News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Windows 10 nag for Windows 7 makes an appearance

    Home Forums AskWoody blog Windows 10 nag for Windows 7 makes an appearance

    This topic contains 120 replies, has 44 voices, and was last updated by  Speccy 6 days, 21 hours ago.

    • Author
      Posts
    • #343960 Reply

      woody
      Da Boss

      Lawrence Abrams at BleepingComputer has the full story. As I warned in Computerworld yesterday, the currently optional (but soon to be pushed) patch K
      [See the full post at: Windows 10 nag for Windows 7 makes an appearance]

    • #343971 Reply

      radosuaf
      AskWoody Lounger

      Makes me want to install W7 again, just to make them angry :). I just remember installing W7 on UEFI is too much pain compared to 8.1 & 10…

      MSI H110 PC MATE * Intel Core i5-6402P * 2 x 8 GB Corsair Vengeance LPX DDR4 2133 MHz * Aorus Radeon RX 570 4GB * Samsung 840 EVO 250GB SSD * Western Digital Blue 1TB HDD * Seagate Barracuda 1TB HDD * DVD RW Lite-ON iHAS 124 * Creative X-Fi XtremeGamer PCI * Windows 10 Pro 1909 64-bit
      • #344038 Reply

        FakeNinja
        AskWoody Lounger

        How is it any different? Just curious because I’ve never had any problems with installing Windows 7 on UEFI.

      • #344080 Reply

        zero2dash
        AskWoody Lounger

        The only difference of 7 UEFI is that it doesn’t support Secure Boot, because Secure Boot didn’t exist at the time. Otherwise, I’ve never had any issues installing 7 as a UEFI OS.

        • #344103 Reply

          OscarCP
          AskWoody Plus

          zero2dash: I m curious, because I have now Windows 7 in dual boot with Linux Mint. Do you mean that with this kind of setup one can no longer boot Win 7 in protected mode, or something else? Thanks.

          Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

          • #344151 Reply

            zero2dash
            AskWoody Lounger

            UEFI is the firmware itself, as opposed to the old fashioned BIOS.

            Secure Boot is a function of a UEFI system that can be used, but is not required. Secure Boot is a Windows-only thing that was introduced in 8 and included with 8.1 and 10.
            No Linux distros support Secure Boot and (AFAIK, all of them) require it to be disabled to be able to boot and install Linux.

            Secure Boot uses several technologies (including UEFI) to check and verify the OS and PC hardware is not infected with a rootkit. For more info: https://www.howtogeek.com/116569/htg-explains-how-windows-8s-secure-boot-feature-works-what-it-means-for-linux/

            • #344171 Reply

              OscarCP
              AskWoody Plus

              zero2dash: ” The only difference of 7 UEFI is that it doesn’t support Secure Boot, because Secure Boot didn’t exist at the time.

              So, did you write the above by mistake, when actually meaning to write”BIOS”, not “UEFI”?

              At least in my own experience, one can access the UEFI in a Windows 7 PC by hitting, repeatedly, one of the function keys right after turning the machine on and beginning to boot Windows 7. In my case, the key is f10.

              Edited later: Oh, I just found out that “secure boot” is not the feature I was thinking of, one that is available in the Win 7 UEFI, but something else that did not become available in the UEFI until Windows 8. Sorry about this confusion.

              Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

            • #344194 Reply

              Snowbum
              AskWoody Plus
            • #344200 Reply

              Ascaris
              AskWoody_MVP

              No Linux distros support Secure Boot and (AFAIK, all of them) require it to be disabled to be able to boot and install Linux.

              This is incorrect. Most major Linux distros do support secure boot, and work just fine with it enabled.  I have it enabled on both of my Linux laptops that have secure boot as an option, and both of them boot Kubuntu and Neon without a problem.  My desktop PC, even though it’s UEFI, does not have secure boot functionality, so of course it’s not enabled there.

              Group "L" (KDE Neon User Edition 5.17.4).

              2 users thanked author for this post.
    • #343968 Reply

      anonymous

      So far, I have yet to see this one show up in optional or critical. Is it possible that it’s being hidden in the monthly roll up on some machines ?

    • #343974 Reply

      techweenie
      AskWoody Lounger

      Do we know if this is making it’s way to WSUS?

      • #343981 Reply

        Mr. Natural
        AskWoody Plus

        Not seeing it in WSUS. Probably a manual import if you want it.  🙂

        Red Ruffnsore reporting from the front lines.

        1 user thanked author for this post.
    • #343983 Reply

      gkarasik
      AskWoody Plus

      Lawrence Abrams at BleepingComputer has the full story. As I warned in Computerworld yesterday, the currently optional (but soon to be pushed) patch K[See the full post at: Windows 10 nag for Windows 7 makes an appearance]

      As always, thanks for the heads up, Woody.

      Two questions:

      1) In the past, those of us using Win7 Enterprise have been spared these “courtesy notification” patches. Will we be spared them again?

      2) Will removing the SipNotify executable stop these notifications, or will they, like “The Walking Dead” keep returning?

      GaryK

    • #344005 Reply

      Seff
      AskWoody Plus

      “Somebody remind me of the definition of a Potentially Unwanted Program.”

      More importantly, I hope MBAM remember their definition and quarantine this update.

      3 users thanked author for this post.
      • #344031 Reply

        Cesar
        AskWoody Lounger

        “Somebody remind me of the definition of a Potentially Unwanted Program.” More importantly, I hope MBAM remember their definition and quarantine this update.

        My thoughts exactly (since the GWX era)… Or are anti-malware software developers afraid of Microsoft?

        César

        3 users thanked author for this post.
    • #344006 Reply

      gkarasik
      AskWoody Plus

      2) Will removing the SipNotify executable stop these notifications, or will they, like “The Walking Dead” keep returning?

      See @abbodi86 ‘s post here.

      Lovely. Thanks, PKCano and abbodi86.

       

      GaryK

    • #344021 Reply

      Geo
      AskWoody Plus

      They are panicking because millions of us W7 users are not going to switch so they are neglecting W10 in the mean time to concentrate  on harassing  W7 users.

      2 users thanked author for this post.
    • #344028 Reply

      pHROZEN gHOST
      AskWoody Lounger

      Stick with Windows 7 if you so choose. You have that right.

      But, don’t whine when tools you use all the time, especially browsers, are no longer supported. Just get the source code and make your own updates if there’s still a compiler that runs on Win 7.

      Software developers do not have a choice. They MUST move on.

      If you really want to stick in the past, go back to Windows 3.1 or even DOS 6.1.

      Above all, make sure you have lots of aluminum foil under your clothing. And, get off the Internet. THEY are after you.

      Byte me!

      • #344125 Reply

        spelrod
        AskWoody Lounger

        For me, I hate the nagging that will probably happen to Pro or domain joined computers. 10 out of 80 workstations at the office are Windows 7. Yes I have a plan in place to either replace or upgrade them before EOL.

        But what I don’t need is Microsoft bugging my users about it. 10 emails and walkups of “hey I got this popup while I was eating paint chips, is this a virus.” So to avoid that I have to decline updates and block an exe and track that Microsoft isn’t changing what I blocked.

      • #344158 Reply

        zero2dash
        AskWoody Lounger

        You assume people resent 10 for privacy only, and that’s factually incorrect. A lot of people (myself included), dislike 10 for taking control out of our hands on whether we install updates.

        I am running a full 10 Pro shop at home, multiple machines, and yes, I’m using deferral periods and CBB designation. However ~ I still cannot pick and choose updates with what is baked in to the OS. (I can with 3rd party tools, but that should not be what is necessary to do the job.) That irks me. I love 10, it’s fantastic, but I want control to be given back, at least for Pro and above SKU’s.

        5 users thanked author for this post.
        • #344193 Reply

          Zaphyrus
          AskWoody Lounger

          Indeed Windows 10 is marvelous and I am quite happy with it, however what you can properly hate are feature updates.

           

          Just someone who don't want Windows to mess with its computer.
      • #344244 Reply

        anonymous

        Stick with Windows 7 if you so choose. You have that right.

        But, don’t whine when tools you use all the time, especially browsers, are no longer supported. Just get the source code and make your own updates if there’s still a compiler that runs on Win 7.

        Software developers do not have a choice. They MUST move on.

        If you really want to stick in the past, go back to Windows 3.1 or even DOS 6.1.

        Above all, make sure you have lots of aluminum foil under your clothing. And, get off the Internet. THEY are after you.

        Of the reasons why many of us won’t or can’t move off Win7, at least not yet, it’s only a small portion who are resisting due to “conspiracy theories.” And frankly, it works fine for most things and I really see little reason to upgrade for the average person (potential security issues aside). Forced upgrades for no legitimate benefit, but a lot more complexity in the update process.

