100]

I think Susan’s assessment and subsequent action – to write to Satya asking for a waiver given the times are appropriate. This is a grey area and open to interpretation either way.

I would like to raise a technical issue though, only for clarification.

This script installs SSU first and the relevant update in the second step.

I was under the impression that this order does not matter anymore, because the SSU released in a specific month actually applies to the update released next month, this being done by Microsoft to avoid past issues. There is still a requirement to update regularly because SSU is not released each month.

Is this true about the SSU order, or is only true for Windows 10 or is not true at all?

3 users thanked author for this post.

woody, PKCano, RDRguy

[abbodi86]

Not really, latest SSU first, is still the correct order
if you installed higher stack installer version, it will take precedence and work for all lower versions

– Check required stack installer version for each update

if an update require higher SSU, the script will show error message and skip it

and that’s why for manual installation of ESU updates, you should only download and use latest SSU, even if current updates require previous SSU

8 users thanked author for this post.

georgea, Ed, SueW, KWGuy, alpha128, woody, PKCano, ch100

[ch100]

@abbodi86
My comment was more in relation to this (hypothetical) scenario:

– SSU 2020-01 installed
– Patches for 2020-02 are released
– Install 2020-02 CU first (for whatever reason, see below for an example)
– Install 2020-02 SSU

If 2020-02 CU require minimum 2020-01 SSU, then the previous sequence would still work, while not installing the 2020-02 SSU first.

Same would be repeated next month 2020-03 in this example, if 2020-03 CU require as minimum 2020-02 SSU and not 2020-03 SSU.

This may have practical implications when let’s say 2 patches are pushed simultaneously via WSUS or SCCM and they are installed without a reboot between them. This is a very common scenario in fact and I have seen the SSU is not always installed first due to the sequence having other criteria like randomization, which patch is downloaded first from the update server etc.

Ideally the updates should be installed in 2 steps, SSU first, waiting for it to be deployed everywhere and then the CU for the month. But this is not practical or always possible taking in consideration the operational requirements, except for the smallest of environments and as such it is never done in 2 steps.

Note: In WSUS or SCCM which leverages the same WSUS, SSU and CU are always installed separately and not bundled as it is the case for Windows Update.

3 users thanked author for this post.

woody, PKCano, abbodi86

[abbodi86]

Understood 🙂

but like you said, this sequence apply to WU and WSUS

manual installation of updates means to get the latest version of chained updates (SSU, IE11 Cumulative, Monthly Rollup, W10 Cumulative)

5 users thanked author for this post.

KWGuy, alpha128, woody, ch100, PKCano

[Ed]

@abbodi86… “if you installed higher stack installer version, it will take precedence and work for all lower versions”

I’m questioning my reading comprehension level here… If I’m understanding this statement correctly I only need to to install the latest SSU (KB4550735) FIRST and then I would be able to install all updates available since August 2019 on two Group B systems that haven’t been patched since then?

[PKCano]

Put SSU KB4550735, all the Security-only updates, and the latest IE11 CU KB4540671 in the folder with the script. The script will install the SSU first and then the rest of the updates.

Be sure you have SHA2 support updates KB4490628 and KB4474419 already installed beforehand.

[abbodi86]

Yes

[Seff]

Isn’t this all rather academic at the moment? We’re at DefCon 2 for heaven’s sake.

[woody]

It most certainly is academic. But it’s good to have some pioneers leading the way, eh?

(Also absolutely delightful that the old crew is tossing this around.)

2 users thanked author for this post.

cyberSAR, Elly

[alkhall]

Volume Z wrote:

You’re doing it wrong.

Got it, thanks.

[italiangm]

Hello all. Wanted to share experience and ask a question:

Since FEB2020 updates were cleared for installation, I downloaded kb4537767-x64 and kb4537813-x64 msu from Microsoft Update Catalog. Followed the instructions so kindly provided by abbodi86.

Install ran without a hitch. After successful reboot, I opened Windows Update and selected View Update History. KB4537767 and KB4537813 do not appear.

Checked Control Panel > Installed Updates. KB4537767 and KB4537813 were listed there.

Is there a reason why the FEB2020 updates do not appear in View Update History?

2 users thanked author for this post.

RDRguy, zat_so

[PKCano]

italiangm wrote:

Is there a reason why the FEB2020 updates do not appear in View Update History?

Yes, Windows Update History is the history of updates that Windows Update installed. Windows Update didn’t install those updates, you did.  🙂
But to verify that they are installed, they are listed in “Installed Updates.”

6 users thanked author for this post.

SueW, abbodi86, KWGuy, italiangm, RDRguy, Elly

[Volume Z]

Are you telling us that any given Security Only Update is impossible to appear in Update History?

[PKCano]

Security-only updates are not released through Windows Update.
I could be wrong, but I believe that would be the case if you do a manual install.
An exception would be if the SO were released through WU.
I don’t think it shows in Update History, but it does in “Installed Updates.”
Also, if you uninstall an update, it doesn’t disappear from Update History. It is still listed in History at the time/date it was installed (but it is no longer in Installed Updates).

