IE11 started experiencing these exact trouble symptoms during the original W7 ESU in July 2021. The same thing happened with Windows 8.1's IE11, yet MS managed to get that version working again for a while in March 2022 but not the Windows 7 version. The blame for it is on Microsoft. I never installed MS Edge on either OS machine too (their October 2021 Cumulative Update "Enterprise Mode Site List To MS Edge Redirection Fix" did nothing for W7 IE11.) Your method to get it running again was appreciated. I, instead went to Control Panel => Internet Options => In General Tab, press the Delete button in the 'Browsing history' section (all ticks in all the boxes when in the next options window, press 'Delete' button.) I gave it a try with 'Start InPrivate Browsing' and it opened on this occasion without breaking. So the current IE11 version from KB5022835 may be alive (also with an "Install new versions automatically" option when you select Help => About Internet Explorer.) Check which Add-Ons it still uses (Select Tools => Manage add-ons => DISABLE possibly unsupported or security vulnerable ones like Adobe Shockwave Object, JAVA Plug-In (2) SSV Helper.) You can use HTTPS Everywhere v0.0.0.1 by Zscaler in W7 IE11.
What a shame you must are for all for us. If you are a decent person you can let us know your summonable address that we can indict you if we have problems with your microsoft fake malware spy certificate driver.
Im a bit out of loop here after 01/2023 than M$ stoped ESU windows 7 updates how can we still update the OS? Should I revert to Embended workaround?
Alrght. First attempt with v9-AIO didn't work out well. Removed it again. So just to have it clear: 1. To try with v12 I start by installing recommended updates 2. In several posts I read that I have to manually install monthly updates before ESU can 'take over' - is this correct? 3. Do I then remove the .NET Framework for later re-install? 4. Do I then install v12 and let it do it's magic? Or maybe use WHDownloader to manually update the system?
1) RE: 4) You really need this new version of BypassESU for the recent ESU security updates that started from 2023-02 (February 2023). I would recommend BypassESU v11 for the original ESU 3-year support era (from 2020-02 to 2023-01), though in practice I used BypassESU v6 (2020-[02-04]), v7 (2020-[05-08]), v9 (2020-[09-12]) and v11 (2021-01 - 2023-01). 2) RE: 2) Yes, it would be wiser to have your PC at the rightful stage to install the final Security Monthly Quality Rollup from 2020-01 before installing any BypassESU for installing the original ESU 3-year security updates. If you need a general list of pre-ESU security updates, take a look at this article # 11007 on this other forum (Windows 7 Hotfix Repository) for answers: https://forums.mydigitallife.net/threads/windows-7-hotfix-repository.19461/page-551 3) RE: 3) It's an ambiguous question, except with respects to BypassESU there has been a .NET Framework v4.x Bypass included since BypassESU v7 (May 2020). During the course of ESU, whenever there are updates that won't install it is recommended to remove the .NET Framework v4.x Bypass temporarily. Then try installing your security updates, and when all successful, you can run the BypassESU setup again and re-install that .NET Framework v4.x Bypass component. 4) RE: 1) If you're using an x64 version of Windows 7, you may discover that you are also being offered Windows Server 2008 R2 security updates. For now, try getting your PC up to date with updating to 2023-01 before concerning yourself about these recommended updates.
Thanks a LOT for the thorough explanations - I wasn't aware that you should keep using/adding/installing the newest version of BypassESU, had just thought that it was like a fix that would keep working. Will definitely go through the hotfixes, have grabbed some already before these questions but I see it make sense to have fixes/updates as early as possible before trying to add never ones.