        Most who have resisted this long and have ANY awareness of how computer work are well aware how software dev cycles often work. But for those who, like me, manage over 200 desktops and over 400 total devices across four offices, by myself, I NEED those Win7 laptops running as long as possible because we simply CANNOT upgrade all of them until their time is up. Not something the junior helpdesk kids can handle. Just can’t happen, not with fifty other priority items that are overdue. This is typical of our (sys admins & engineers) workloads, something developers never care to consider. Nor anyone else in a company. Microsoft & Apple constantly makes our lives more and more difficult with their games. Can’t wait to get out of this industry, after 25 years my ulcers will thank me.

         

        Edited for HTML. Please use Text tab for copy/paste.

        Edited for content. See Lounge rules.

        2 users thanked author for this post.
      • #344530 Reply

        anonymous

        Software developers do not have a choice. They MUST move on.

        Says who? Several of the projects I’m working on work all the way from Windows 10, back to Windows 2000. A few even run as far back as Windows 98. A friend of mine maintains a huge project that runs on multiple platforms, of which one of them is (surprisingly) Windows 95.

        But, don’t whine when tools you use all the time, especially browsers, are no longer supported. Just get the source code and make your own updates if there’s still a compiler that runs on Win 7.

        Tools I use all the time haven’t changed much, if at all. The two oldest tools I own work on everything from Windows 10 all the way back to Windows 98 (MIRC and Winamp). Notepad++? Works on 98. Vim? Version 7 even ran on Windows 3.1 I hear. Infact looking at many of my tools right now, I know that most of them can run on at least Windows 2000.

        1 user thanked author for this post.
    • #344032 Reply

      EP
      AskWoody_MVP
    • #344054 Reply

      Sinclair
      AskWoody Lounger

      Lets see how aggressive the push of this “update” is going to be and if this update ignores the never look for updates setting. I admin my own and many other Windows 7 computers of family and friends. All those are set to never look for updates. I do not plan to switch to Windows 10 on any of those computers. I would not be happy if I start to get calls left and right about this message should it override the do not look for updates setting.

      Again I say might ignore the do not look for update setting. I do not say that it will ignore the do not look for updates setting! Because at this time we do not know how it is going to behave. It is pure speculation at this point.

      W7 x64 Pro&Home

      2 users thanked author for this post.
      • #344312 Reply

        RDRguy
        AskWoody Lounger

        Sinclair …
        If this update remains a separate “standalone” patch as PKCano noted here & my experience with it noted here, then all you need to do is treat it like the infamous KB2952664 Telemetry Enabling Patch — you hide it and keep re-hiding it whenever it reappears.

        On the other hand, if it ever gets “rolled-in” to a monthly rollup & you’re Group A, only then will you have to hope it’ll behave as M$ currently states or you’ll most definitely end up transitioning to Group B or Group W or Group 10 or Group L (Linux -or- Live-with-it) 🙂

        Win8.1 Group B (Pro) [x64]
        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

    • #344062 Reply

      Sam
      AskWoody Lounger

      Is Microsoft going to offer free updates from Windows 7 to Windows 10, if so when?

      • #344063 Reply

        PKCano
        Da Boss

        This is strictly a nag notification of Win7 EOL, not an offer of free upgrade.
        Supposedly NOT another GWX.

        3 users thanked author for this post.
        • #344316 Reply

          RDRguy
          AskWoody Lounger

          PKCano …
          If I remember correctly, a couple of months or so before XP reached EOL, M$ pushed out patch KB2934207 on 3/5/14 that kind of did the exact same thing on XP.

          The KB article for it is no longer available on the M$ support site but a discussion thread concerning it can be found at answers.microsoft.com.

          p.s. If anybody wants it, I’m pretty sure I still have it stored somewhere in my archives 🙂

          p.s.s The first reply listed on the answers.microsoft.com page by “shadow1429” states:

          That’s ignorant. Microsoft really wants to get people to buy Windows 7-8.

          How times have changed 🙂

          Win8.1 Group B (Pro) [x64]
          Win7 Group B (Ultimate & Pro) [x64 & x86]
          MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
          MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
          RDRguy

      • #344197 Reply

        Sinclair
        AskWoody Lounger

        Is Microsoft going to offer free updates from Windows 7 to Windows 10, if so when?

        Basically the offer still stands and has never ended. All you need is a valid Windows 7 or 8 key. Microsoft will add a “digital license” to your Windows 7 or 8 key. So that you can continue to use that Windows 7 or 8 key if you ever need to reinstall Windows 10 in the future.

        you-can-still-get-windows-10-for-free-with-a-windows-7-8-or-8.1-key

        You can deactivate/unregister a RETAIL Windows 7 or 8 key and use it for Windows 10 on a different computer. There is no need to unregister a key when upgrading to Windows 10 on the same computer. Note this does not work for OEM or COA licenses as they are hardware bound for use on one system only! You should however be able to use the upgrade to Windows 10 with a OEM key on the same computer. I do not know if it also works for COA keys as they are used a lot in refurbished computers. This was however not the way COA keys were meant to be used.

        Many people forget to unregister their Windows key when they reinstall on a different computer and then run into activation problems because the Microsoft servers think the key is still in use with the old computer.

        It does not help that there is no convenient one click way to unregister a Windows key. But this guide shows how to do it:

        deactivate-windows-product-key

         

        W7 x64 Pro&Home

        1 user thanked author for this post.
        • #344229 Reply

          ve2mrx
          AskWoody Plus

          Can you confirm that:

          slmgr /upk “activation id”

          actually deactivates the key on Microsoft’s servers? Or does it only removes the local activation for a key replacement? Any Microsoft source?

          Curious,
          Martin

          1 user thanked author for this post.
          • #344292 Reply

            Sinclair
            AskWoody Lounger

            I have no source. But you can find multiple versions of this guide and forums talking about it. So far I have not run into a situation where this did not work but that is a personal assessment. I have not logged my network traffic to see where or if a connection is made.

            Since:

            slmgr /ipk “Windows product key”

            Can be used to register a product key. To do that successfully you have to have contact with the Microsoft servers. Or else the this version is activated message will not appear in the system menu.

            Then I think it is safe to assume that:

            slmgr /upk “activation id”

            Will indeed remove or rather unassociate “I am sure Microsoft never deletes user “information”” the key from that system.

            The problem is that should online activation fail when you used a key multiple times. Then you are at the mercy of who ever you get on the line when trying to activate by phone. This person may not have had his best day ever and flat out refuse to grant you your activation even though your perfectly entitled to it and are using a legit key. The above unregistration command should prevent that.

            Then again Assumption is the Mother of All F*** Ups. So if anyone can shed some light into the true workings of this than I would be most grateful.

            W7 x64 Pro&Home

            2 users thanked author for this post.
    • #344064 Reply

      Cybertooth
      AskWoody Plus

      The Windows 7 desktop image on that notification generated by KB4493132 reminds me of at least two things that I love about Windows 7: the beautiful translucence under the Start menu; and the tasteful right panel on the Start menu that’s filled with useful links to folders and features instead of blinking tiles and fluff that I will never use extending halfway across my screen.

       

      5 users thanked author for this post.
      • #344089 Reply

        anonymous

        Thanks

      • #344319 Reply

        RDRguy
        AskWoody Lounger

        If i’m not mistaken, that laptop image is a near perfect likeness to several of my IBM Thinkpads – for some reason I kinda feel honored in some strange & mysterious way 🙂

        Win8.1 Group B (Pro) [x64]
        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

        1 user thanked author for this post.
    • #344067 Reply

      banzaigtv
      AskWoody Lounger

      Users who do not want to switch to Windows 10 will likely be forced to install Linux. If you don’t have a copy of Windows 8.1 lying around, I’d suggest Linux Mint 19.1 Cinnamon. It’s great for at least everyday use and I swear by it. One of my PCs runs it and I could clone it (and all of its installed programs) to my Windows PC.

      I am no longer an active member of the forums.

      2 users thanked author for this post.
      • #344364 Reply

        anonymous

        I switched from Win7 Pro x64 to a dual-boot installation:  Linux Mint 18.3 (as it was then) Cinnamon as the primary startup partition, with Win7 Pro as the alternative.  Works like a dream for me;  glad I did it.  [To be fair, I admit that I do have Wine installed in the Linux machine, so that I can use some Windows-specific desktop apps, developed in-house here, but those apps don’t do Internet access at all, at least not intentionally.]