Note: This applies to current updates that MS designated as Rollup and Security-only, not to the prior updates that were designated Updates for Windows and Security Updates for Windows (2016 and before)

• This reply was modified 1 week, 6 days ago by PKCano.

3 users thanked author for this post.

SueW, Elly, RDRguy

[Volume Z]

By thinking, any update installed manually – like any given Security-Only – does not appear in Update History, you’re thinking wrong. It should be easy for you to verify in any Windows 7 installation.

[PKCano]

I only do Rollups. Can you post a screenshot?
I’m certainly open to stand corrected.

[Volume Z]

Sure. 🙂

Attachments:

You must be logged in to access attached files.

1 user thanked author for this post.

RDRguy

[PKCano]

Thanks.
Were those manual installs or using WSUS or one of the installers?

[RDRguy]

@PKC … I’m not sure that’s the case … being Group B since the very beginning, I’ve only manually installed all the monthly SO & IE11 Cum updates downloaded either directly from the MS Update Catalog or AKB2000003 and everyone of them DO appear in the Windows Update History as well as the “Installed Updates” on all of my Win7 systems.

I suspect this may be due to the processes used by @abbodi86’s batch script to incorporate the post ESU Win7 updates into non-ESU Win7 systems.

If so, it’s implementation may not use (or use in the normal way) any or all of the actual Windows Update mechanisms that would normally be used either pre or post ESU to incorporate Win7 updates.

Could/should/would this be changed in a future batch script update … I suspect only @abbodi86 can answer.

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

[PKCano]

Yes, I was under the wrong impression.
Thanks for the correction.

1 user thanked author for this post.

RDRguy

[abbodi86]

Windows Update History show the history of updates installed via WU, or via msu file directly (double-click)
but not if the updates are installed via DISM.exe tool (like the script does)

Update History can be reset/wiped easily, but “Installed Updates” will always show the updates

@RDRguy
Windows Update is more like a GUI front-end for CBS (the actual engine that process updates)
DISM.exe is the CLI front-end for CBS

4 users thanked author for this post.

Elly, jburk07, ch100, RDRguy

[anonymous]

Works for me, after paying attention to abbodi86‘s comments on 20 <span class=”bbp-reply-post-date”>March 2020 at 11:05 am.</span>

Thanks!

[alpha128]

My goodness – this is the greatest thing since sliced bread.  And since the last time I was in a grocery store there was no bread – that makes this the greatest thing going today!

I downloaded the script and installed per your instructions.  I used to it to install the March Servicing Stack update (KB4550735) and 2020-03 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4540688).  As advertised, the servicing stack was installed first, and then the roll-up.

As other users report, these updates did not appear in my Windows Update history, but they do appear when running, e.g., powershell (get-hotfix -id KB4540688).  They also appear as installed updates in Control Panel.

Thank you so much!

4 users thanked author for this post.

jburk07, woody, abbodi86, Cybertooth

[Kranium]

Hey Woody, good on you.

 

Every little bit helps right now.

Group B for WIN7 w/ ESU, plus trying out Linux builds in dual boot.

1 user thanked author for this post.

woody

[Sinclair]

Used this on Windows 7 x64 Home Premium. Everything went well and after two reboots the computer still works. I did it with the network cable pulled. Once everything was done I ran the W10Tel.cmd After another reboot I replugged the network cable. So far so good.

W7 x64 Pro&Home

4 users thanked author for this post.

abbodi86, Kranium, jburk07, woody

[alpha128]

Sinclair wrote:

Used this on Windows 7 x64 Home Premium. Everything went well and after two reboots the computer still works. I did it with the network cable pulled. Once everything was done I ran the W10Tel.cmd After another reboot I replugged the network cable. So far so good.

According to the Pros above, this new script does “Include the Telemetry neutralize tweaks”.  So you may not need W10Tel.cmd any more.

After running the new script on my system I see:

Directory of C:\ProgramData\Microsoft\Diagnosis

File Not Found

Directory of C:\ProgramData\Microsoft\Diagnosis\ETLLogs

11/15/2016 08:00 PM <DIR> .
11/15/2016 08:00 PM <DIR> ..
0 File(s) 0 bytes

Total Files Listed:
0 File(s) 0 bytes

I did previously have files there, but I had stopped them from being updated.  Now they are gone.

4 users thanked author for this post.

SueW, Elly, Sinclair, jburk07

[Sinclair]

This Windows 7 Home Premium x64 Computer installation is from 2009. Still in use every day. It has seen its fair bumbs and bobs along the way.

My Directory of C:\ProgramData\Microsoft\Diagnosis contains

User.dat 16-09-2015 0 kb

and 8 Folders

\AsimovUploader 16-01-2017 empty
\DownloadedScenarios 19-05-2015 empty
\DownloadedSettings 16-01-2017
..cfc.flights.json 04-06-2015 1 kb
..telemetry.ASM-WindowsDefault.json 16-01-2017 11 kb
..telemetry.ASM-WindowsDefault.json.bk 15-09-2015 6 kb
..utc.app.json 16-01-2017 38 kb
..utc.app.json.bk 15-09-2015 22 kb
\ETLLogs\AutoLogger 20-03-2020 empty
\ETLLogs\ShutdownLogger 16-01-2017 empty
\LocalTraceStore 16-01-2017 empty
\Sideload 16-01-2017 empty
\SoftLanding 16-01-2017 access denied
\SoftLandingStage 16-01-2017 access denied

W7 x64 Pro&Home

[anonymous]

Hopefully you have a full system backup and maintain files backup in case Microsoft decides to plug the free patch access hole.

