[German]Good news for users of Windows 7 SP1 and possibly Windows Server 2008 R2. There is probably an increasing demand to continue to operate these operating systems, which have long since reached their end-of-life (EOL), securely. ACROS Security has now announced that it will support these Windows versions with 0patch until January 2027.
I came across the following tweet overnight, which is addressed in the article How long do you plan to provide Windows 7 and Windows Server 2008 R2 Micropatches?
ACROS Security has announced that it now intends to extend support (initially planned until January 2025) until January 2027. Until this date, they want to provide opatch micropatches for Windows 7 and Server 2008 R2 systems, even though they have reached the end of support.
And there is another statement: The people around Mitja Kolsek want to extend this deadline as long as there is sufficient market demand. This could mean that micropatches for Windows 7 or Server 2008 R2 could be made available until 2030.
0patch agent and account required
To use the micropatches, the 0patch agent is required, which can be downloaded free of charge from the opatch website and then installed on Windows. The installer and the agent require administrator rights to run.
After successful installation, a corresponding 0Patch service is set up under Windows 7, which is always running. Here is some information about what you should know.
- As soon as everything has been set up, this service retrieves the patches available for the user account and stores them in an internal database. It is set up via the 0patch console (see below).
- The service ensures that the called modules can be monitored when Windows 7 is started.
- If an application or Windows module for which a micropatch exists is loaded into memory, the service then injects the relevant code into the RAM area of the loaded module.
This is a completely different approach to how Microsoft updates are handled. A Microsoft update is installed under Windows 7, whereby a number of files may be exchanged. Once the Microsoft update has been installed, the patches remain on the machine.
It is operated via the 0patch console, which can be called up via the Windows start menu. To retrieve the micropatches in the 0patch console, you need a user account with the provider 0patch. The provider ACROS Security offers various models, which I have already described in the blog post Project: Windows 7/Server 2008/R2 Life Extension & 0patch one month trial.
A free account is offered for private use, which I used years ago to secure Windows 7. For companies, there are also paid account variants for a small price per year.
Information on how the 0patch agent works, which loads the micropatches into the working memory at runtime of an application, can be found in the blog posts (e.g. here), which I have linked below.
Similar articles:
Wow! Windows 7 get extended support until January 2023
Windows 7: Free Extended Update Support and usage
Windows 7 Extended Security Updates (ESU) requirements
Windows 7 Extended Security Update (ESU) program available
Windows 7 Extended Security Updates (ESU) program, price and source for SMEs
Windows 7: Buy and manage ESU licenses – Part 1
Windows 7: Preparing for ESU and license activation – Part 2
Windows 7: ESU Activation inEnterprise Environment – Part 3
Windows 7: ESU questions and more answers – Part 4
Windows 7/Server 2008/R2: 0patch delivers security patches after support ends
Project: Windows 7/Server 2008/R2 Life Extension & 0patch one month trial
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674
Windows Server 2012: Unofficial 0patch fix for MoW 0-day vulnerability
Windows: 0patch for 0-day URL File NTLM Hash Disclosure Vulnerability