        Incidentally, I tried Mint with both Cinnamon and XFCE (because I was advised that XFCE was lighter on old hardware) but I found that Cinnamon ran as fast as I needed it (no worse than Win7) and presented a more familiar visual experience.

        HMcF

        1 user thanked author for this post.
    • #344068 Reply

      anonymous

      I know people will probably hate me for saying this, but I think a new free offer of Windows 10 would help Microsoft achieve their goals at this point. It’s very likely that people would be more willing to upgrade as 10 has matured and due to lack of support in Win7 coming up.

      The problem is that I wouldn’t trust Microsoft to do it correctly. The right way to do it would be to offer it to show the offer in the nag screen, but genuinely let people choose “never show this again” and do it. At the same time, release an online ad campaign telling people about the free upgrade. Just make sure it remains 100% a choice.

      But Microsoft would probably foul it up if they did this, forcing upgrades on people, making it harder to say no, and just making the nags as annoying as possible, making people resentful again, rather than seeing it as helpful. And the mess of the last time will still make people wary anyways.

      2 users thanked author for this post.
      • #344233 Reply

        Seff
        AskWoody Plus

        Isn’t the problem with Microsoft offering free upgrades again that they are advising users not to upgrade existing devices?

        Why they haven’t cottoned on to the fact that not every user – business or domestic – can afford to go out and replace their hardware just in order to accommodate a new operating system is beyond me. However, they are quite clear:-

        “And the best way to experience Windows 10 is on a new PC. While it is possible to install Windows 10 on your older device, it is not recommended.”

        2 users thanked author for this post.
        • #344256 Reply

          ve2mrx
          AskWoody Plus

          I somewhat agree with Microsoft about getting new hardware.

          The security context has changed significantly in the last few years, and most can’t ensure their hardware is supported in addition to hardware, firmware, management engine, CPU, drivers, software is secure. There is no easy way to check if your system is not vulnerable to attack. It’s out of reach to most.

          The sensible recommandation (from the Windows 10 point of view) is to get hardware manufactured for Windows 10 and still fully supported.

          My recommendation has always been to install manufacturer-supported versions of Windows. Unless, of course, you have the required knowledge to take the entire responsibility for securing, troubleshooting and fixing your otherwise unsupported systems. Many AskWoody readers can do it, but not everyone.

          Martin

          1 user thanked author for this post.
    • #344084 Reply

      Speccy
      AskWoody Lounger

      The Bleeping Computer article sums up pretty much all of the relevant, known info about KB4493132. I’ll just add my 2 cents (wild guessing thoughts, I suppose).

      IMHO people are right in assuming this is probably only the first version of the update: the .cab file metadata contents (metadata.json) suggest that multiple incarnations of the update are scheduled to be released, accordingly to a predefined calendar that, currently, appears to contemplate 5 phases:

      -Phase 1 starting on April 18;
      -Phase 2 starting on June 13;
      -Phase 3 starting on August 29;
      -Phase 4 starting on November 7 and
      -Phase 5 starting on December 5.

      Microsoft will probably release updated cabinets (eventually with other images and text) before each Phase starts.

      The metadata also provides a tip on what might be the reason why not many users are “getting” this lovely Phase 1 retro payload (as Woody puts it) yet: Microsoft appears to be planning to push it worldwide using geofencing technology.

      If I read it correctly (guessing through the tea leaves, as Susan would put it) the available metadata suggests that, for now, only selected Windows 7 users in Ukrain, Syria, Iran, Israel, Finland and Japan (and, eventually, Chile, Hawaii, India, France, Paraguay and… Spain?) are the “lucky” ones who might be offered with KB4493132 on Windows Update (there might be a few other places where that “offer” might pop up, depending on what those geofencing numbers actually mean):

      uk-UA // [1] Ukrainian (Ukraine)
      ar-SY // [1] Arabic (Syria)
      syr-SY // [1] Syriac (Syria)
      fa-IR // [1] Persian (Iran)
      he-IL // [1] Hebrew (Israel)
      fi-FI // [1] Finnish (Finland)
      ja-JP // [1] Japanese (Japan)
      122 // [2] 0x7A -> Chile? (0x007A = Mapudungun)
      117 // [2] 0x75 -> Hawaii? (0x0075 = Hawaiian)
      77 // [2] 0x4D -> India? (0x004D = Assamese)
      131 // [2] 0x83 -> France? (0x0083 = Corsican)
      241 // [2] 0xF1 -> ?
      222 // [2] 0xDE -> ?
      219 // [2] 0xDB -> ?
      116 // [2] 0x74 -> Paraguay? (0x0074 = Guarani)
      56 // [2] 0x56 -> Spain? (0x0056 = Galician)
      

      References:
      [1] Set languages and locales and Culture Names [C#]
      [2] Appendix A: Product Behavior

      The screenshots below provide a visual insight on how the nagging screens have been (slightly) changing over time.

      A few additional notes:

      1. The metadata info (pulled out from the .cab file) has remained pretty much the same (currently, version 5 – only a couple of entries have been removed since the initial post).

      2. The actual changes lie within the sipnotify.exe binary and the two scheduled tasks, which are both installed and set up by the KB4493132 package itself (I’ve no direct links to the package itself other than the v2 binaries that abbodi86 kindly posted here and here) which may be easily blocked (script by abbodi86).

      3. wsntls posted additional info about the Registry keys being used, here.

      20190320 (Metadata v1)
      20190320-Metadata-v1

      20190322 (Metadata v1)
      20190322-Metadata-v1

      20190611 (Metadata v2)
      20190611-Metadata-v2

      20190827 (Metadata v4)
      20190827-Metadata-v4

      20191014 (Metadata v5)
      20191014-Metadata-v5

      20191105 (Metadata v6)
      20191105-Metadata-v6

      20191203 (Metadata v7)
      20191203-Metadata-v7

      So far, 5 different pictures were used:
      -Two versions of an open laptop computer showing Windows 7 desktop on the screen (the first laptop picture was quickly replaced – probably because the laptop “looked too good” 🙂 so they replaced it by a more “distorted” picture of an older laptop model…);
      -A line drawing of files being transferred between two laptop computers;
      -A circular icon of lit light bulb and
      -A circular icon with laptop computer and shield showing security being disabled.

      • This reply was modified 2 months, 3 weeks ago by  PKCano.
      • This reply was modified 1 month, 4 weeks ago by  Speccy. Reason: Updated information (screenshots, abbodi86 and wsntls additional info)
      • This reply was modified 1 month, 4 weeks ago by  Speccy.
      • This reply was modified 6 days, 21 hours ago by  Speccy. Reason: Just added the last two screenshots and the picture's descriptions (for completeness)
      • This reply was modified 6 days, 21 hours ago by  Speccy.
      Attachments:
      • #344183 Reply

        Speccy, this may be right; checked again just now and it’s nowhere to be seen on my WU.

        Oh, the perifidy! 🙁

        Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
        --
        "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

        1 user thanked author for this post.
      • #344309 Reply

        RDRguy
        AskWoody Lounger

        Speccy & NTDBD …

        Hate to burst your bubbles but yesterday (3/21) late afternoon I manually updated my Windows 7 Ultimate x64 desktop with the 2019 Feb & Mar Security Only, IE11 & KB4474419 (SHA-2 support) updates, then a reboot, then installed KB4490628 (servicing stack update) & followed up with another reboot.

        After system power-up & my subsequent manual WU check, I was offered KB4493132 (unchecked) along with the expected monthly rollups (1st Mar then Feb), MSOffice, MSRT, Defender & the .net update.

        I hid the Mar rollup & KB4493132, rechecked WU, hid the Feb rollup, rechecked WU then installed the remaining MSOffice, MSRT, Defender & .net updates.

        Maybe having the Mar servicing stack update installed triggered being offered KB4493132.

        (or maybe it’s because I’m in the “Alaska” timezone and most of the lower 48 state companies & shippers treat us as living overseas so they can charge an arm & two legs to get anything shipped up here … sorry, this belongs in a “rants” section on a different website forum)

        Win8.1 Group B (Pro) [x64]
        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

        2 users thanked author for this post.
    • #344110 Reply

      OscarCP
      AskWoody Plus

      I guess all that can reasonable be done, at this time, is to wait and see how this works out. If clicking once on the request not to see the message again in its present form is enough every time when a new version of this patch comes up, and these new versions are not forcibly installed without the users’ explicit and affirmative intervention, then, at worst, this might mean seeing a new and somewhat different version of this message showing up once every two months, for this particular version never to show up again after clicking on its “do not want to see this again” button. Most people could live with that, I imagine.

