Bypass Windows 7 Extended Security Updates Eligibility

Discussion in 'Windows 7' started by abbodi1406, Nov 17, 2019.

  1. Seven4ever

    Seven4ever MDL Member

    May 16, 2023
    124
    51
    10
    I have unistalled WU ESU patcher (it was v11) and installed V12 for W7 embedded.
    With it, I got and installed :
    kb4054095 from 10/24
    kb5044356 from 10/24
    kb5039339 from 06/24
    Then I have donwloaded and installed V13f, over V12, select updates for 2008 server R2 and finally got and installed :
    kb5048695 from 12/24 and older ones I have masked.
    Thanks for the tool ;)
     
  2. SEBA33

    SEBA33 MDL Member

    Oct 28, 2024
    137
    25
    10
    Me try again vmware + turned integrated memory + paravirtualize SCSI with driver + Virtualize IOMMU if still will be BSODS by turned vbs in Windows host. I hope finally will work. But... If it install automatically WHP when install vmware, so it use that function for something. So then why BSODS in VMs after few moments on VMWare?
     
  3. Mivas

    Mivas MDL Novice

    Dec 14, 2019
    33
    3
    0
    Thank you again to the developers of the all in one ESU patches! I installed the 13th version and was able to install both November and December security only updates without issue. Browsers are fine after installation of both updates (Waterfox Classic, Edge chromium and latest Chrome). I also installed latest IE11 rollup, NET 3.5.1 and 4.8 (removed the NET patch afterwards).

    Unfortunately, I couldn't install NET 4.7.x update (from October, already with old patch, then with new, then with standalone NET 4 patch), it always showed error before installation. Not a big deal probably, but in case any breach occurs in these components, I would like to get this update as well. Any ideas? Do I need any other perquisite for 4.7.x?
     
  4. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    17,810
    94,911
    340
    NET 4.7.x update is not needed (and should not be installed) if you have NET 4.8
     
  5. Mivas

    Mivas MDL Novice

    Dec 14, 2019
    33
    3
    0
    Thank you very much!! I was mostly concerned about security, but if the 3.5.1 and 4.8 NET updates are more than enough, then I am also more than happy! Many thanks again!!!
     
  6. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream
    Staff Member

    Dec 21, 2012
    7,408
    9,121
    240
    4.8 completely supersedes 4.7 (actually every .NET 4.0 or higher).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. z00ps00p

    z00ps00p MDL Novice

    Feb 13, 2008
    28
    3
    0
    #8487 z00ps00p, Jan 8, 2025
    Last edited: Jan 8, 2025
    BSOD after installing KB5048695, stop error 0x7B (which is INACCESSIBLE_BOOT_DEVICE). I'm running this in QEMU/KVM (machine type "q35") in UEFI mode with an OVMF + CSM firmware (since Windows 7 x64 struggles to show STOP errors without CSM, it needs real mode int 0x10 services). I had to roll back the pending changes using a Windows 10 ISO's recovery environment (Windows 7 recovery environment's dism command doesn't have this feature):

    dism /image:C:\ /cleanup-image /RevertPendingActions

    after which Windows 7 boots back up and reverts the update.

    This is repeatable. I've done it twice now. I'm going to try the Windows Embedded 7 updates first to see if those work.

    Edit: Same deal with Embedded 7 updates. Startup Repair kicked in and rolled back the updates for Embedded 7, and then Windows Update stopped working (0x80073712) so I had to revert to the System Restore point before the update install, which finally fixed things. I'm guessing some ESU along the way prevents Windows from booting in this virtual environment somehow. Maybe it's because I used UpdatePack7R2 23.3.15 way back?
     
  8. NewEraCracker

    NewEraCracker MDL Senior Member

    Apr 19, 2011
    291
    447
    10
    #8488 NewEraCracker, Jan 8, 2025
    Last edited: Jan 8, 2025
    It should not matter what you used way back. If the machines used to boot in the past, but no longer do, it is obviously some update along the way that caused it (remember the rollups are cumulative). It is not the first time Windows struggles with KVM.

    I'd give a shot to the Oct 2024 rollup: https://forums.mydigitallife.net/threads/windows-7-hotfix-repository.19461/page-559#post-1855863 and see if it works with that.

    Thanks for letting the community know.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. NewEraCracker

    NewEraCracker MDL Senior Member

    Apr 19, 2011
    291
    447
    10
    On a second thought this may be connected with:
    borncity.com/win/2024/08/21/windows-august-2024-update-paralyzes-linux-boot/

    And here a workaround is listed:
    borncity.com/win/2024/08/22/microsoft-responds-to-linux-boot-bricked-by-windows-august-2024-update/

    Prevent further SBAT installation:
    To prevent another SBAT disaster caused by the update installations, Microsoft has revealed a special trick. Under Windows, the following command should make an entry in the registry:

    Code:
    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD
    The DWORD value OptOut=1 under SBAT prevents Windows Update from manipulating the relevant SBAT settings on the relevant systems in future.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. velmistrYoda

    velmistrYoda MDL Novice

    Jun 7, 2013
    8
    5
    0
    Hi, I am sorry if this is a repetitive question but I haven't found and answer here. I would like to update to Win 10 (I know that clean installation would be better but I prefer an update). Can I uninstall the bypass and simply proceed with update from the MS website? Or, do I need to install some missing updates first? Thank you very much
     
  11. John_3_16

    John_3_16 MDL Member

    Feb 8, 2020
    188
    253
    10
  12. velmistrYoda

    velmistrYoda MDL Novice

    Jun 7, 2013
    8
    5
    0
    Thank you very much for your reply. I have done updates from Win7 to Win10 in the past without any problem (with backup always in hand). However, the upgraded systems at that time did not have any bypass installed. Therefore, the aim of my question was to find out whether Win7 BypassESU causes problems to the upgrade process, and, possibly, how to avoid them.
     
  13. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream
    Staff Member

    Dec 21, 2012
    7,408
    9,121
    240
    Upgrade should still be possible (maybe to an older version of 10 first), however, it does not grant you a free license anymore. That ship has sailed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. SEBA33

    SEBA33 MDL Member

    Oct 28, 2024
    137
    25
    10
    Article from 3 weeks ago tell, Windows 7 can have normally Esus to 2026 and will not need use to that server 2008 R2. Someone know? Will be version bypass after that changes? As Esus Windows 7. Well still Windows 7 have much fans and Microsoft need make something. xD
     
  15. John_3_16

    John_3_16 MDL Member

    Feb 8, 2020
    188
    253
    10
  16. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream
    Staff Member

    Dec 21, 2012
    7,408
    9,121
    240
    It was the time when MS added three more ESU years to the licensing system (year 4,5 and 6). This sparked wild rumors, but in the end, only Server 2008 R2 still gets updates, and 32 bit is already dead.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. z00ps00p

    z00ps00p MDL Novice

    Feb 13, 2008
    28
    3
    0
    #8497 z00ps00p, Jan 11, 2025
    Last edited: Jan 11, 2025
    I ended up using the original Windows 7 SP1 ISO with NTLite to slipstream in the non-ESU updates and used BypassESU to bypass eligibility right in the WIM. A fresh install has allowed me to install the latest cumulative ESUs for both Windows Server 2008 SP1 and .NET Framework and still be able to boot up afterwards (i.e. problem is solved). So something must have been broken with the previous install. (This is just a VM I used briefly for another purpose so I was happy to blow away its virtual drive and create a new one.)

    SBAT was unlikely to be the issue given this is a virtual machine with single-boot Windows 7. (It has impacted my ability to boot Linux live USB on other, physical machines running Windows 11, but I found out about the SBAT update and turned on the opt-out at the time.)

    Code:
    C:\Windows\system32>dism /online /get-packages 2>&1 | findstr /i "kb50"
    Package Identity : Package_for_KB5010798~31bf3856ad364e35~amd64~~6.1.1.2
    Package Identity : Package_for_KB5013637~31bf3856ad364e35~amd64~~6.1.1.2
    Package Identity : Package_for_KB5016892~31bf3856ad364e35~amd64~~6.1.1.14
    Package Identity : Package_for_KB5017397~31bf3856ad364e35~amd64~~6.1.1.0
    Package Identity : Package_for_KB5020861~31bf3856ad364e35~amd64~~6.1.1.1
    Package Identity : Package_for_KB5032383~31bf3856ad364e35~amd64~~6.1.1.2
    Package Identity : Package_for_KB5034865~31bf3856ad364e35~amd64~~6.1.1.0
    Package Identity : Package_for_KB5039339~31bf3856ad364e35~amd64~~6.1.1.0
    Package Identity : Package_for_KB5044011~31bf3856ad364e35~amd64~~6.1.1.1
     
  18. Jay K

    Jay K MDL Novice

    Jan 22, 2020
    6
    2
    0
    Hello fellow 7 lovers. Just wondering if these updates will work later in 25. I got the Oct rollup. I really hate windows 11 with a passion.
     
  19. John_3_16

    John_3_16 MDL Member

    Feb 8, 2020
    188
    253
    10
    #8499 John_3_16, Jan 14, 2025
    Last edited: Jan 14, 2025
    Many of us are up to date with Dec 2024 updates & waiting for Jan 2025 2nd Tue patches. We are expecting to be good through Jan 2026 with 2008 R2 Server security updates applied to our Win7 machines. One month at a time. We skipped over Nov 2024 updates due to serious BUGS.

    Revisit comment #1 https://forums.mydigitallife.net/th...-extended-security-updates-eligibility.80606/ to update to File: BypassESU-v13f.7z if you have not already done so. Full instructions, warnings & explanations in comment #1 as usual.
     
  20. vikingsmb

    vikingsmb MDL Novice

    Nov 17, 2024
    13
    17
    0
    there is a problem installing the new update,
    as just tried it, it is asking for a new modular installer but system is up to date?
    any thoughts please?