[italiangm]

After using the script on my Win 7 SP1 PC, I noticed a new file named RunOnce_W10_Telemetry_Tasks.cmd on the desktop.

FYI, I did not place MSUs, zip file, or extracted files on the desktop, nor run W7ESUI.cmd from there.

Can I delete RunOnce_W10_Telemetry_Tasks.cmd from the desktop without causing  problems if I run the script in the future?

[abbodi86]

I forgot to mention this, sorry

the script is ment to disable the relevant schedule task after installing Monthly Rolup (they only can be disabled after restart)

therefore, you just need to run it as administrator, it will be self-deleted afterwards
or just delete it

3 users thanked author for this post.

jburk07, liamZ, italiangm

[italiangm]

Right clicked on RunOnce_W10_Telemetry_Tasks.cmd then selected Run as administrator. The process ran and deleted RunOnce_W10_Telemetry_Tasks.cmd at the end as stated. Thanks again!

[Cybertooth]

OK, just to make sure that I understand the process:

Supposing that one installs February’s Security Only patch for Windows 7 by using this script. Come time to install the March updates, would one then manually run the script again?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

[abbodi86]

Yes, placing March Security Only update (and March SSU) next to it

you don’t need to move the February update, the script should detect it as installed and skip it (after extraction)

3 users thanked author for this post.

jburk07, pandarunnerpt, Cybertooth

[anonymous]

Standalone installer script for Windows 7 ESU, regardless the license.
Dowloaded W7ESU1 files and extracted ok . Then downloaded February and March Group B updates

KB4537767  KB4537813  KB1540671  KB1541500 for my Win 7 X64 Pro Laptop and placed in same folder as advised. Script runs fine however after extracting the cab files it telle me I need :

SSU VERSION 6.1.7601.24544
SSU VERSION 6.1.7601.24548

I already have KB4490628 and KB4474419 installed and all Group B security updates up to and including January installed. Advice please.

[PKCano]

Have you been installing the SSUs before EOL?
Try installing KB4536952 Jan SSU manually first before running the script.
Also did you include Mar SSU KB4550735 in the download folder with the script?
You only need the latest IE11 CU b/c they are cumulative.

2 users thanked author for this post.

jburk07, abbodi86

[abbodi86]

You did not have required or latest SSU
you must include KB4550735 in the download folder with the script, or install it yourself

1 user thanked author for this post.

jburk07

[anonymous]

Thank you both for your help. Followed your advice and updates installed OK now. Brilliant!!

1 user thanked author for this post.

jburk07

[pandarunnerpt]

I have been using 0Patch since 11/18/19, my husband about a month after. We both are on Win 7 Professional 64 bit SP1 computers, I am i7 6700, he is i3 4130. We both were group B until January when we had to install the rollups in order to assure that 0Patch would work properly.

Acting as guinea pigs for the 0Patch people on the board, and as per this link from 0Patch saying that it was not an issue to use both 0Patch and ESU at the same time  https://0patch.zendesk.com/hc/en-us/articles/360011192299-Can-I-use-0patch-in-parallel-to-Windows-Extended-Security-Updates–   I installed abbodi86‘s script and then the Feb. Security and IE updates today.

Installation went as described and both of us have had no problems at all.  0Patch is still working as expected, too.

Thank you abbodi86 and thank you everyone in this conversation who made it easier for me to give this a try.

Win 7 Professional, 64 bit, Defiantly Group B

1 user thanked author for this post.

jburk07

[Geo]

0patch put out an email today mentioning  only W7 users who HAVEN’T  taken the ESU  downloads are able to use the 0patch micro-patches .  Mentions they are not compatible with the ESU downloads.  Be interesting if some one with ESU and 0patch are having problems as 0patch is mentioning.

1 user thanked author for this post.

jburk07

[RDRguy]

0patch website FAQ page states they are not needed and won’t be applied but doesn’t state that they’re not compatible and may cause problems in ESU updated systems.

EDITs: typos

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

• This reply was modified 1 week, 4 days ago by RDRguy.
• This reply was modified 1 week, 4 days ago by RDRguy.
• This reply was modified 1 week, 4 days ago by RDRguy.

2 users thanked author for this post.

jburk07, woody

[woody]

I would expect that… it wouldn’t make much sense for 0patch to patch ESU-patched systems, unless a huge zero-day appeared.

2 users thanked author for this post.

RDRguy, jburk07

[anonymous]

Tells me I have to run as administrator even when I right click and do just that.

 

[PKCano]

Are you logged in with a Standard (non-Administrator) ID?

[anonymous]

No, an admin account

[anonymous]

Well it seems that after 3 reboots it is working.  Not sure what was going on.