      For my part, besides Windows 7 (which I have under repairs for an unexpected problem) I have now, besides a new-ish Mac laptop, also Linux Mint in double-boot with Win 7 in my originally Win 7-only PC. So I think I am reasonably prepared already for the changes ahead. Others might be wise to also begin preparing themselves now, in whichever way they want to do it.

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

      2 users thanked author for this post.
      • #344118 Reply

        willygirl
        AskWoody Plus

        I’m ready to shift offline with the Win7. Feeling a bit insecure about the strategy MS is taking to lure us diehards over to 10. The Mac will be my online source and the PC my workhorse. Will see what reports come through then make my decision. I’m consoling my machine daily that mommy will take care of her. ☺️

        Win7 SP1 Home 64-bit, GrpA

        3 users thanked author for this post.
        • #344130 Reply

          anonymous

          I think you are revealing the future. We use Linux, VMs, Chromebooks and Macs for something we can ‘just use’ and an M$ OS for hardware, specific software and work purposes.

          Although I share a house with some with a Surface Pro 4 and has never had a problem, acting bemused at my battles with Win10. It seems to depend on the hardware and uses.

          2 users thanked author for this post.
        • #344133 Reply

          anonymous

          That’s OK when you can do that. My 7 box is used to run things that collect data using web-scraping. The line of least resistance will be to upgrade. The machine is old but uses an early i7 quad-core so is still fairly fast and does not need to be replaced. The main concern is that Win 10 will not have compatibility issues with the ancient hardware.  Everything else is solvable with a bit of effort.

          • #344181 Reply

            Ascaris
            AskWoody_MVP

            The machine is old but uses an early i7 quad-core so is still fairly fast and does not need to be replaced. The main concern is that Win 10 will not have compatibility issues with the ancient hardware.

            It should not be a problem.  Windows 10 has a good array of drivers for older gear, and I can tell you that it installed and worked fine (without any dangling ! marks in Device Manager) with my Core 2 Duo laptop (older than any i7) and my Sandy Bridge desktop (which is still my main desktop PC), which is the second generation of i5/i7s.  You won’t know for sure unless you try it, or research whether it has worked for others with your PC model, but the odds are pretty good, I’d say.

            Group "L" (KDE Neon User Edition 5.17.4).

            • #344270 Reply

              anonymous

              Windows 10 works great on some older hardware and not others.

              I have an old Vista-era Dell XPS 630i that won’t run Windows 10 due to compatibility issues. The display subsystem turns off randomly and cannot be awakened without a hard restart, no matter what power saving or video settings I use. Some necessary video and motherboard drivers just don’t exist for that machine, and I have found no tweaks from expert sites that work.

              If I put a non-NVIDIA card in the 630i box, Windows 10 might work, but the machine runs Windows 7 or Windows 8.1 like you wouldn’t believe, and I will stick with that. I have two other old 32-bit Vista-era machines about the same age as the 630i that run Windows 10 1607 well with only 2 GB of RAM. Windows 10 1703 choked on both of those devices and they will stay on 1607 for the life of the machines.

            • #344311 Reply

              mn–
              AskWoody Lounger

              Windows 10 1703 choked on both of those devices and they will stay on 1607 for the life of the machines.

              Yeah, 1703 was like that, at least some of the builds were. 1709 was a marked improvement in that regard, though not better than 1607.

              I have an old Vista-era Dell XPS 630i that won’t run Windows 10 due to compatibility issues.

              That seems to be typical for Dell. I mean, when I see mentions of this, it’s Dell more often than market sales of new units at the time when the devices were new would suggest.

              (Should find a way to balance that against “not tried due to being broken” and “not getting reinstalled or upgraded because it still runs and works fine” …)

    • #344155 Reply

      AJNorth
      AskWoody Plus

      Martin Brinkmann has also published a short article at gHacks on KB4493132 (with an explicit nod to Ask Woody):

      https://www.ghacks.net/2019/03/20/if-you-dont-want-end-of-support-notifications-on-windows-10-block-kb4493132/

      2 users thanked author for this post.
    • #344170 Reply

      berniec
      AskWoody Plus

      Can one not simply make the scheduled tasks go away or change their schedule to never run or something?

    • #344189 Reply

      Cesar
      AskWoody Lounger

      Can anybody tell me how this update is different from KB2934207 for Windows XP? I never installed it on any XP machine, so I don’t know how similar or different they could be.

      Thanks in advance.

      César

      1 user thanked author for this post.
      • #344320 Reply

        RDRguy
        AskWoody Lounger

        Though I for one think that, on the surface, it would appear to be the same.

        But I have to take into consideration that there was never that really hard push by M$ to force people onto Vista as there was & still is to get people onto Win10.

        As such, I need to remain vigilant.

        Win8.1 Group B (Pro) [x64]
        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

        1 user thanked author for this post.
    • #344272 Reply

      abbodi86
      AskWoody_MVP

      FYI, according to WU metadata Detectoid, Professional, Enterprise and Embeded editions are excluded (with all Server 2008 R2 editions) from getting the update through WU

      it simply check this registry value

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]  
      "EditionID"="Professional"
      

      i actually was testing Win7 Pro VM, volume activated (KMS), and didn’t get the update
      i then changed the above value to “Ultimate”, and got the update 😀

      while this is easy trick to avoid the update, but it’s not advisable to use, because changing EditionID might affect other things or licensing 🙂

      6 users thanked author for this post.
      • #344336 Reply

        woody
        Da Boss

        That’s bizarre…. Pro doesn’t get KB 4493132, but Ultimate DOES?

        I wonder if the folks in charge even know about Ultimate….

        2 users thanked author for this post.
        • #344346 Reply

          abbodi86
          AskWoody_MVP

          That’s because Professional/Enterprise are the only Volume-capable client editions in Windows 7

          actually, even if KB4493132 is manually or accidentally installed on these editions (or Server 2008 R2), SipNotify.exe has built-in checks to not show the notification for certain situations:

          – IsBlockedSku (i guess that’s for Server SKUs)
          – IsVolumeLicensed
          – IsDomainJoined
          – IsKiosk (Embedded editions)
          – IsDontRemindMeRegistryKeySet
          – IsGeofenced

          4 users thanked author for this post.
          • #344394 Reply

            EP
            AskWoody_MVP

            what happens when I run an OEM or retail version of Win7 SP1 Professional?
            will KB4493132 be offered thru windows update?
            I’ll have to check this on my relative’s Dell Inspiron 580 desktop machine running Win7 Pro OEM to find out.

            Edit 3/22: Wow, I just ran WU moments ago and KB4493132 is not being offered on Win7 SP1 Pro OEM on the Dell computer. phew, that machine is safe from the nagware…for now.

            3 users thanked author for this post.
            • #344809 Reply

              woody
              Da Boss

              I haven’t figured out why some machines don’t get the KB offered, why some see it as Optional/Unchecked, and while others see it Important/Checked.

              Can anybody else discern a pattern?

            • #344924 Reply

              DrBonzo
              AskWoody Plus

              I thought it had to do with the “flavor” of Win 7 – starter, Pro, Ultimate, etc.

              I’ve checked 2 Pro machines and neither has been offered the nag patch. It seems that quite a few folks here have reported the same on their Pro machines.

              I’ve checked a Starter machine and the nag patch IS offered to it as unchecked.

              My impression is that the folks here who have reported it as being offered don’t seem to say whether they’ve got Pro, Ultimate or whatever.

              My theory is MS assumes Pro machines go to businesses who presumably have IT support people who will know end of support is nigh, and hence no nag patch. But, someone with Starter is assumed to not know much of anything by MS and will be nagged to death (and possibly worse)

              Maybe someone can prove me wrong or right.

              2 users thanked author for this post.
        • #344597 Reply

          anonymous

          Windows 7 Ultimate is also the most pirated version of Windows 7, simply because it has everything. I honestly don’t know a legitimate use case for Ultimate. Everyone I know who has it pirated it just to have the most complete version.   The laptop I bought on eBay had it. (I didn’t realize the issue at the time, but figured it out later. It now runs Linux.)

          1 user thanked author for this post.
          • #344653 Reply

            ve2mrx
            AskWoody Plus

            I’m one of the few who has a legitimate copy! It is from the Windows 7 launch party. I didn’t pay for it however…

          • #344998 Reply

            anonymous

            Multilanguage support and BitLocker, without the volume licensing hassle of the Enterprise edition.

            Not common at all, but known to exist.

            Also seen on some “premium” high-end package deal PCs made by local builders at the time. Well, multilanguage support is probably more commonly needed around here anyway…

            2 users thanked author for this post.
    • #344333 Reply

      woody
      Da Boss

      See the main post… I’m now getting notes from various people that KB 4493132 now appears as Important and Checked in Windows Update. Poised to getcha.

