Bypass Windows 7 Extended Security Updates Eligibility

Discussion in 'Windows 7' started by abbodi1406, Nov 17, 2019.

  1. meeps715

    meeps715 MDL Novice

    Jun 7, 2023
    15
    36
    0
    Installed KB5055561 (Rollup), KB5056456 (SSU), and KB5055684 (.NET 4) with no issues today, via Windows Update with bypass v13.
     
  2. Sinclair ZX81

    Sinclair ZX81 MDL Novice

    Feb 4, 2023
    48
    182
    0
    Moin @ All!

    My April 2025 ESUpdate experience for Windows 7 Pro / Enterprise SP1 x64 systems:

    "Licensing method": KB4528069 & "new" BypassESU-v13f

    "Installing method": Manual download and installation via Microsoft®Update-Catalog

    KB5055171 (Security and Quality Rollup for .NET Framework 4.8) -> succesfully installed

    KB5056456 (Servicing Stack Update for Windows Server 2008 R2 x64) -> succesfully installed

    KB5055515 (Cumulative Security Update for IE 11 for Windows Server 2008 R2 x64) -> succesfully installed

    KB5055570 (Security Only Quality Update for Windows Server 2008 R2 x64) -> succesfully installed

    The current Security Intelligence Update was downloaded and installed by the auto-update function of MSE.

    @ abbodi1406: Great job & thx for your support!
     
  3. John_3_16

    John_3_16 MDL Senior Member

    Feb 8, 2020
    253
    343
    10
    2025-04 WU alerted to 2nd Tue April updates.

    Downloaded ALL updates. SSU, MonthlySecurityRollup, .NETFrameworkRollup
    Created Restore Point.
    TURNED OFF WU & AV & unneeded programs B4 updating...

    Updated Manually:
    2025-04 SecurityMonthlyQualityRollup WinServer2008R2x64 (KB5055561) DownloadSize: 413.4 MB
    Includes updates for/to IE11 if required...

    Restarted computer.
    Created Restore Point.

    Updated Manually:
    Catalog search "Servicing Stack Update for Windows Server 2008 R2"
    2025-04 Servicing Stack Update WinServer 2008R2x64 (KB5056456)

    Updated Manually;
    2025-04 Security/QualityRollup .NETFramework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8
    WinServer 2008R2x64 (KB5055684) Download size: 44.8 MB
    KB5055684 (Security and Quality Rollup for .NET Framework 4.7, 4.8) Made up of 4 files:
    KB5044011 Already installed on my computer,
    KB4019990 Already installed on my computer,
    KB5055171 Successful/Installed .NET framework 4.8,
    KB5054696 DidNotApply .NET framework 4.0-4.7 not on my computer

    Restarted computer.
    Created Restore Point.

    TURNED WU & AV ON after ALL updates...

    MSE MicrosoftSecurityEssentials continues to maintain own updates outside of WU

    Thanks to the maintainers & all who continue to update & contribute. Time & progress continues to march on...
    +++++++++1+++++++++2+++++++++3+++++++++4+++++++++5+++++++++6+++++++++7+++++++++8+++++++++9
    Apr2ndTueUpdates.JPG
     
  4. RegTheEvil

    RegTheEvil MDL Novice

    Mar 2, 2025
    6
    4
    0
    #8624 RegTheEvil, Apr 9, 2025
    Last edited: Apr 9, 2025
    I installed only updates KB5055561 and KB5056456 successfully from Windows Update and KB5055684 from Windows Update failed to install with error code 643. I also tried intalling KB5055171 manually from Microsoft Update Caralog with error code 0x80070643. I have esu patcher v13f enabled and I have successfully installed KB5050183 .NET framework update earlier from Windows Update. I wonder what I'm doing wrong here. I also successfully installed optional updates KB5055515 and KB5055570 from Microsoft Update Catalog. I tried repairing .NET framework 4.8 but that didn't fix my update issue with .NET framework 4.8. Lastly I tried to install KB5055171 in safe mode and got this error instead: Installation failed with error code: (0x80070641), "The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance. " Maybe this update cannot be installed in safe mode? The OS I'm running is Windows 7 Ultimate x64.