 

[analogkid]

Downloaded the required W7ESUI and then the Feb SO updates.

I made sure I had the SSU necessary installed which I already did way back when as I did installed the Group Jan update prior to buying 0patch subscription.

Well I thought I would try this new ESL and for me it didnt work. I got the cmd window with all of the same script as pictured but when I hit the zero key nothing happened.

 

Just noticed I needed SSU KB4550735 so I went to the Microsoft Update Catalog and downloaded it.

Must admit, I am kind of lost where to go from here but then I am not computer savvy

"An analog kid in a digital world"

Win7 Ultimate home built desktop

Win 8.1 desktop and two 8.1 laptops

Win 10 Dell desktop (took the plunge)

and two very old home built but working Win XP desktops (not online but use with an old Epsom Photo scanner)

• This reply was modified 1 week, 4 days ago by analogkid.

[PKCano]

analogkid wrote:

I made sure I had the SSU necessary installed which I already did way back when as I did installed the Group Jan update prior to buying 0patch subscription.

You can’t have installed the March SSU back in Jan. SSU KB4550735 was just released Mar. 10th. It needs to be in the folder with the Mar Group B updates KB4541500 SO and KB4540671 IE11 CU.

[analogkid]

OK, so I need to skip the Feb SO updates and instead download the March SO updates instead?

I had just figured I would installed the Feb updates as we are still on DefCon 2 with the March updates.

Thanks PK. I may still have to wait until my IT brother visits  and let him do it so he can show me in person. Who knows how long that will be though

I feel so stupid when it comes to this “stuff”

Also what I meant is that I have installed already the two prior SSU’s. I checked my installed updates just to be sure and they are listed.

"An analog kid in a digital world"

Win7 Ultimate home built desktop

Win 8.1 desktop and two 8.1 laptops

Win 10 Dell desktop (took the plunge)

and two very old home built but working Win XP desktops (not online but use with an old Epsom Photo scanner)

• This reply was modified 1 week, 4 days ago by analogkid.
• This reply was modified 1 week, 4 days ago by analogkid.

[PKCano]

You need the Feb and Mar SO (KB4537813 and KB4541500).
You need the Mar IE11 CU (KB4540671).
You need the Mar SSU KB4550735
All of them in the folder with the script

3 users thanked author for this post.

pandarunnerpt, abbodi86, analogkid

[Elly]

analogkid wrote:

I feel so stupid when it comes to this “stuff”

From a non-techy who is attempting to embrace tech- you aren’t stupid. You are asking questions, learning the terminology, and applying it to your personal situation. Pretty darn smart, if you ask me!

And the more you hang around here, the more you will learn… and the more it will make sense.

Also, the more you know, the better you can converse with your IT brother… if tech can improve your bonding… so much the better!

Just know that if you follow PKCano’s instructions, it will do what you want it to do… always works for me!

Non-techy Win 10 Pro and Linux Mint experimenter

1 user thanked author for this post.

analogkid

[RDRguy]

Finally took the plunge and converted two fully up-to-date non-ESU Win7 “Group B” test systems to “Group A” by first installing KB4534310 (2020-01 Monthly Quality Rollup) then KB4536952 (2020-01 SSU).

After successful reboot, used @abbodi86‘s automated batch script to install the following ESU updates:

2020-02 – KB4537829 (Feb SSU)
2020-03 – KB4550735 (Mar SSU)
2020-02 – KB4537820 (Feb Monthly Quality Rollup)
2020-03 – KB4540688 (Mar Monthly Quality Rollup)

ESU batch script processed both SSUs first then both Monthly Rollups successfully.

After reboot, the installed updates (via the control panel) listed both SSUs & the Mar Rollup as installed. As expected, the Feb Rollup was not installed due to supersession by the Mar Rollup. A subsequent Windows Update found only the March 2020 MSRT.

Afterwards, performed a couple of Windows Update offline scans via the Microsoft Baseline Security Analyzer (MBSA) tool using the current wsusscn2.cab file.

As the MBSA tool is no longer available for download as described here, I also performed additional offline scans via Powershell using a .vbs script found here and a .ps1 script found here.

MBSA and both Powershell offline scan scripts indicate the following updates are still missing:

2019-10 – KB4519108 (DST changes for Norfolk Island and Fiji Island)
2020-02 – KB4538483 (ESU Licensing Preparation Package)

Interesting that KB4519108 is found via offline scanning but not via the normal WU scan since it’s pre-ESU, it’s not installed & it’s not hidden. No real concerns about the DST update as I don’t live on Norfolk or Fiji Islands.

But, have a question for @abbodi86 and/or other AskWoody_MVPs in the know concerning KB4538483 …

Should non-ESU Win7 updaters now in “Group ABS” (Abbodi86’s Batch Script) be concerned about the missing ESU Licensing Prep Package KB4538483 on non-ESU systems being patched with ESU updates?

