Windows 7 ESU Analysis Updates
The original Windows 7 ESU Analysis can be found here. With the September 2020 Cumulative Update, the technique as described no longer works to install this update. However, only slight modifications need to be made in order for this new update to also install.
Please reference the original post for the majority of the instructions. This post will only highlight updates that need to be made.
Important: You must obtain an ESU license to apply ESU updates. Details on obtaining an ESU license can be found here. This research was completed for security vulnerability research purposes only following the Microsoft Legal Safe Harbor Terms. Do not try to reproduce without having the required licenses.
Note: October 2024 was the last month Microsoft released patches for x86 versions of Windows 7. Starting November 2024, only x64 versions of the patches will be updated in this post.
Installing KB4528069
Install KB4528069 as described in Windows 7 ESU Analysis.
Installing KB5046687 (November 2024 Cumulative Update)
The November 2024 Cumulative Update includes new ESU files that bump versions past those used in KB4528069. However, the same technique that previously applied still works.
- Install the latest Servicing Stack Update Windows6.1-KB5039339-x64.msu Windows6.1-KB5039339-x86.msu. Rebooting the machine may be required.
- If using the Manifest/Components registry key technique on a 64-bit system, execute the following commands:
takeown /f C:\Windows\WinSxS\Manifests /a
icacls C:\Windows\WinSxS\Manifests /grant Everyone:(F)
copy amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.1.7602.27415_none_c8e2490a36236811.manifest C:\Windows\WinSxS\Manifests
icacls C:\Windows\WinSxS\Manifests /remove Everyone
icacls C:\Windows\WinSxS\Manifests /setowner “NT SERVICE\TrustedInstaller”
reg import ComponentsRegistryKey_x64.reg
reg import SideBySideRegistryKey_x64.reg
Windows6.1-KB5046687-x64.msu
- If using the Manifest/Components registry key technique on a 32-bit system, execute the following commands:
takeown /f C:\Windows\WinSxS\Manifests /a
icacls C:\Windows\WinSxS\Manifests /grant Everyone:(F)
copy x86_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.1.7602.27366_none_6c8e9c4e7ded9ec0.manifest C:\Windows\WinSxS\Manifests
icacls C:\Windows\WinSxS\Manifests /remove Everyone
icacls C:\Windows\WinSxS\Manifests /setowner “NT SERVICE\TrustedInstaller”
reg import ComponentsRegistryKey_x86.reg
reg import SideBySideRegistryKey_x86.reg
Windows6.1-KB5044356-x86.msu
- If using the failed reboot technique, try to install the Cumulative Update and let it fail. Apply the new 32-bit or 64-bit SideBySide registry key linked below and retry the update. This time it will succeed.
References
These files can all be found on GitHub here. See below for specific file links.
Updated Manifest File x64 KB5046687
Updated Manifest File x86 KB5044356
Updated Components Registry Key x64 KB5046687
Updated Components Registry Key x86 KB5044356
Update 2024-11-18
- Added a note about the retirement of Windows 7 x86 patches.
- Replaced October 2024 Monthly Update (KB5044356) with November 2024 Monthly Update (KB5046687).
- Replaced October 2024 Manifest, Components Registry Key, and SideBySide Registry Key (6.1.7602.27366) with November 2024 (6.1.7602.27415).
For previous updates to this post, see Windows 7 ESU Analysis Updates Changelog.