      2 users thanked author for this post.
      • #344365 Reply

        abbodi86
        AskWoody_MVP

        Still optional to me

        are they sure they don’t have this setting checked?

        2 users thanked author for this post.
      • #344393 Reply

        PKCano
        Da Boss

        Can confirm it is unchecked in the important updates for 32-bit (Home) and 64-bit (Ultimate) hardware installs for me.

        1 user thanked author for this post.
      • #344398 Reply

        geekdom
        AskWoody Plus

        For me, this update has not yet arrived.

        Reading above: Windows 7 Professional doesn’t “acquire” this update.

        Group G{ot backup} TestBeta On hiatus.
        Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall
    • #344350 Reply

      gkarasik
      AskWoody Plus

      FYI, according to WU metadata Detectoid, Professional, Enterprise and Embeded editions are excluded (with all Server 2008 R2 editions) from getting the update through WU it simply check this registry value

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]  
      "EditionID"="Professional"
      

      i actually was testing Win7 Pro VM, volume activated (KMS), and didn’t get the update i then changed the above value to “Ultimate”, and got the update 🙂 while this is easy trick to avoid the update, but it’s not advisable to use, because changing EditionID might affect other things or licensing 🙂

      Thanks very much! This is of course subject to change as we get closer to the actual end date–MS may decide that even professionals need the reminder or that users will act as surrogate nags, calling in panic when they get the nag screen–but it’s nice to know that for now I’m not going to be nagged by this.

      GaryK

    • #344366 Reply

      anonymous

      KB4493132 is not available in the MS update catalog, not that I want it or anything.  Is this by design on their part?

      John in Mtl

      • #344391 Reply

        woody
        Da Boss

        I’m assuming it’s by design.

        (John in Mtl – get an AskWoody account! It’s free.)

    • #344374 Reply

      TsarNikky
      AskWoody Plus

      Regrettably, another instance of where MS does not have our best interests at heart.  Even worse, when users have to resort to “guerrilla warfare” to defend our machines from MS–does the third-party software to prevent the auto-install of Windows-10 come to mind?

      • #344432 Reply

        anonymous

        You may have bought your your machines and it came with Windows pre-installed but that doesn’t mean you own your copy of Windows. Microsoft owns Windows. People lease it.

        Microsoft’s DOES have our best interests at heart. When Win7 reaches EOL it will become increasingly vulnerable to malware. It is their responsibility to tell us. What they have wrong is not the message but the nag.

        2 users thanked author for this post.
        • #344462 Reply

          ve2mrx
          AskWoody Plus

          I am glad they warn people about EOL.
          So much computer stuff goes EOL without users even knowing (routers anyone?).

          A simple nag is good. A full-on GWX behind your back install of Windows 10 after you clicked the red X to close the window is not.

          Don’t forget the AskWoody crowd is different than most users. Most users need to be helped in computer security stuff. They don’t have an IT staff to look out for them.

          Martin

          1 user thanked author for this post.
          • #344616 Reply

            Alex5723
            AskWoody Plus

            Warning Win 7 users about EOL is ok , but recommending the update as “Install this update to resolve issues in Windows..” is NOT ok.

            4 users thanked author for this post.
    • #344446 Reply

      EP
      AskWoody_MVP

      Thanks very much! This is of course subject to change as we get closer to the actual end date–MS may decide that even professionals need the reminder or that users will act as surrogate nags, calling in panic when they get the nag screen–but it’s nice to know that for now I’m not going to be nagged by this.

      that’s assuming the KB4493132 update will get at least a revised V2 version that shows the nags on Win7 Pro edition. so far, those using embedded, enterprise & pro editions (whether oem, retail or VL of Pro) of win7 are exempt from the nagware.

    • #344520 Reply

      anonymous

      At least, Win 7 users get a notice…

      Microsoft just wiped blogs[.]technet[.]microsoft[.]com/serverandtools/ including tens of thousands valuable blogs, posts, and tips & ticks of the last 15+ years without notice.

      • #344527 Reply

        Kirsty
        Da Boss

        A lot of the technet documents have recently been relocated to:
        https://docs.microsoft.com/en-us/previous-versions/windows/

        3 users thanked author for this post.
        • #345141 Reply

          anonymous

          Thanks, but it’s about highly valuable technical posts and blogs from well-known experts (inside and outside of Microsoft), not the utterly useless garbage hosted at docs.microsoft.com.

          1 user thanked author for this post.
          • #345157 Reply

            Kirsty
            Da Boss

            The source of that link was:

            Upcoming changes to technical docs for previous versions of Windows
            By Heather Poulsen | December 15, 2017

            Earlier this year, the Windows content experience team moved all Windows 10 technical documentation from TechNet to docs.microsoft.com.

            The next phase of this project has begun. Starting today, the technical documentation for Windows 8/8.1, Windows 7, and Windows Vista will also be available on docs.microsoft.com. Don’t worry – the information you need to support older versions is still available, and any existing bookmarks will automatically redirect.

             
            You can read the full blogpost here

            2 users thanked author for this post.
    • #344732 Reply

      wavy
      AskWoody Plus

      A lot of the technet documents have recently been relocated to: https://docs.microsoft.com/en-us/previous-versions/windows/

      Is it searchable from a regular windows help page?

      ‘Help’ just seems to be getting more and more helpless,,,,

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #344858 Reply

      abbodi86
      AskWoody_MVP

      I haven’t figured out why some machines don’t get the KB offered, why some see it as Optional/Unchecked, and while others see it Important/Checked.

      Can anybody else discern a pattern?

      For testing purposes, i set WU settings to “Check for updates but let me choose..” and checked “Give recommended updates…”
      as expected, got KB4493132 as important update, unchecked (pending)

      can those reports give more details of their settings? a screenshot maybe? 🙂

      1 user thanked author for this post.
      • #344860 Reply

        abbodi86
        AskWoody_MVP

        BTW, the update have the usual unusual properties 😀

        AutoSelectionMode=1 (AutoSelectIfDownloaded)  
        AutoDownloadMode=2 (AlwaysAutoDownload)

        this comination has been used in the past for some troubled Win7 updates (e.g. KB4091290, KB4340556, and some Monthly Rollups before revision)
        it make the update offering behavior to vary, depending on different Windows Update settings

        the default properties for almost all updates are:
        AutoSelectionMode=0 (LetWindowsUpdateDecide)
        AutoDownloadMode=0 (LetWindowsUpdateDecide)

        however, KB4493132 definetly belong to Updates category (i.e. optional/recommended)

        3 users thanked author for this post.
    • #344882 Reply

      Cybertooth
      AskWoody Plus

      There is now a second thread about KB4493132 in the Microsoft Answers forum for Spain. A user is reporting (and 16 people have indicated they have the same question) that two of his computers experienced error code 80070643 when trying to install KB4493132. The moderator’s instructions for fixing the issue haven’t worked.

       

      1 user thanked author for this post.
    • #344889 Reply

      tonyc035
      AskWoody Plus

      Yes, the update (KB4493132) is showing up in the March update as Important and already checked.  Ironically (and somewhat deceptively) the description states “Install this update to resolve issues …”.  One must click on the “More information” or “Support information” links to see the real reason on MS’s website.

      3 users thanked author for this post.
    • #344896 Reply

      bradam
      AskWoody Plus

      All of the above just more reasons why my Win 7 MSI laptop is soon to become a Linux Mint 19.1 machine. My Acer Aspire Win8.1 will continue to do the heavy lifting.

      Windows 8.1, Linux Mint 19.1, NEVER 10. Group B.

    • #344904 Reply

      anonymous

      I’m not seeing the update at all on my Win 7 Pro machine, even after checking for updates and it does not exist on my machine.  Incompatible hardware?

      I did run SURT about 18 months ago to repair a problem then removed and hid it again after it did the job. Possibly there’s a key in Registry?

      • #345097 Reply

        EP
        AskWoody_MVP

        KB4493132 is NOT being offered thru Windows Update for PRO and ENTERPRISE editions. only HOME (basic, premium) and ULTIMATE editions of win7 will be getting KB4493132

        you are safe

        3 users thanked author for this post.
    • #344910 Reply

      dgreen
      AskWoody Lounger

      I haven’t figured out why some machines don’t get the KB offered, why some see it as Optional/Unchecked, and while others see it Important/Checked. Can anybody else discern a pattern?

      For testing purposes, i set WU settings to “Check for updates but let me choose..” and checked “Give recommended updates…” as expected, got KB4493132 as important update, unchecked (pending)  can those reports give more details of their settings? a screenshot maybe? 🙂

      abbodi86
      My settings are “never check for updates”
      Here’s a snip it of KB4493132  listed as important unchecked.

