Security & Vulnerability Researcher / Professional Penetration Tester


  • Windows 8.1 and Windows Server 2012 R2 ESU Analysis

    The original Windows 7 ESU Analysis can be found here. With the ending of support for Windows 8.1 and Server 2012 R2 in 2023, additional research was conducted to see if similar techniques would work for these operating systems as well. It was determined that both Windows 8.1 and Windows Server 2012 R2 can be fully patched past the supported period.

  • Windows 7 ESU Analysis Updates

    The original Windows 7 ESU Analysis can be found here. With the September 2020 Cumulative Update, the technique as described no longer works to install this update. However, only slight modifications need to be made in order for this new update to also install.

  • Windows 7 ESU Patching

    With the May 2020 Windows 7 updates, I went on a mission to determine the minimum set of updates needed to enable all features within Windows 7, including optional hotfixes, and to have the most up-to-date installation possible. After extensive testing, I concluded that 42 updates not offered through Windows Update would need to be installed to reach this objective. The following sections describe the updates required and provide links to each.

  • Windows 8.1 and Windows Server 2012 R2 ESU Analysis Changelog

    Update 2024-03-25

    • Replaced February 2024 Servicing Stack Update (KB5034866) with March 2024 Servicing Stack Update (KB5035968).
    • Replaced February 2024 Monthly Update (KB5034819) with March 2024 Monthly Update (KB5035885).
    • Updated Microsoft ECC Root Certificate Authority 2017.crl.
    • Updated MicRooCerAut_2010-06-23.crl.
    • Updated Microsoft ECC Product Root Certificate Authority 2018.crl.
    • Updated Microsoft ECC TS Root Certificate Authority 2018.crl.
    • Replaced February 2024 Manifest, Components Registry Key, and SideBySide Registry Key (6.3.9600.21813) with March 2024 (6.3.9600.21871).

  • CVE-2022-36415

    A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.

     Page: 1 of 13     
buy me a coffee