Windows 7 ESU Analysis Updates
The original Windows 7 ESU Analysis can be found here. With the September 2020 Cumulative Update, the technique as described no longer works to install this update. However, only slight modifications need to be made in order for this new update to also install.
Please reference the original post for the majority of the instructions. This post will only highlight updates that need to be made.
Important: You must obtain an ESU license to apply ESU updates. Details on obtaining an ESU license can be found here. This research was completed for security vulnerability research purposes only following the Microsoft Legal Safe Harbor Terms. Do not try to reproduce without having the required licenses.
Installing KB4528069
Install KB4528069 as described in Windows 7 ESU Analysis.
Installing KB5036967 (April 2024 Cumulative Update)
The April 2024 Cumulative Update includes new ESU files that bump versions past those used in KB4528069. However, the same technique that previously applied still works.
- Install the latest Servicing Stack Update Windows6.1-KB5034865-x64.msu Windows6.1-KB5034865-x86.msu. Rebooting the machine may be required.
- If using the Manifest/Components registry key technique on a 64-bit system, execute the following commands:
takeown /f C:\Windows\WinSxS\Manifests /a
icacls C:\Windows\WinSxS\Manifests /grant Everyone:(F)
copy amd64_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.1.7602.27067_none_c8ae326a364a31d8.manifest C:\Windows\WinSxS\Manifests
icacls C:\Windows\WinSxS\Manifests /remove Everyone
icacls C:\Windows\WinSxS\Manifests /setowner “NT SERVICE\TrustedInstaller”
reg import ComponentsRegistryKey_x64.reg
reg import SideBySideRegistryKey_x64.reg
Windows6.1-KB5036967-x64.msu
- If using the Manifest/Components registry key technique on a 32-bit system, execute the following commands:
takeown /f C:\Windows\WinSxS\Manifests /a
icacls C:\Windows\WinSxS\Manifests /grant Everyone:(F)
copy x86_microsoft-windows-s..edsecurityupdatesai_31bf3856ad364e35_6.1.7602.27067_none_6c8f96e67decc0a2.manifest C:\Windows\WinSxS\Manifests
icacls C:\Windows\WinSxS\Manifests /remove Everyone
icacls C:\Windows\WinSxS\Manifests /setowner “NT SERVICE\TrustedInstaller”
reg import ComponentsRegistryKey_x86.reg
reg import SideBySideRegistryKey_x86.reg
Windows6.1-KB5036967-x86.msu
- If using the failed reboot technique, try to install KB5036967 and let it fail. Apply the new 32-bit or 64-bit SideBySide registry key linked below and retry the update. This time it will succeed.
References
These files can all be found on GitHub here. See below for specific file links.
Updated Manifest File x64 KB5036967
Updated Manifest File x86 KB5036967
Updated Components Registry Key x64 KB5036967
Updated Components Registry Key x86 KB5036967
Update 2024-04-10
- Replaced March 2024 Monthly Update (KB5035888) with April 2024 Monthly Update (KB5036967).
- Replaced March 2024 Manifest, Components Registry Key, and SideBySide Registry Key (6.1.7602.27017) with April 2024 (6.1.7602.27067).
For previous updates to this post, see Windows 7 ESU Analysis Updates Changelog.