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

3 users thanked author for this post.

jburk07, Bluetrix, Elly

[abbodi86]

KB4538483 is solely ment for actived ESU-license customers to recieve ESU updates via WU.
no other purpose for non-ESU users, and the update contents are already included in the Monthly Rollup.

now if you installed it and checked wsusscn2.cab again, it will still not show ESU updates (installed or not)
because WU engine check the status of active ESU license before it show the updates

3 users thanked author for this post.

jburk07, Elly, RDRguy

[RDRguy]

@abbodi86 …

Thanks, I kinda figured that but just had to ask if NOT having the ESU Prep Pkg Update installed could potentially result in unforeseen problems with having the ESU updates installed in non-ESU systems.

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

[analogkid]

Wow, I did it!! I kept trying and then recalled that I did something similar years ago with a file named “pciclearstalecache”.

I surprised myself when I hit the zero key and it began the installation process.

I waited a long time to reboot and then let it sit another good long time before signing in. Just checked the installed updates and I see four listed with today’s date./

I am also using 0patch Pro and so far it is working fine.

WOO HOO

Thank you to everyone in this thread, PK and of course abbodi.

BTW, I have been on askwoody site for many, many years as a devoted Group B’er. I decided to join as a Plus Member recently.

"An analog kid in a digital world"

Win7 Ultimate home built desktop

Win 8.1 desktop and two 8.1 laptops

Win 10 Dell desktop (took the plunge)

and two very old home built but working Win XP desktops (not online but use with an old Epsom Photo scanner)

4 users thanked author for this post.

Kranium, jburk07, Elly, Bluetrix

[byteme]

Win7 Home Premium 64-bit. Group B.

I just used abbodi86’s .cmd script to install the February Win7 64-bit security-only updates.

SHA2 support updates KB4490628 and KB4474419 had already been installed on my PC (in April and September, respectively, of 2019).

I put four files in an otherwise-empty folder: (1) abbodi86’s .cmd file, (2) the Feb. SSU (KB 4537829), (3) the Feb. Win7 SO update (KB 4537813), and (4) the Feb. IE SO update (KB 4537767).

Then I right-clicked on the .cmd file, chose Run as Administrator, and hit 0 in response to the opening menu.

The process took just about exactly 30 minutes. Then I rebooted, and then I ran (as Administrator) the RunOnce anti-telemetry file that the .cmd script had deposited on my desktop.

Everything seems fine, I thank abbodi86 for his assistance, and I plan to do the March updates the same way (when their time has come).

5 users thanked author for this post.

pandarunnerpt, Cybertooth, SueW, jburk07, Elly

[anonymous]

At first:  To abbodie, many thanks for your tool !

A question:
I use the Group A scenario with rollups.
And I want to know, if I don’t update for many months,
can I restart the updates from the most recent month rollup ?
Skipping all the months in between ?

Thanks
Frankie

[PKCano]

anonymous wrote:

And I want to know, if I don’t update for many months, can I restart the updates from the most recent month rollup ? Skipping all the months in between ?

Technically, and in normal circumstances, the answer would be Yes, since Group A Rollups are cumulative.
BUT:
+ There is no guarantee that @abbodi86 ‘s script will work next month, or the month after. Microsoft may put another roadblock in the works. They won’t be happy with people getting for free, what they are charging subscription fees for.
+ There will probably be other qualifying installs, like the SSU changing.

As long as things stay like they are, skipping monthly patches may work. But who knows??

1 user thanked author for this post.

abbodi86

[Frankie]

Thanks PKCano,

I should have said:  “if I DIDNT update for many months” for the lasts months.
So I will update my others PCs rapidly!

Frankie

 

[PKCano]

Be sure you have the prerequisites installed – listed above.

[anonymous]

I have already installed the SHA2 support updates KB4490628 and KB4474419  since the time of their release (more or less). Today, I have followed the advice of PKCano in #2210327 above. After rebooting, the four new updates are now listed in my “installed updates” and everything seems to work fine up to now.

System: Win7 x64 Ultimate and “Group B”.

Note: “RunOnce_W10_Telemetry_Tasks.cmd” did not appear, probably because I have already set the script “W10Tel.cmd” to run on startup as a scheduled task. No additional telemetry related tasks or services have shown.

Many thanks to abbodi86 for the scripts he provides and the people in this forum offering their knowledge.

Tryfonas

1 user thanked author for this post.

jburk07

[Moonbear]

How does this script work with the Group A rollups?

I didn’t think you could use the rollups with the script since they aren’t individually downloaded files. Or is there another way to get the rollups besides Windows Update?

[PKCano]

You can download the Rollups from the MS Update Catalog. Enter the KB number without the “KB” (just the numerical part) and download the one that is right for your OS version and bitedness.

Or you could use one of the download managers WUMgr, Sledghammer, etc.

[Moonbear]

Thanks, @PKcano

I didn’t realize you could get the rollups from the update catalog.

So I would need to download 4540688 and 4550735?

• This reply was modified 6 days, 6 hours ago by Moonbear.

