Home
-
Windows 8.1 and Windows Server 2012 R2 ESU Analysis
The original Windows 7 ESU Analysis can be found here. With the ending of support for Windows 8.1 and Server 2012 R2 in 2023, additional research was conducted to see if similar techniques would work for these operating systems as well. It was determined that both Windows 8.1 and Windows Server 2012 R2 can be fully patched past the supported period.
-
Windows 7 ESU Analysis Updates
The original Windows 7 ESU Analysis can be found here. With the September 2020 Cumulative Update, the technique as described no longer works to install this update. However, only slight modifications need to be made in order for this new update to also install.
-
Windows 7 ESU Patching
With the May 2020 Windows 7 updates, I went on a mission to determine the minimum set of updates needed to enable all features within Windows 7, including optional hotfixes, and to have the most up-to-date installation possible. After extensive testing, I concluded that 42 updates not offered through Windows Update would need to be installed to reach this objective. The following sections describe the updates required and provide links to each.
-
Windows 8.1 and Windows Server 2012 R2 ESU Analysis Changelog
Update 2024-10-11
- Replaced September 2024 Servicing Stack Update (KB5044410) with October 2024 Servicing Stack Update (KB5044411).
- Replaced September 2024 Monthly Update (KB5043138) with October 2024 Monthly Update (KB5044343).
- Replaced August 2024 .NET Framework 3.5.1 Update (KB5041945) with October 2024 .NET Framework 3.5.1 Update (KB5044012).
- Replaced August 2024 .NET Framework 4.8 Update (KB5041960) with October 2024 .NET Framework 4.8 Update (KB5044026).
- Updated Microsoft Time Stamp Root Certificate Authority 2014.crl.
- Updated Microsoft ECC Root Certificate Authority 2017.crl.
- Replaced September 2024 Manifest, Components Registry Key, and SideBySide Registry Key (6.3.9600.22175) with October 2024 (6.3.9600.22221).
-
CVE-2022-36415
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.