[German]On April 13, 2021, Microsoft released various (security) updates for Windows 7 SP1 and Windows Server 2008 R2 with Extended Security Update (ESU) support. Here is the overview of these updates.
Advertising
Updates for Windows 7/Windows Server 2008 R2
A rollup and a security-only update have been released for Windows 7 SP1 and Windows Server 2008 R2 SP1. However, these updates are only available for systems with ESU license (2nd year). The update history for Windows 7 can be found on this Microsoft page.
Starting January 15, 2020, Windows 7 in Starter, Home Basic, Home Premium, Professional (without ESU license) and Ultimate will show a full-screen end-of-support notification. This must then be closed by the user.
As of Jan. 14, 2020, Windows 7 SP1 and Windows Server 2008 R2 SP1 have reached the end of support and will only receive paid security updates in the future as part of the ESU program. For ESU license holders, it is recommended to take a look at the Windows Message Center to find out about the details. In the KB article there are hints what to consider (ESU license for the 2nd year etc.).
Since the updates are offered in the Microsoft Update Catalog, do not try to install them on systems without ESU license first. The installation fails and a rollback occurs. What does work though: Using the BypassESU methods (see Windows 7: Force February 2020 Security Updates – Part 1). ByPassESU v11 should continue to work for the January 2021 patches (see Windows 7 SP1/Server 2008/R2: Extended Support 2021 – Part 2).
Important: Starting in July 2020, all Windows updates disable the RemoteFX vGPU feature due to the CVE-2020-1036 vulnerability (see also KB4570006). After installing this update, attempts to start virtual machines (VM) with RemoteFX vGPU enabled fail.
KB50013351 (Monthly Rollup) for Windows 7/Windows Server 2008 R2
Update KB5001335 (Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1) contains (besides the security fixes from the previous month) improvements and bug fixes and addresses the following:
- Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK).
- Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275.
- Addresses an issue with security vulnerabilities identified by a security researcher. Because of these security vulnerabilities, this and all future Windows updates will no longer contain the RemoteFX vGPU feature. For more information about the vulnerability and its removal, see CVE-2020-1036 and KB4570006. Secure vGPU alternatives are available using Discrete Device Assignment (DDA) in Windows Server LTSC releases (Windows Server 2016 and Windows Server 2019) and Windows Server SAC releases (Windows Server, version 1803 and later versions).
- Addresses an issue that prevents you from specifying up to 255 columns when you use the Jet Text installable indexed sequential access method (IISAM) format.
- Addresses an issue if you monitor for these events, Windows Backup will not report a successful Event ID 14 or backup finished Event ID 4 after you apply update KB4561643 or KB4556843.
- Security updates to Windows Apps, Windows Hybrid Cloud Networking, Windows Kernel, and Windows Media.
Details about the fixed vulnerabilities can be found on this page. This update is automatically downloaded and installed via Windows Update. The package is also available via Microsoft Update Catalog and is distributed via WSUS. Details about the requirements and known issues can be found in the KB article.
KB5001392 (Security Only) for Windows 7/Windows Server 2008 R2
Update KB5001392 (Security-only update) is available for Windows 7 SP1 and Windows Server 2008 R2 SP1 with ESU license. The update addresses the following issues.
- Addresses a time zone change for Volgograd, Russia from UTC+4 to UTC+3 Moscow Standard Time (MSK).
- Addresses a time zone change for The Republic of South Sudan from UTC+3 to UTC+2 Juba. For more information about this change, see KB 4601275.
- Security updates to Windows Apps, Windows Hybrid Cloud Networking, and Windows Media.
The update is available via WSUS or in the Microsoft Update Catalog. To install the update, you must meet the prerequisites listed in the KB article and in the rollup update above. The update has the errors described in the KB article. Furthermore, the cumulative security update KB5000800 (from March 2021) for Internet Explorer 11 should be installed – if not already installed. Because a vulnerability is probably actively exploited there.
Advertising
Similar articles:
Microsoft Office Patchday (April 6, 2021)
Microsoft Security Update Summary (April 13, 2021)
Patchday: Windows 10-Updates (April 13, 2021)
Patchday: Windows 8.1/Server 2012 Updates ( April 13, 2021)
Patchday: Updates for Windows 7/Server 2008 R2 (April 13, 2021)
Advertising