[German]On December 8, 2020 Microsoft released various (security) updates for Windows 7 SP1 (ESU) and Windows Server 2008 R2. Here is an overview of these updates.
Advertising
Updates for Windows 7/Windows Server 2008 R2
For Windows 7 SP1 and Windows Server 2008 R2 SP1 a rollup and a security-only update have been released. However, these updates are only available for systems with ESU license. The update history for Windows 7 can be found on this Microsoft page.
Starting January 15, 2020, Windows 7 will display a full-screen notification of the end of support in Starter, Home Basic, Home Premium, Professional (without ESU license) and Ultimate. This must then be closed by the user.
As of January 14, 2020, Windows 7 SP1 and Windows Server 2008 R2 SP1 have reached the end of support and will in future only receive paid security updates as part of the ESU program. ESU license holders are advised to take a look at the Windows Message Center for details.
Microsoft last updated the Techcommunity article on the ESU program on Oct. 3, 2020. Please refer to the notes on requirements (SSU, SHA-2). In addition, for ESU systems the update KB4538483 must be installed manually from the Update Catalog (see Windows 7 ESU-Update KB4538483 (May 2020) and at the end of July 2020 the preparation KB4575903 (see Windows 7 ESU Preparation Package Update KB4575903 (July 31, 2020)).
Since the updates are offered in the Microsoft Update Catalog, do not try to install them on systems without an ESU license. The installation fails and a rollback is performed. But what works: Using the BypassESU methods (see Windows 7: Forcing February 2020 Security Updates – Part 1). ByPassESU v9 still works for the November 2020 patches (see this German comment and here).
KB4592471(Monthly Rollup) for Windows 7/Windows Server 2008 R2
Update KB4592471 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains (besides the security fixes from last month) improvements and bug fixes and addresses the following fixes:
- Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to "FILE:" ports. To address this issue in the future, make sure your applications or services run as a specific user or service account.
- Security updates to Windows Graphics, Windows Peripherals, Windows Storage and Filesystems, and Windows File Server and Clustering.
Compared to the previous months, nothing has changed for ESU systems (according to previous knowledge). This update is automatically downloaded and installed via Windows Update. The package is also available via Microsoft Update Catalog erhältlich and is distributed via WSUS. Details about the requirements and known issues can be found in the KB article (without ESU the installation fails and there is a "STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)" error).
KB4592503 (Security Only) for Windows 7/Windows Server 2008 R2
Update KB4592503 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1 with ESU license. The update addresses the following issues.
- Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to "FILE:" ports. To address this issue in the future, make sure your applications or services run as a specific user or service account.
- Security updates to Windows Graphics, Windows Peripherals, Windows Storage and Filesystems, and Windows File Server and Clustering.
The update is available via WSUS or in the Microsoft Update Catalog. To install the update, the preconditions listed in the KB article and above for the rollup update must be met. The update has the KB article KB4592503 described errors. I have not found a security update for Internet Explorer 11 for December 2020.
Similar articles:
Microsoft Office Patchday (December 1, 2020)
Microsoft Security Update Summary (Dezember 8, 2020)
Patchday: Windows 10-Updates (December 8, 2020)
Patchday: Updates for Windows 7/Server 2008 R2 (12/08/2020)
Advertising