      ETA: I have no idea where the huge smiley face came from?????

      march-important-updates

      Attachments:
      3 users thanked author for this post.
      • #344959 Reply

        abbodi86
        AskWoody_MVP

        Do you have this setting checked ?

        maybe it differ based on geo location

    • #345098 Reply

      EP
      AskWoody_MVP

      woody

      Born has a new blog on KB4493132:
      https://borncity.com/win/2019/03/25/windows-7-details-about-notification-update-kb4493132/

      1 user thanked author for this post.
      • #345218 Reply

        SteveTree
        AskWoody Lounger

        So Microsoft assumes those who bought Pro and Enterprises already know and understand the end of support deadline but those who didn’t  need endless reminding.

        Works for me✔️

         

        Group A (but Telemetry disabled Tasks and Registry)
        Win 7 64 Pro desktop
        Win 10 64 Home portable

    • #345183 Reply

      dgreen
      AskWoody Lounger

      Do you have this setting checked ? maybe it differ based on geo location

      abbodi86
      Here are my update settings:

      update-settings

      Attachments:
      1 user thanked author for this post.
      • #345271 Reply

        abbodi86
        AskWoody_MVP

        Thanks
        it’s perfectly normal that you get KB4493132 as Important update

        1 user thanked author for this post.
    • #345621 Reply

      EP
      AskWoody_MVP

      oh woody (and abbodi86):

      this recent blog came out about KB4493132 – seems like it got re-released:
      https://borncity.com/win/2019/03/27/windows-7-update-kb4493132-re-released-03-26-2019/

      Edit 3/27: I can confirm that KB4493132 is being offered again on Windows Update after I hid KB4493132 almost a week ago. Born was right about it being re-released.

      5 users thanked author for this post.
      • #345626 Reply

        PKCano
        Da Boss

        Yes, it’s showing up on my Win7 Ultimate as IMPORTANT CHECKED.

        2 users thanked author for this post.
      • #345628 Reply

        abbodi86
        AskWoody_MVP

        http://download.windowsupdate.com/d/msdownload/update/software/updt/2019/03/windows6.1-kb4493132-v2-x64_f1341383b846ea28d8185aca14cf4432a45665e2.msu

        still optional/recommended
        and still not offered for Pro/Enterprise

        but they removed the unusual properties, now it has the default AutoSelection/AutoDownload (LetWindowsUpdateDecide)
        that’s why it will be auto-checked if “Give Recommended updates as important updates” setting ON

        4 users thanked author for this post.
      • #345795 Reply

        Speccy
        AskWoody Lounger

        Following my previous post on this topic a quick, preliminary “sneak peak” into the binary not only confirms abbodi86‘s disclosed findings (here and here) but it also provides additional insight: the IsBlockedSku built-in check appears to be dormant for now (it will only kick in once the metadata.json file is updated with a new BlockedSkus section – which doesn’t exist, yet).

        The initial .cab file (dated Mar 20, 2019) was also re-released (on Mar 22, 2019). Its contents remain mostly the same (including the metadata) but the new cabinet is smaller (69Kb instead of 108Kb) due to a couple of subtle, tiny changes:

        -A slightly different picture for the nag screen (a different, zoomed in laptop, slightly rotated/distorted using a lower resolution – an (un?)intentional “subliminal message” to make Windows 7 look “uglier” when compared to Windows 10?) and

        -A different URL. The initial link

        https://www.microsoft.com/windows/reasons-to-upgrade-to-a-new-windows-10-pc?OCID=win7_app_omc_win

        changed to

        https://www.microsoft.com/windows/windows-7-end-of-life-support-information?OCID=win7_app_omc_win

        meaning that while Windows 7 users were previously redirected to

        https://www.microsoft.com/en-us/windows/windows-7-end-of-life-support-information
        (a land page primarily focusing on the EOL support information)

        they will now be redirected to

        https://www.microsoft.com/en-us/windows?OCID=win7_app_omc_win
        (a land page primarily enticing you to buy a new Windows 10 PC)

        This subtle, but enlightening shift of focus (from presenting EOL support information first, at the top of the page to a page that dives straight into a blatant consumer marketing campaign) raises a few red flags, if you ask me – contradicting PKCano’s optimism (it sure looks like GWX v2.0 is coming up… hopefully I’m wrong). IMHO it is a very good reason to hide, block and ignore KB4493132.

        Regarding the speculation about the weird triggering conditions of the KB4493132 update being offered only to some (apparently, not all) users sharing the same targeted OS editions, similar settings and the same installed patches, RDRguy’s reply was right on the spot:

        “Maybe having the Mar servicing stack update installed triggered being offered KB4493132.”

        Indeed.

        Unfortunately for RDRguy, his decision to go ahead and install the March Servicing Stack Update (SSU) KB4490628 (despite Woody’s MS-DEFCON system advising to wait and hold back while we’re still at MS-DEFCON 2) might have been a really bad idea.

        Back in October, I posted about the KB3177467 (SSUv2) release. Well, it appears that Microsoft “messed up” (?) – big. Again.

        You see, KB4490628 (the 2019 SSUv3 package, digitally signed with and using a build date of February, 2019) is version 6.1.1.2, marked – wrongly – as an “Update” Package (like SSUv1 was) and not – rightfully, as expected – as a “Security Update” Package (like SSUv2 was).

        Meaning, the version numbering increment got messed up again: SSUv1 was v6.1.1.1, SSUv2 was v6.1.2.5 and SSUv3 is now v6.1.1.2!

        Problem #1: Because KB4490628 (SSUv3) is missing the extended package ‘exclusive=”true”‘ metadata tag, it will NOT remove KB3177467 (SSUv2) automatically.

        Thus, if you install KB4490628 (SSUv3) you will mess up your Windows 7 Servicing Stack and end up with both KB4490628 (SSUv3) and KB3177467 (SSUv2) installed.

        Problem #2: Worse, keeping both installed will throw you into a jar of pickles and create a conflicting issue between the two

        C:\>dism /online /get-packages /Format:Table|findstr KB3177467
        Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5
        | Installed | Security Update | 2018/10/10 01:23
        
        C:\>dism /online /get-packages /Format:Table|findstr KB4490628
        Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2
        | Installed | Update | 2019/03/27 01:23
        

        or three (if you kept SSUv1) packages:

        C:\>dism /online /get-packages /Format:Table|findstr KB3177467
        Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.1.1
        | Superseded | Update | 2016/09/22 01:23
        Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5
        | Installed | Security Update | 2018/10/10 01:23
        
        C:\>dism /online /get-packages /Format:Table|findstr KB4490628
        Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2
        | Installed | Update | 2019/03/27 01:23
        

        Now, sit tight and get comfortable (this is tricky – and messy): the KB4493132 “EOL nagging package” is version 6.1.2.2. See where this is coming (and what the side effects might be)?

        The apparently “random offering” of KB4493132 might be related with the installed SSU version(s). There might be dragons. And multiple, unforeseen conflicts coming up.

        Microsoft’s (bad? intentional?) decision to increment version numbering by “rolling back” from SSUv1 up to SSUv3 (OVER SSUv2, which has a HIGHER value than SSUv3!) may very well be messing up the Windows 7 Servicing Stack (again) and creating additional conflicting scenarios.

        Regardless of what you did with SSUv1 after installing SSUv2 (I simply removed it, because I still don’t see any point in keeping a superseded leftover; others preferred to keep it, like GTP did – but it really doesn’t seem to matter, at all), installing SSUv3 “as it is” right now is, IMHO, a bad idea and a risky move. If you happen to do so you WON’T be able to uninstall SSUv2 (since it has a HIGHER version than SSUv3) and you WON’T be able to remove SSUv3 neither!

        Once KB4490628 (SSUv3) is installed, the commands that could be used to remove SSUv3 and SSUv2

        dism /online /remove-package /packagename:Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2
        dism /online /remove-package /packagename:Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5
        

        will both fail miserably with a 0x800f0825 error.

        To revert back the situation you will need to resort to System Restore or a previous image backup.

        Currently, we can only hope for the best (that Microsoft will eventually realize the goof (?) and re-release a new, fixed KB4490628 (SSUv3) update with a proper version number of 6.1.2.6 or above).

        On the other hand (conspiracy theories aside), Microsoft might as well do nothing: intentionally or not, the KB4490628 (SSUv3) might be Redmond’s way to pass the message along, loud and clear: “-Time’s up, R.I.P. (EOL support) Windows 7!”