[Mcinwwl]

Hi, I used the script to install updates for Windows 7 and internet explorer, and I noticed two side effects:

1. after restarting, I got prompted to wait when Windows applies updates (obvious). When it ended, PC rebooted itself… and hang on black screen. Not even Bios was initiated.
   yuck… why? This is the first occurrence of such misbehaviour in 4-years lifespan of this machine… After another reset, PC booted as usually.
2. i was offered KB3118401 update. It was purposedly not-installed and hidden due to potential connection with M$ snooping, as listed in: https://msfn.org/board/topic/173752-how-to-avoid-being-upgraded-to-win-10-against-your-will/?tab=comments#comment-1097746

[PKCano]

Did you have the prerequisites (KB4490628 and KB4474419) installed first?
Did you include the required Servicing Stack KB4550735?

KB3118401 is an update for Universal C Runtime. The MS pages say:

The Windows 10 Universal CRT is a Windows operating system component that enables CRT functionality on the Windows operating system. This update allows Windows desktop applications that depend on the Windows 10 Universal CRT release to run on earlier Windows operating systems

[Mcinwwl]

Servicing stack was applied, following the readme script should recognize it and install before other updates, right?

Prequisites were installed, I checked using powershell’s get-hotfix.

KB3118401 do not look like a necessary prequisite. However, if you think it should not be considered part of microsoft snoopware, I will inform original thread author from MSFN to remove it from the list.

PS past post is mine… you took me by suprise, I have never ever used forum where one can comment as a guest 🙂

[Mattchu]

Just wanted to join to say a big thank you to aboddi86 & PKcano especially for the creation of this and the help supplied to various people.

Just so Im clear, I dont use Windows 7 much anymore but do have a few boxes that its on, my old man however does still use it and I want to get him up to date. I think group A is the way I`ll go. So Ive checked the prerequisites KB4490628 and KB4474419 installed, Jan SSU [KB4531786] installed, everything done until EOL.

Downloaded the March CU [KB4540688] and the latest SSU [KB4550735] and placed them in the same folder as the extracted W7ESUI.cmd [as picture]

Now it should be a case of right click W7ESUI.cmd and “run as administrator”? I don`t need the February CU [KB4537820] or any other SSU?

Cheers

 

[PKCano]

Mattchu wrote:

Now it should be a case of right click W7ESUI.cmd and “run as administrator”? I don`t need the February CU [KB4537820] or any other SSU?

That’s correct.
After the reboot, if it asks for one, run the RunOnce_W10_Telemetry_Tasks.cmd if it appears on your desktop to eliminate the telemetry.

[Mattchu]

Cheers PKCano, much appreciated I`ll post back with the results, just doing the first test box now 🙂

[maisy2]

I didn’t know if it was good or bad, but I too thought Rollups were better at the EOL era after being strictly security-only all these years.
Foldered: W7ESUI.cmd / KB4550735 March SSU / KB4537820 (Feb Monthly Quality Rollup)

Everything purposefully disabled in task scheduler was untouched after the Rollup install.
– or was it the Telemetry neutralize tweaks?:)
So nothing changed, although, the Installed Updates window got a clean-up albeit for a load of Microsoft .Net Frameworks; but comforting to find you can find old security-only numbers and older ssu’s if you place what you’re looking for in the upper corner search.

I hope the coming month will still allow theW7ESUI, SSU & March rollup combo to install through this brilliant development.
The ReadMe has’# for offline integration’; I had disabled WU and didn’t go offline, # for offline integration meant for the desktop RunOnce_W10_Telemetry_Tasks.cmd but was too hasty to take this into account – I shall do it offline if i get to install again next month.

Thanks to Creator of this, and wonderful and educational to read the poster’s questions and results on here. Big thank you.

• This reply was modified 5 days, 5 hours ago by maisy2.

1 user thanked author for this post.

jburk07

[maisy2]

Grateful I got to install the March rollup too now that it’s April.😊 In a roundabout way this is great as I’ve finally found that the new rollup does immediately overwrite the previous month’s rollup in the Update history. – it’s no more, gone even in searching for it at the top corner. I’ve been unsure of this in updating my reset win 8.1 laptop since the start of the year. I wasn’t sure rollups overwrite instantly after new updates. This fact couldn’t be found online, leaving me wondering if my pc was malfunctioning. And it did not help that I find Ms Mvp saying in a slightly older MS answer forum that if it’s not in the Update history opposed to the Windows history that it is not installed.
Sorry for my long-windedness but I wish there was a written notation by MS to affirm this. All this for being new to cumulative rollups.😌
The Update history that was thought to be cleaned-up has reappeared whole again as well. So glad I got to do this in two parts. Thank you.

[PKCano]

Rollups are CUMULATIVE. That means the later one contains the one(s) before. SO, once the March Rollup is installed it would be redundant to have the Fem also listed b/c it is contained in the Mar Rollup. So the Feb, Jan, Dec, Nov…. Rollups are no longer listed.

1 user thanked author for this post.

maisy2

[maisy2]

Oh yes that line of thought always made sense, but checking successful installs of many, many security patches on a new laptop produced confusion, especially reference to this pre-2016 answer made it worse. Thank you so much, one less worry for sure.😊

[abbodi86]

@Mcinwwl
Universal C Runtime (KB3118401 or KB2999226) is part of VC++ 2015-2019 redistributable, which is used by Office 2016 and later, Firefox, Edge Chromium and others

while most of them bundle it locally, it’s best practice to have it globally installed
and it has nothing to do with telemetry or snooping

[Moonbear]

Windows 7 Home Group A

March SSU and March SMQ rollup installed with no issues

@abbodi86‘s script works like a dream.