I did a fresh build from a captured wim which included the latest embedded updates thru April. I forgot to run the LiveOS-Setup.cmd before the capture so I did it via the Wim-Integration.cmd. The install went fine, but my Dism packages.txt doesn't look right. I'm also getting 7 embedded updates offered after running Add_wsus-and-Reset_DataStore.cmd and checking for updates. This may well be related to to what is refected in the messed up packages.txt. I'm not sure at what point this happened or why. Also, the listed updates all look like they are superseded. Anyone have an idea how this can be repaired? Spoiler Code: 2020-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 for x64 (KB4579977) superseded Cumulative Security Update for Internet Explorer 11 for Windows Embedded Standard 7 for x64-based Systems (KB3185319) 7 package entries Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2676562) 7 package entries Security Update for Windows Embedded Standard 7 for x64-based Systems (KB2813347) 8 package entriess Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3076949) 5 package entries Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3124280) 5 package entries Update for Windows Embedded Standard 7 for x64-based Systems (KB2533552) 2 package entries
Remove / Re-add the updates so the Dism packages issue only occur after using Wim-Integration.cmd? or even without it?
I did try removal, but got access denied so I think the problem was caused by me. For some reason after applying the wim and verifying with WU, I ended up with WU offering a bunch of old updates. Normally I have WU set to inform only, but when I quit for the evening the system started installing updates during shutdown and I immediately killed it, which most likely corrupted something. The system booted fine the next day and I thought all was fine. Anyway, the Wim-Integration.cmd works as advertised because I did not have any package problems this time around after reapplying the same image, but I am still being offered old updates and they are all superseded. My previous build with all updates through Dec gave me a clean WU. Basically the packages between the Dec. and Apr. builds are the same except for LCU and .NET CU. Are the old updates being offered related to the ESU Suppressor when integrating embedded updates into the image? Spoiler Edit: I do see another problem though. I don't recall this being there when I checked the final sysprep before doing the wimlib capture and running Wim-Integration.cmd. Code: Checking Component Store (f) CSI Manifest and S256H Do Not Match 0x00000000 winsxs\Manifests\amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a.manifest amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a Summary: Seconds executed: 262 Found 1 errors CSI Manifest and S256H Do Not Match Total count: 1 Unavailable repair files: winsxs\manifests\amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a.manifest Code: [SR] Cannot verify component files for Microsoft-Windows-SLC-Component-ExtendedSecurityUpdatesAI, Version = 6.3.9603.30600, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (TRUE)
If you're worried about OS corruption, take a look at response #7311 (from the link listed below) and perform a little maintenance on your hard disk OS. Just don't be online when you don't need to during some of the processes listed. https://forums.mydigitallife.net/th...dates-eligibility.80606/page-366#post-1784697 Be mindful to check your Power Settings in the Control Panel, that you don't have your computer set to either sleep or hibernate for at least 2 hours. Take care of this first before continuing with re-installs of "repeat updates" - do the "sfc /scannow" in a Command Prompt window opened as "Run As Administrator". Try this before making use of the System Update Readiness Tool for repairing misconfigurations. Then re-install the components listed below in their listed order. I'll quote you something from response #7335 when you're installing security updates on Windows, for your own conditioning: "As a helpful monitoring of this process, open the Windows Task Manager (CTRL+ALT+DEL once, then select the very bottom option "Start Task Manager") => Press the "Show processes from all users" button. As you observe on the Task Manager, you will see the process "TrustedInstaller.exe" use up the CPU resources constantly. This may continue for 10-15 minutes until the "System Idle Process" task has CPU resources again at a constant 99%. You can safely restart your PC system now (all necessary pre-restart configurations have been completed). You may observe the restart process for your own leisure. The configurations should proceed into restarting. Once the pre-logon wallpaper appears the post-installation configurations may continue until achieving 100%. Even after the desktop reloads, you still best wait until the post-installation configurations complete another 10-15 minutes (you may reopen the Windows Task Manager to monitor this progress). It is important that you let Windows complete this process, as a misconfigured OS can occur when impatience is a factor (it will cost you time later to repair these