I also now have 3 failed attempts to install the .Net update on my x64 machines, but on an old x86 laptop that I have the .Net update installed perfectly on first attempt while installing today's other ESU's from WU.
WHAAAAAT????? Would you please show the world?!? (Hit the "Print Screen" button on your keyboard to take an instant screenshot. And then Ctrl+V to paste here in forum)
I forgot I do have WES7 x86 (Windows Embedded Standard 7 x86) on here which is still in regular extended support for 2 more yrs.
The weird thing is there's no actual difference between update 399 for WES7 and the 399 for regular W7. It's just a matter of identifying markers. But now this makes it harder to know if it is WES7 vs. regular W7, or a completely architectural error (x86 vs. x64)
Windows 7 include .NET 3.5, but NET 4.x is optional on Windows 7. if you have never install .NET 4.x, (you have .NET 3.5 only), KB4556399 probably success. KB4556399 = KB4552940(for .NET 3.5.1) + KB4552920(for .NET4.5) + KB4552919(for .NET4.7) + KB4552921(for .NET4.8). case 1 : pure Windows 7 SP1 : KB4552940 probably success case 2 : Windows 7 SP1 + .NET4.5 : KB4552940 success + KB4552920 unknown case 3 : Windows 7 SP1 + .NET4.6 : KB4552940 success + KB45529?? unknown case 4 : Windows 7 SP1 + .NET4.7 : KB4552940 success + KB4552919 unknown case 5 : Windows 7 SP1 + .NET4.8 : KB4552940 success + KB4552921 fail
So got Error 0x643 (0x0000643 = 1603 in decimal) with the .NET Quality Monthly May Update. All others updates worked. May SSU, Win 7 Ult x64 in a VM using ESU bypass v6. It looks like there is a program module included within this patch that checks for ESU validity and it does not use the same methods or DLLs as the Windows Modules Installer (SSU/Windows Update). Technical Detail/Logs: Downloaded and installed ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8.exe from MIcrosoft's update catalog site and it failed. Shows a log file and choosing verbose allows us to see the MSI installer log. Code: NDP48-KB4552921.msp is now available to install Creating new Performer for Patches item Action: Performing Install on MSP: C:\208869aa11e5906430\NDP48-KB4552921.msp targetting Product: Microsoft .NET Framework 4.8 Successfully called MsiEnableLog with log file set to C:\Users\Admin\AppData\Local\Temp\KB4552921_20200513_004819657-Microsoft .NET Framework 4.8-MSP0.txt about to call MsiInstallProduct with PATCH="C:\208869aa11e5906430\NDP48-KB4552921.msp" on product {16735AF7-1D8D-3681-94A5-C578A61EC832}(C:\Windows\Installer\2a748c.msi) to install patches. Patch (C:\208869aa11e5906430\NDP48-KB4552921.msp) Install failed on product (Microsoft .NET Framework 4.8). Msi Log: MSI returned 0x643 Viewing this log file there is a custom action where the ESU license is validated (and fails) [Log truncated for viewing]. Code: Action start 0:48:24: ValidateProductID. MSI (s) (F0:3C) [00:48:24:695]: Doing action: CA_ESUValidate_amd64 MSI (s) (F0:3C) [00:48:24:695]: Note: 1: 2205 2: 3: ActionText Action ended 0:48:24: ValidateProductID. Return value 1. MSI (s) (F0:F0) [00:48:24:711]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI81F1.tmp, Entrypoint: ValidateESULicense MSI (s) (F0:54) [00:48:24:711]: Generating random cookie. MSI (s) (F0:54) [00:48:24:711]: Created Custom Action Server with PID 4952 (0x1358). MSI (s) (F0:E0) [00:48:24:742]: Running as a service. MSI (s) (F0:E0) [00:48:24:742]: Hello, I'm your 64bit Impersonated custom action server. Action start 0:48:24: CA_ESUValidate_amd64. 05/13/20 00:48:24 DDSet_Entry: ValidateESULicense Started - Verifying a valid and active ESU License exists. 05/13/20 00:48:24 DDSet_Status: ESU_FLAG='16ADEA8D-E1F0-4F61-AA2F-DDC9169C6720' 05/13/20 00:48:24 DDSet_Status: ESU_LOCK='FD9A8176-AB28-415E-87E0-46A9B9EA791E' 05/13/20 00:48:24 DDSet_Status: OS Detected 'Windows 7 SP1' 05/13/20 00:48:24 DDSet_Status: ProductInfo 1 05/13/20 00:48:24 DDSet_Entry: Entering IsSecurityUpdateAllowed 05/13/20 00:48:24 DDSet_Warning: No ESU License found. Performing IsAzureVM check. 05/13/20 00:48:30 DDSet_Exit: Exiting IsSecurityUpdateAllowed. HR=-2147012894 05/13/20 00:48:30 DDSet_Exit: ValidateESULicense Ended. HR=-2147012894 CustomAction CA_ESUValidate_amd64 returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox) Action ended 0:48:30: CA_ESUValidate_amd64. Return value 3. Action ended 0:48:30: INSTALL. Return value 3.
and what is with : ndp48-kb4552921-x64_6912af0422fc16a14f4f398fda98117f1e2f01b8 ndp48-kb4552953-x64_251d9ac6b7e872dabe6d772f5925876ac5232db3 ???
BTW, what z hell are some new text files now available for download from WU catalogue for KB4552921 as 31703098_16e5dce98c3f65f56bf0f6570b11418e5a80b6a9.cab for win7 & 31703102_2e6fe745382be5e0f620ee4c559a07aaaeefa3b8.cab for embedded standard 7 ?
Anybody tried to install just the Security Only Update for .NET? KB4552965 for .NET Framework 3.5.1 KB4552952 for .NET Framework 4.5.2 KB4552951 for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 KB4552953 for .NET Framework 4.8 For .NET 4.5 and above you can check the version you have looking at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full
I just wanted to show that my WES7 x64 VM (which has 17 more months of regular support left) was able to install the May .Net update, from WU, with no problem.
Well then for the sake of the public, help us find a way to beat this travesty and exploit the same flaw in Windows XP updates with Windows 7! If we can temporarily make W7 PCs think they're WES or WEPOS embedded systems, there's still a chance we can get these odd restricted updates. That was my speculation from the very beginning, and the potential still stands. Like I said in my earlier reply to you, it's likely only a matter of system identity.