This was undoubtedly the smoothest update cycle I’ve ever done on a Windows system.

2 users thanked author for this post.

jburk07, Cybertooth

[anonymous]

Hi,

I have been installing the monthly roll-ups, the last updates I see when checking for updates with WU, is the 01-2020 monthly preview.

So I understand I only need the latest march monthly roll-up and SSU, but what about the security roll-up for .NET, is that no longer being updated?

Thanks

[abbodi86]

It will be updated when .NET need security fixes

after January, all .NET updates (for other Windows) were non-security

[anonymous]

Thankyou

[HanJohnJo]

I might have missed something, for sure. But we are now in April and the MS-defcon for the March updates is still at 2 but I can’t see the reason, at least for Win 7.  After almost one month patch reliability is still unclear? Maybe now MS-defcon applies only to Win 10 updates.

Frangar non flectar

[Paul T]

Defcon applies to all versions, but individual advice is provided for each version.

cheers, Paul

1 user thanked author for this post.

HanJohnJo

[anonymous]

Win7 ult x64 updated normally via WU, last update 3 updates were:
Windows Malicious Software Removal Tool x64 – February 2020 (KB890830)
2020-01 Servicing Stack Update for Windows 7 for x64-based Systems (KB4536952)
2020-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4534310)

I have extracted W7ESUI zip into a folder, along with the following files:
windows6.1-kb4550735-x64_18117664b4a0482c3d34a2f05f70c6819296240f
windows6.1-kb4540688-x64_70ad29faea4602dfa5c3159350afe6ec86e87e52

I ran the cmd as admin, and it detected the files.

It installed kb4550735, but it didnt prompt for restart, it just said “finished” and I had to press 9 and then manually restarted.
I checked installed updates after restart and kb4550735 was there.

I then did the same again, it extracted the kb4540688 cab, but then it finished stating ” All applicable updates are detected as installed”

I tried also with the Feb SSU and Monthly rollup, but same thing.

I did install the first SSU kb4550735 while the internet was disabled, but when installing the rollup the net was enabled, would that have anything to do with it?

Also, just a note, would it be possible to not auto delete the extracted cab file or an prompt, as I tried many times, and each time it had to extract again.

thanks.

[PKCano]

Did you have the prerequisites (KB4490628 and KB4474419) installed first?

[abbodi86]

The cab and temporary files are extracted to randomly-named temporary folder
they cannot be preserved for later usage

are you sure kb4540688 is not already installed?
did you verify the integrity of downloaded msu file?

[Douglas]

I am a Win7 x64 Pro Group B user. I just finished using the script to install the March updates, KB4540671 and KB4541500. Everything seemed to run fine. It reported both installs were 100% successful.

However, just before it started removing the temporary files and asking me to press 9, it gave me the following message:

==== Error ====
Windows6.1-KB4541500-x64 require SSU version 6.1.7601.24548

Is that the servicing stack update KB4550735 that is also a March ESU-only update? I restarted and everything seems to be running just fine. But should I also download that update and use the script to install it?

Thank you.

[PKCano]

KB4540671 is the IE11 Cumulative Update.
KB4541500 is the Security-only Update

You need to install the Servicing Stack KB4550735, which is REQUIRED. That must also be in the folder with the other updates.

[Douglas]

Should I rerun the script with all 3 in the folder, or would it be okay with just KB4550735?

Thanks.

[PKCano]

I’d put all three there just to be sure.
It’s supposed to install the SSU first.

1 user thanked author for this post.

Douglas

[honx]

since we’re on defcon 3 now, do we already know if it’s “safe” to install esu updates using this script (without paid license)? or will windows 7 be not activated/”pirated” at some point in the future? i read something like this, so i’d rather ask before doing anything.

PC: Windows 7 Ultimate, 64bit, Group B
Notebook: Windows 8.1, 64bit, Group B

[You.Are.Ah.Toyyyyy]

PKCano wrote:

Did you have the prerequisites (KB4490628 and KB4474419) installed first?

I went into installed updates and found both of them:
Update for Microsoft Windows (KB4490628)  Installed 21/03/2019
Security Update for Microsoft Windows ( KB4474419 ) Installed on 19/09/2019

abbodi86 wrote:

The cab and temporary files are extracted to randomly-named temporary folder
they cannot be preserved for later usage

are you sure kb4540688 is not already installed?
did you verify the integrity of downloaded msu file?