        Right now, I’m just as clueless as anyone else about what will happen. Fixing KB4490628 (SSUv3) is probably not a top priority to Microsoft. That leaves us (users) with the “choice” (decision) to upgrade, or not, the Servicing Stack (from SSUv2) to SSUv3.

        If we don’t (and we keep relying upon SSUv2), will WU (or, alternatively, the updates downloaded directly from the Microsoft Catalog) continue to work? For how long? 🙁

        5 users thanked author for this post.
        • #345846 Reply

          Cybertooth
          AskWoody Plus

          My head is spinning.

          I take it the bottom line is, avoid installing KB4490628 ?

           

          • #345876 Reply

            abbodi86
            AskWoody_MVP

            No, KB4490628 should be installed ASAP, any new SSU should be installed ASAP

            1 user thanked author for this post.
        • #345877 Reply

          abbodi86
          AskWoody_MVP

          – I get KB4493132 without any update installed, vanilla Win7 SP1 installation

          you are overcomplicate the situation and have wrong info 🙂

          – KB4490628 is separate update from KB3177467, they don’t have any CBS relation or obligated to have inceremental version

          – the exclusive tag has no interest here, KB3177467 v2 cannot be removed except with new KB3177467 v3
          or modifying the package .mum file to remove permanency
          https://forums.mydigitallife.net/posts/1154312/

          – while KB4490628 itself is classified as general Update, Windows Update metadata classify it as Security Update, and what matter most
          but yes, they should have make it seurity update to avoid confusion

          5 users thanked author for this post.
          • #345896 Reply

            woody
            Da Boss

            OK, but any idea why some Win7 folks don’t see 4493132 at all, some get it as Optional unchecked, and some as Important checked?

            • #345907 Reply

              PKCano
              Da Boss

              Could it depend on whether you have “give me recommended the same way I get important” checked or not?

            • #346207 Reply

              OscarCP
              AskWoody Plus

              According to the GBorn article:

              Windows 7: Details about notification update KB4493132

              “Meanwhile it is clear that Microsoft has only distributed this update on consumer machines with Windows 7 Home and Windows 7 Ultimate. On Windows 7 Professional and Windows 7 Enterprise (volume license environments), this update never occurs in Windows Update.  The reason is simple. The update package contains a meta file that contains a query of the key:

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion] “EditionID”=”Professional”]

              If the value Professional appears there, update KB4493132 is not offered. Another ‘switch’ checks the key for the value “Enterprise” (and ServerHomeStandard) and also excludes these clients. In this comment at askwoody.com someone had changed the value of the key in Ultimate on Windows 7 Professional. Then the update was offered.

              As long as Microsoft does not change the metadata description of the update package and releases it as V2, V3 etc., the package will not be offered on Windows 7 for Professional / Enterprise SKUs (volume licensing systems) via Windows Update. Administrators in companies do not have to worry about that.”

               

              Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

              1 user thanked author for this post.
          • #345918 Reply

            Speccy
            AskWoody Lounger

            Hi abbodi86,

            I do realize KB4490628 is a separate update from KB3177467 (not only because the KB numbers are different), but shouldn’t the former be replacing (superseding) the latter?

            And, if so, isn’t the incremental version numbering relevant?

            In which case yes, the exclusive tag DOES have an interest here and yes, installing multiple SSU versions with conflicting version numbers MIGHT be causing undesired side-effects (of which the fact of the KB4493132 “EOL nagging update” not being consistently offered is a minor issue, compared with the potential problems that might arise due to the SSUs conflicting and blocking each other).

            You are totally right in the assumption that, under “normal” circumstances, SSUs are usually safe and should be installed prior to other security and cumulative updates. I also admit having the wrong info: in fact, I already wrote before that I’m NOT an MVP – just another dude here trying to help people – and, therefore, I lack the skills and expertise required to fully grasp the technical complexity and subtle inner details of how XML works (and Microsoft uses it). Therefore, please correct me and help us to better understand and handle this complex subject. I do appreciate reading and learning from the valuable comments and knowledge that you and other MVPs kindly share with us! 🙂

            I am truly sorry for over-complicating things up (I really tried not to…) but, right now, from what I’m able to understand about the inner details of how SSUs work I can not endorse your recommendation to promptly install KB4490628 (SSUv3) ASAP. Instead, I can only recommend people to WAIT and see if Microsoft releases an updated (fixed?) version of the SSU – that will automatically handle and fix what, in my view, is a complete mess.

            Most of our readers should stop reading right now and decide if they should, or should not, install KB4490628 (SSUv3) immediately or, at least, wait until we’re at MS-DEFCON 3: what follows below is not for the faint-hearted.

            You see… I was actually able to create a working, updated version of my Windows 7 system with SSUv3 *ONLY* and SSUv2 removed (my “beta testing” branch). Here’s how:

            cd %WINDIR%\servicing\Packages
            takeown /F Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5.mum /A
            takeown /F Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2.mum /A
            cacls Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5.mum /E /G BUILTIN\Administrators:F
            cacls Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2.mum /E /G BUILTIN\Administrators:F
            notepad Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5.mum
            

            Removed the ‘permanence=”permanent”‘ attribute of the <package> tag, saved the .mum file and exited Notepad. Then,

            notepad Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2.mum
            

            changed the ‘releaseType=”Update”‘ attribute to ‘releaseType=”Security Update”‘, added the

            <mum:packageExtended xmlns:mum="urn:schemas-microsoft-com:asm.v3" exclusive="true"/>
            

            tag right above (before) the closing </package> tag, saved the .mum file and exited Notepad. Finally, I removed SSUv2:

            dism /online /remove-package /packagename:Package_for_KB3177467~31bf3856ad364e35~amd64~~6.1.2.5
            

            and now I’m left with (a properly installed?) SSUv3 *ONLY*:

            C:\>dism /online /get-packages /Format:Table|findstr KB3177467
            
            C:\>dism /online /get-packages /Format:Table|findstr KB4490628
            Package_for_KB4490628~31bf3856ad364e35~amd64~~6.1.1.2
            | Installed | Security Update | 2019/03/27 01:23
            

            Under Control Panel > All Control Panel Items > Programs and Features > Installed Updates, KB4490628 is listed as

            Security Update for Microsoft Windows (KB4490628)

            with no “Uninstall” option (as expected, because it is a permanent update).

            I tried WU: it appears to be working well. I rebooted and tried again: all OK.

            Isn’t that how we should expect KB4490628 to behave like? 🙂

            1 user thanked author for this post.
            • #346016 Reply

              abbodi86
              AskWoody_MVP

              – For separate updates, CBS handle files per assembly component version, update package version does not matter at all

              you can install 10 SSUs, CBS is smart enough to make the latest one with higher components version to be effective

              in this case: KB4490628 v6.1.7601.24383 < KB3177467 v6.1.7601.23505

              – SSUs are always safe, Windows users should accept this fact and stop struggling about to install them or not 😀

              – removing the permanence tag is what made KB3177467 to be removed, editing KB4490628 mum file has no effect here

              separate update package name = no direct relation or effect (SSUs)
              chained update package name = auto supersedence (W10 CUs or W7 Monthly Rollups)

              Regards.

              5 users thanked author for this post.
            • #346143 Reply

              Speccy
              AskWoody Lounger

              -For separate updates, CBS handle files per assembly component version, update package version does not matter at all

              you can install 10 SSUs, CBS is smart enough to make the latest one with higher components version to be effective

              in this case: KB4490628 v6.1.7601.24383 < KB3177467 v6.1.7601.23505

              Thank you!!! Now it suddenly made sense. 🙂

              I just dig into the first “main” .mum (of the “package chain”, let’s put it this way, overlooking the fact that the whole package contains multiple .mum files) and didn’t realize that the “final” Servicing Stack version was both at the end of the “package chain” (in the last .mum) and also in the package contents (in the very own name of the sub-directories!).