    EDIT: Additionally to all the above I also removed .NET 4 ESU Bypass and from BypassESU-v13f's LiveOS-Setup.cmd settings and, then rebooted and then re-enabled .NET 4 ESU Bypass from settings again and then rebooted. Finally I was able to successfully install KB5055684. I wonder why I had to re-enable .NET 4 ESU Bypass but whatever and cheers! =)
     
  5. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream
    Staff Member

    Dec 21, 2012
    8,076
    10,298
    270
    You should enable the .NET 4.8 bypass only when actually installing the .NET update and disable it again after the reboot. It is known to have certain side-effects on other MSI packages.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. RegTheEvil

    RegTheEvil MDL Novice

    Mar 2, 2025
    6
    4
    0
    Thanks for the tip! I definitely didn't know that.
     
  7. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream
    Staff Member

    Dec 21, 2012
    8,076
    10,298
    270
    Means you had or still have IIS enabled.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. ryegrass

    ryegrass MDL Member

    Oct 9, 2019
    102
    146
    10
    Interesting, it's never been on my machine, and according to the article it hasn't been on a number of other user's computers either.

    inetpub s.jpg
     
  9. ryegrass

    ryegrass MDL Member

    Oct 9, 2019
    102
    146
    10
    Thanks, I should have googled it first, but I'm one of those people who thinks anything Microsoft does anymore has some nefarious purpose.
     
  10. kkhww

    kkhww MDL Member

    Mar 15, 2021
    199
    241
    10
    It's added by this .manifest file.
    Snipaste_2025-04-11_13-04-34.png
     
  11. Tony Popovic

    Tony Popovic MDL Novice

    Jan 14, 2020
    21
    31
    0
    The folder should not be deleted. (So it can, but should not). Microsoft itself describes it like this: “An authenticated attacker who successfully exploits this vulnerability gains the ability to execute and/or manipulate file management operations on the victim machine in the context of the NT account AUTHORITY\SYSTEM. After installing the updates listed in the overview of security updates for your operating system, a new folder %systemdrive%\inetpub will be created on your device. This folder should not be deleted, regardless of whether Internet Information Services (IIS) is active on the target device. This behavior is part of the changes that increase protection and does not require any action from IT administrators and end users." So, if the folder is there, just leave it there.
     
  12. Kirklang

    Kirklang MDL Novice

    Dec 9, 2019
    29
    18
    0
    #8636 Kirklang, Apr 11, 2025
    Last edited: Apr 11, 2025
    Hi, I removed .NET 4 ESU Bypass and from BypassESU-v13f's LiveOS-Setup.cmd settings and, then, rebooted and then re-enabled .NET 4 ESU Bypass from settings again and then rebooted again. For 3-4 times. I was not able to install KB5055171 because, very simply, .NET 4 ESU Bypass doesn't work on my 3 Windows 7 Pro.
    I had to install KB5055171 manually as it has always been happening for several months with the .NET 4 updates.
    At the contrary, no problem with KB5055561 and KB5056456.
    I don't understand...
     
  13. CaptainSpeleo

    CaptainSpeleo MDL Expert

    May 24, 2020
    1,036
    772
    60
    Capture.JPG

    Kirklang:
    You need to place the new NET Framework 4.8 update inside the same folder as the dotNetFx4_ESU_Installer_v4 tool, then run its command(.cmd) script as Administrator.
    After the 2 - 3 minute install process is over, press any key to exit the tool.
     
  14. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    18,610
    100,025
    340
    Installed KB5055171 manually using dotNetFx4_ESU_Installer or without it?

    both .NET 4 ESU Bypass dotNetFx4_ESU_Installer use the same DLL hook file
    maybe your AV removes the DLL or registry key after a while, so the bypass fails
    whereas dotNetFx4_ESU_Installer uses the file/registry on-fly during installation
     
  15. Kirklang

    Kirklang MDL Novice

    Dec 9, 2019
    29
    18
    0
    #8639 Kirklang, Apr 14, 2025
    Last edited: Apr 14, 2025
    Thanks a lot for your answer.
    In the previous months, I used dotNetFx4_ESU_Installer, but I did a test and I realized that I could install KB5055171 as a matter of fact without dotNetFx4_ESU_Installer, too.
    But always and only manually, because BypassESU-v13f can't "see" the .Net update via Windows Update.
     
  16. Kirklang

    Kirklang MDL Novice

    Dec 9, 2019
    29
    18
    0
    Thank you, but I already know that.
    I can install NET Framework 4.8 update (only manually...) with dotNetFx4_ESU_Installer_v4 tool and also without that, indifferently...