Just checking Installed updates again.
kb4550735 is there and also kb4537829, so the Feb ssu seems to have installed. But the rollups aren’t installing.

windows6.1-kb4540688-x64_70ad29faea4602dfa5c3159350afe6ec86e87e52.msu
sha512: D10FCB521D406564DBE2BFCA78BE9E0D95E22998A57EF204A02DE03CDF64619D3B210694F15CA351C89C39D3E992E0DB80E0C2B6AD3963395E0498D856ED5468

windows6.1-kb4537820-x64_3ee2a66a320dfe4eea2bda70bf9b5471b014f2a3.msu
sha512: F5ABF6072C73ECAD556F83F90778A04469785B5365B4941115FA8EEB76455189E550750361A239FB13AA9E7C3D1D8F5DA3CD6A1A5270B3038E9BDD934CB44FE1

BTW, windows update is still popping up showing me updates to install:
Windows Malicious Software Removal Tool x64 – March 2020 (KB890830)
2020-01 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4539601)

thanks again.

[You.Are.Ah.Toyyyyy]

After checking the AV and other things that might be interfering, I tried again and it still gave the message “All applicable updates are detected as installed”.

So I looked over the readme a few more times, and thought I had better double check the storage space.  It was low, but I wasn’t sure how much space the final extracted files took, so I deleted some files to meet the recommended 10gb free space.

After trying once more, it finally worked, and the installation completed and the update was visible in the Installed Updates list.

Is there maybe a way to alert that there wasn’t enough storage when extracting the files during installation?  Because at the moment, even though it seems all the files were not successfully extracted, the final message was simply no update was necessary.

[Cybertooth]

Shortly (~45 sec.) after running the script for the February patch batch, Bit Defender popped up an alert:

False positive? Unrelated coincidence?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Attachments:

You must be logged in to access attached files.

[Paul T]

BD is looking for activities that change Windows itself and that is exactly what the script does, so the report is correct. You can safely ignore the warning because you want Windows changed.

cheers, Paul

2 users thanked author for this post.

abbodi86, Cybertooth

[EP]

Cybertooth wrote:

Shortly (~45 sec.) after running the script for the February patch batch, Bit Defender popped up an alert:

False positive? Unrelated coincidence?

 

add the script to “exclusion” or Ignore list in BitDefender

1 user thanked author for this post.

Cybertooth

[EP]

You.Are.Ah.Toyyyyy wrote:

PKCano wrote:

Did you have the prerequisites (KB4490628 and KB4474419) installed first?

I went into installed updates and found both of them:
Update for Microsoft Windows (KB4490628)  Installed 21/03/2019
Security Update for Microsoft Windows ( KB4474419 ) Installed on 19/09/2019

abbodi86 wrote:

The cab and temporary files are extracted to randomly-named temporary folder
they cannot be preserved for later usage

are you sure kb4540688 is not already installed?
did you verify the integrity of downloaded msu file?

Just checking Installed updates again.
kb4550735 is there and also kb4537829, so the Feb ssu seems to have installed. But the rollups aren’t installing.

windows6.1-kb4540688-x64_70ad29faea4602dfa5c3159350afe6ec86e87e52.msu
sha512: D10FCB521D406564DBE2BFCA78BE9E0D95E22998A57EF204A02DE03CDF64619D3B210694F15CA351C89C39D3E992E0DB80E0C2B6AD3963395E0498D856ED5468

windows6.1-kb4537820-x64_3ee2a66a320dfe4eea2bda70bf9b5471b014f2a3.msu
sha512: F5ABF6072C73ECAD556F83F90778A04469785B5365B4941115FA8EEB76455189E550750361A239FB13AA9E7C3D1D8F5DA3CD6A1A5270B3038E9BDD934CB44FE1

BTW, windows update is still popping up showing me updates to install:
Windows Malicious Software Removal Tool x64 – March 2020 (KB890830)
2020-01 Preview of Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4539601)

thanks again.

install the KB4539601 rollup first.

Jan. 2020 rollups (either KB4534310 or KB4539601) are also required before installing any new ESU based updates from Feb. 2020 and later

[abbodi86]

Neither KB4539601 or kb4537820 are needed, March rollup kb4540688 is enough

@You.Are.Ah.Toyyyyy
the numbers/letters before .msu extension are SHA1 hash, you should verify against that

[You.Are.Ah.Toyyyyy]

I already posted an update yesterday a few posts up, thanks.

• This reply was modified 17 hours, 29 minutes ago by You.Are.Ah.Toyyyyy.

[Chriski]

I have 3 Win 7 laptops I have been keeping up to date. I used this wonderful script on two of them, and it went without a hitch. I moved onto the 3rd today with full confidence…

I have also been venturing into win7/kubuntu dual boot territory because of  the online implications of using win 7 for important things. This 3rd machine is the dual boot machine and my guess is that is why the update try went awry.

The cmd file displays a line about a “patchable module etc.” and then exits. Opening up a cmd window as admin and executing the script yields the same start and an exit with “syntax of the command is incorrect.” I edited the cmd file, turned of echo, and turned on debug, but my capability with command files is limited and quite rusty.

I fear this is a very lot to ask, but I was hoping that after a quick look (it doesn’t take long to exit) you might be able to suggest something simple that might help the script to get on it’s way.

Or a simple answer (understandably) is that my situation is beyond the scope of the original design intent, and is not worth the time and effort.

Thanks in advance,

Chris

Attachments:

You must be logged in to access attached files.

[Author]

Posts