              But you meant

              “KB4490628 v6.1.7601.24383 > KB3177467 v6.1.7601.23505″

              right? 🙂

              – SSUs are always safe, Windows users should accept this fact and stop struggling about to install them or not

              He he… Point taken. 🙂 But I was not struggling (or expecting anyone here to go into the lengths I did), just testing. 😉

              – removing the permanence tag is what made KB3177467 to be removed,

              Yes.

              editing KB4490628 mum file has no effect here

              Right. In this case, I simply edited it for “compliance” (and to describe it correctly as a “Security Update”).

              separate update package name = no direct relation or effect (SSUs)
              chained update package name = auto supersedence (W10 CUs or W7 Monthly Rollups)

              I see. That explains why KB4490628 won’t remove KB3177467 (only new, updated releases of a given package – or an updated, different package that embedds that one as one of multiple dependencies [chained updates] – may actually remove it).

              abbodi86, once again: Thank You. I was wrong. I didn’t understand correctly a few important things about the package supersedence model. You posted perfectly: shortly, but enlightening – and generously shared invaluable knowledge (we grasshoppers try to learn something new each day… you taught me a lot, today). 🙂

              2 users thanked author for this post.
            • #346156 Reply

              RDRguy
              AskWoody Lounger

              Speccy …

              So am I still behind the 🎱 by installing SSU v3 ( ref post ) 😬

              I spent last night performing a system restore on my test Win7 Ultimate x64 to see if KB4493132 was still being offered and it no longer was 🍾

              But, by that time, it was almost 5:00 am 🕔 local and per PepsiBoy’s 5:05am post below here, KB4493132 may have already been pulled by MS 👍🏻👍🏻👍🏻

              I’ll have to reinstall SSU v3 to verify 🤞🙏

              By the way, I purchased 5 “Retail” copies of Win7 Ultimate w/SP1 from “NewEgg” just prior to MS pulling it from retail sales channels primarily for the BitLocker feature for my & my families’ laptops. I’ve also got a few retail Win7 & Win8.1 Pro copies active (& few various old TechNet copies installed in mid 2000’s on some very old Gateway systems I no longer use).

              Win8.1 Group B (Pro) [x64]
              Win7 Group B (Ultimate & Pro) [x64 & x86]
              MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
              MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
              RDRguy

            • #346198 Reply

              Cybertooth
              AskWoody Plus

              Off-topic perhaps, but I just have to ask:

              How did you get those emoticons (8-ball, etc.) to show up in your post? The only ones I know how to create on this forum are  🙂  and   😉  .

              Thanks in advance for the info. I’d give you a thumbs-up if I knew how…

               

              2 users thanked author for this post.
            • #346219 Reply

              RDRguy
              AskWoody Lounger

              Well, my lovely 👰🏻 lets 👴🏻 use (play with) her 🔳 (iPad Air 2) when she’s out 🏃‍♀️⛷🚴🏻‍♀️ or 🛒 for 👚👠👜 and it’s got the 😀 typeface on the ⌨️ with hundreds of 🤗🤠🤡👽🤖🐵🐸🐷🎃.

              If you 👀 on the 🌎 wide web, you can also find 🆓 sites that let you 📥 then 📤 hundreds of additional 🍔🍟🥙🌮🍕🌭🍦🍪🍿🧁🥜🥧🍰🍺🍷🍹 into what ever 📑 you’re 📰 & that’s no 🐂 💩 so stop 🐒 ing around & start 🏄🏻‍♂️ the 🥅 for some 🔥💡💡💡 (but watch out for 🐞🕷🦂 or nasty 🦠 or you could  🚬 your 💻 or 🖥 )

              Win8.1 Group B (Pro) [x64]
              Win7 Group B (Ultimate & Pro) [x64 & x86]
              MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
              MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
              RDRguy

              3 users thanked author for this post.
            • #346231 Reply

              anonymous

              That was a confusing 💩

              emojipedia.org is a reasonable starting place.

              Find what you want; click Copy; paste where you want it.

              2 users thanked author for this post.
            • #346281 Reply

              RDRguy
              AskWoody Lounger

              But I wasn’t done yet …

              As the 🔳 was ⤵️ to 1% 🔋 & about to 🔄📴, I 🔌’ed it in to ⚡️🆙. I then took a ☕️ & 🍩 break while sitting on the 🛋 watching a 🕵🏼‍♂️🗡🔍 mystery 🎞 on 📺. Now that I’m fully ⚡️‘ed 🆙, I can continue.

              If your 💻 got 🚬’ed due to a nasty🐞🦠🧫 & it’s now in the 🚽 & you don’t have the 🔧 in your 🧰 to 👨‍🔧 it & you don’t have the 🍞 handy or bring home extra 🥓, you’ll probably end up 🚗’ing (if it’s got ⛽️) to the 🏦 for some 💰 for a 🆕💻. You’ll have to ⚖️ your options but if you have a 👨‍👩‍👧‍👦 & really want to hit the 🎯, you could get an 🍎 for 💰💰💰 or if you got a 🚤 or 🚁, go ahead & get the 🍎🖥 for 💰💰💰💰💰.

              Your 👨‍👩‍👧‍👦 will think you’re 🎅🏻 or an 😇 and your 👰🏻 will 💋 you & bring her 👙 & 💎 on your 🛫 to the 🏖🏝’s in Cabo. Just remember to wear your 😎 & not 🥃 or 🍹 to much especially with 🍱 in the hot 🌞 or it’ll 🥊 your 🧠 like a ton of 🧱 & you’ll be 🌀 & the 🃏 turning 🤢 in the back of the 🚑 being taken to the 🏥 to see the 👨🏽‍⚕️ for some 🔬, a 💉 & some 💊 to prevent 🤮.

              Of course this will only result in more 💸💸💸 coming out of your 💳 at the local 🏧 & you’ll likely trade in your 🚗 for a 🛴 or 🚤 for a 🛶 when you 🛬 back 🏠. So if you find yourself turning 🤢 like a 🐸 or 🥦, eat a 🍌 & take a cold 🚿. Why a 🍌 … because it tastes the same coming ⤴️ as it did going ⤵️.

              Well I’m almost out of ⌛️ so I’ll end this 🧚🏻‍♀️📔 & 🧹 it under the 🛏 & have a 🍺 or 🍻 before I go to the 🚻, grab my 🧸, set the ⏰, blow out the 🕯 & go to 🛌 catching some 💤s.

              Win8.1 Group B (Pro) [x64]
              Win7 Group B (Ultimate & Pro) [x64 & x86]
              MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
              MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
              RDRguy

              2 users thanked author for this post.
            • #346491 Reply

              anonymous

              You can enable the touch keyboard in Windows 10 by right clicking on the task bar, there are emojis to be found. Microsoft’s Character Map (Charmap) program, Segoe UI Emoji has a few.

              1 user thanked author for this post.
            • #346468 Reply

              Speccy
              AskWoody Lounger

              The 8-ball says: “-Read abbodi86’s post.” 🙂
              KB4490628 (SSUv3) is OK but, unless you’re an advanced user (technically skilled) – or you simply don’t mind being an earlier adopter (and play along with whatever comes up) – you’re better off (read: safer) WAITING a few more days until we hit MS-DEFCON 3 or above. 😉

              2 users thanked author for this post.
            • #346516 Reply

              RDRguy
              AskWoody Lounger

              I whole heartedly concur with & follow DEFCON 3 protocol concerning S/W updates.

              Though I don’t consider myself a MS OS expert anywheres near the same caliber as some here, I am comfortable “experimenting” on my Windows dual boot test build system usually about a week or so after MS releases updates. This way I can experience 1st hand if I’ll be adversely affected by installing any of them in my particular & mostly common setup(s).

              Once DEFCON 3 is declared, the rest of my/our working systems are updated as appropriate.

              By the way, unless there’s some compelling security or operational need not to, I try to follow the DEFCON 3 level approach on all S/W updates from everyone everywhere not only from MS.

              I usually give Apple iOS updates about a month or so to stew before I attempt installing them and only via iTunes not the Cloud. This way I can have locally saved iOS backups always available should the need ever arise to restore any of our iOS devices. Same goes for any/all 3rd party S/W I use.

              My philosophy is that, it’s always better & usually much easier to avoid pitfalls (if you can train yourself to become adept at spotting & avoiding them) then it is to work yourself out of any muck that you may have needlessly & foolishly put yourself in. 😀

              Win8.1 Group B (Pro) [x64]
              Win7 Group B (Ultimate & Pro) [x64 & x86]
              MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
              MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
              RDRguy

              1 user thanked author for this post.
    • #345909 Reply

      Pepsiboy
      AskWoody Lounger

      Yes, it’s showing up on my Win7 Ultimate as IMPORTANT CHECKED.

      Well, mine showed up a few days ago as ‘Important’ and UNCHECKED. Yesterday it had changed to ‘Important’ CHECKED. This morning it does not show at all. It did NOT get installed. Has it been pulled?? It does not show up in Windows Update Catalog either.

      Running Win 7 x64 SP1

      Dave

      1 user thanked author for this post.
      • #346509 Reply

        Elly
        AskWoody MVP

        It had showed up in Important, unchecked, for me. I didn’t check again, until today… and it is not showing up for me, anywhere. Double checked… not installed, hidden, checked or unchecked. Missing.

        Win 7 Home, 64 bit, Group B

        1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Windows 10 nag for Windows 7 makes an appearance

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.