instabilities)." Ok, well (here we go)... For starters, if you've chosen to not be networked with any Windows 10 computers, you won't need the KB3118401 update. Choose to Hide it before continuing. Get these original Windows 7 updates and security updates installed before concerning yourself about the .NET Frameworks ones. Some of these updates I experienced getting requested once after installing the very last Monthly Quality Rollup Preview (KB4539061) from February 2020: Critical Update (KB2676562) - Hacker Compromise - May 12 Security Update (KB3123479) - MS Root Certificate SHA-1 Hashing Algorithm Patch - January 16 It happens sometimes, that a recent Security Monthly Quality Rollup in a Windows OS supported series (eg. Windows 7 ESU) will change one or more components to an extent that the original updates/hotfixes for those components need to be re-installed. Critical Update (KB2813347) - Remote Desktop Client v6-1, v7-0 and v7-1 Hacker Compromise - April 13 The changes from installing Security Monthly Quality Rollup KB5017361 from 2023-02 (February 2023) may have affected these components: Update (KB2846960) - (Windows/IE10) Explorer Resource Error With SharePoint Document Library Hotfix - September 13 Security Update (KB3076949) - WebDAV SSL v2-0 Security Feature Bypass (Info Disclosure) Patch - August 15 Security Update x64 (KB3124280) - WebDAV EOP Vulnerability Patch - February 16 (It's clear to me that you're running a 64-bit version of Windows 7). (Which Cumulative Security Update for Windows 7 was your Windows Update client requesting..? Was it this one?) Cumulative Security Update (KB3185319) - IE11 FINAL Update - September 16 Cumulative Security Update (KB4507434) - Update (Supersedes ALL) - July 19 Cumulative Security Update (KB4534251) - IE11 Security Vulnerabilities Resolution FINAL - January 20 Okay, now the .NET Framework updates... .NET v3.5.1: (The file sizes fit the WU request) Security & Quality Rollup (KB5013637) - NET v3-5-1 Framework DoS Patch + APIs Crash Fix - May 22 (Included in 2022-10 KB5018547 .NET Frameworks Rollup Bundle) Security & Quality Rollup (KB5020861) - NET v3-5-1 Restricted Mode XPS File Parsing RCE Patch - December 22 Good luck.
No, not worried. In the past for me, any time WU offered superseded updates after a clean install it was caused by incorrect meta data supplied by Msoft. Some superseded updates had to be kept to satisfy WU which I don't think is the case here. I'm still looking into this and I edited my post above. I hope abbodi1406 can help me resolve this.
So what's the issue exactly? WU offer old updates? or re-offer installed updates? did you use latest fixed BypassESU-v12_u.7z?
A lot of superseded updates offered and the manifest issue. I'll check on the v12 that was used. If I did not use the 12_u version, Do I just remove and then add again?
[QUOTE=" Edit: I do see another problem though. I don't recall this being there when I checked the final sysprep before doing the wimlib capture and running Wim-Integration.cmd. Code: Checking Component Store (f) CSI Manifest and S256H Do Not Match 0x00000000 winsxs\Manifests\amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a.manifest amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a Summary: Seconds executed: 262 Found 1 errors CSI Manifest and S256H Do Not Match Total count: 1 Unavailable repair files: winsxs\manifests\amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a.manifest Code: [SR] Cannot verify component files for Microsoft-Windows-SLC-Component-ExtendedSecurityUpdatesAI, Version = 6.3.9603.30600, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (TRUE) [/QUOTE] The .manifest file reported as "Unavailable repair files" is located in the "bin" folder in either of the BypassESU-v12 setup folder, or the BypassESU-v12_u setup folder (you can't miss it, it's right at the top.) You've already attempted to copy this .manifest file into the C:\Windows\winsxs\manifests\ folder, right? (You may need a third party program with Administrator privileges to assist you in this, as this folder is protected from tampering with.I can't say whether PowerRun may get you success there.) amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.3.9603.30600_none_6022b34506a8b67a.manifest Then you may try again to uninstall the BypassESU, and then re-install it later. You also attempted to re-install some of those superseded updates, or none of them (with half of them requested, their original installations became corrupted or misconfigured after installing the February 2023 Security Monthly Quality Rollup)? With superseded updates, sometimes it is necessary to have a record of installing that original update in the Windows Update History, or to still pertain its installation files in the System Update cache. I say simply re-install them (if Windows Update won't help you download and install those components, go to the Microsoft Update Catalog and download the .MSU file packages for installing individually by referencing their KB numbers in the Search bar.) Else, you will need to correct a possible installer or Windows Update corruption in your DataStore records with the System Update Readiness Tool.