{"id":17985,"date":"2020-12-25T00:36:00","date_gmt":"2020-12-24T23:36:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=17985"},"modified":"2022-06-27T09:19:39","modified_gmt":"2022-06-27T07:19:39","slug":"windows-7-sp1-server-2008-r2-extended-support-2021-part-2","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/12\/25\/windows-7-sp1-server-2008-r2-extended-support-2021-part-2\/","title":{"rendered":"Windows 7 SP1\/Server 2008\/R2: Extended Support 2021 – Part 2"},"content":{"rendered":"

\"win7\"[German<\/a>]In my blog post Windows 7 SP1: ESU Support for 2021<\/a> \u2013 Part 1<\/em>  I had pointed out that from January 2021 a new ESU license is required to receive further security updates for this operating system. Those who do not have an ESU license (e.g. private users) or do not get it (e.g. because of Windows 7 Home or Windows Server 2008\/R2) can use alternative solutions, which I present in part 2. <\/p>\n

<\/p>\n

Some background<\/h2>\n

\"\"On 1\/14\/2020, Windows 7 SP1 (and Windows Server 2008\/R2) reached the long announced end of support – there will be no more security updates by default. However, Microsoft will continue to provide security updates for companies until January 2023. To get these security updates on systems with Windows 7 SP1 or Windows Server 2008\/R2, an ESU license from Microsoft is required (see Wow! Windows 7 get extended support until January 2023<\/a>).<\/p>\n

Problem #1: No ESU license for Windows 7 Home<\/h3>\n

However, with the approach Microsoft mentioned, which I covered in the article Windows 7 SP1: ESU Support for 2021<\/a> \u2013 Part 1<\/em>, there is the problem that this ESU license for Windows 7 only applies to Professional and Enterprise\/Ultimate. Owners of a Windows 7 SP1 Home are left out. In addition, private users will not necessarily want to buy an ESU license for over 100 euros\/dollars.<\/p>\n

Problem #2: No ESU license for Windows Server 2008\/R2<\/h3>\n

The ESU license keys issued for Windows 7 SP1 cannot be used for Windows Server 2008\/R2. The vendor Software Express mentioned in part 1 had made efforts to obtain ESU licenses for Windows Server 2008\/R2 as well. Microsoft allows the purchase of the ESU key only via a Microsoft Enterprise Agreement <\/em>(EA) or a Microsoft Business and Services Agreement <\/em>(MBSA). This leaves people who still need to run Windows Server 2008 R2, but do not have access to such a licensing program, out in the cold. Therefore I recommend the following alternative from ACROS Security. <\/p>\n

ACROS Security 0patch as an alternative<\/h2>\n

The alternative, especially for people who could not get an ESU license for Windows Server 2008\/R2, are the micropatches from 0patch. ACROS Security provides the 0patch Pro license for 23,00 Euro (net) per client and year. This includes micropatches for the most important vulnerabilities. <\/p>\n

\"ACROS
(Source: ACROS Security) <\/p>\n

Mitja Kolsek, the founder of ACROS Security, with whom I am in direct contact via Twitter, published the blog post 2021 2021 New Year's Resolution: \"We Will Spend Less Time and Money on Security Patches\"<\/a> on the topic in mid-December 2020.  <\/p>\n

I had described the approach in the blog post Windows 7: Securing with the 0patch solution<\/a> \u2013 Part 2. I myself use this solution on a client – and in 2020 there were numerous micropatches for vulnerabilities. So this works and is (as far as I know) the only solution to automatically patch a server 2008\/R2 without ESU license (I don't see ByPassESU as a solution in the professional environment). <\/p>\n

For private users there is even a free variant of the 0patch approach, which however does not receive all micropatches. I had described the different 0patch models in the blog post Project: Windows 7\/Server 2008\/R2 Life Extension & 0patch one month trial<\/a>. <\/p>\n

\n

Note: The 0patch solution does not provide updates in the sense of Microsoft. The 0patch agent loads micropatches after booting Windows, which simply mitigates the known vulnerabilities. If the 0patch agent is uninstalled, the micropatches are also removed and the vulnerabilities are back. Nevertheless, the 0patch approach is a cheap and viable solution in my eyes. <\/p>\n<\/blockquote>\n

ByPassESU for hobbyists<\/h2>\n

Furthermore, resourceful hobbyists have developed a solution called ByPassESU to install security updates for Windows 7 even without an ESU license. Some hints can be found in the post Windows 7 Sept. 2020 Updates: BypassESU v8 required<\/a>. However, I don't see this approach as a solution I would use in corporate environments. <\/p>\n

In December 2020, BypassESU v11 has been released (see the post Windows 7 ESU Bypass v10 ist erschienen [Update: ESU Bypass v11<\/a>) on German site deskmodder.de, which will probably still work in 2021 – or will be updated to work in 2021. The use is legal in my estimation in a private environment, but I do not link sources. Who is interested in the topic, I refer to the colleagues of deskmodder.de, who provide details and a download link for the relevant files in this blog post<\/a>. <\/p>\n

Article series:<\/strong>
Windows 7 SP1: ESU Support for 2021<\/a> \u2013 Part 1
Windows 7 SP1\/Server 2008\/R2: Extended Support 2021<\/a> – Part 2<\/em> <\/p>\n

Similar articles<\/strong>
Wow! Windows 7 get extended support until January 2023<\/a>
Windows 7 Extended Security Updates buyable from April 2019<\/a>
Microsoft offers Windows 7 Extended Update Support to SMBs<\/a>
Prices for Windows 7 Extended Security Updates till 2023<\/a>
Windows 7: Free Extended Update Support and usage<\/a>
Windows 7: Office 365 ProPlus Updates till 2023<\/a>
Windows 7 Extended Security Updates (ESU) requirements<\/a>
Windows 7 Extended Security Update (ESU) program available<\/a>
Windows 7 Extended Security Updates (ESU) program, price and source for SMEs<\/a> <\/p>\n

Windows 7: Buy and manage ESU licenses<\/a> \u2013 Part 1
Windows 7: Preparing for ESU and license activation<\/a> \u2013 Part 2
Windows 7: ESU Activation inEnterprise Environment<\/a> \u2013 Part 3
Windows 7: ESU questions and more answers<\/a> \u2013 Part 4 <\/p>\n

Windows 7: Forcing February 2020 Security Updates<\/a> \u2013 Part 1
Windows 7: Securing with the 0patch solution<\/a> \u2013 Part 2 <\/p>\n

Windows 7\/Server 2008\/R2: 0patch delivers security patches after support ends<\/a>
Project: Windows 7\/Server 2008\/R2 Life Extension & 0patch one month trial<\/a>
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674<\/a>
0patch: Fix for Windows Installer flaw CVE-2020-0683<\/a>
0patch fix for Windows GDI+ vulnerability CVE-2020-0881<\/a>
0-day vulnerability in Windows Adobe Type Library<\/a>
0patch fixes CVE-2020-0687 in Windows 7\/Server 2008 R2<\/a>
0patch fixes CVE-2020-1048 in Windows 7\/Server 2008 R2<\/a>
0patch fixes CVE-2020-1015 in Windows 7\/Server 2008 R2<\/a>
0patch for 0-day RCE vulnerability in Zoom for Windows<\/a>
Windows Server 2008 R2: 0patch fixes SIGRed vulnerability<\/a>
0patch fixes CVE-2020-1113 in Windows 7\/Server 2008 R2<\/a>
0patch fixes CVE-2020-1337 in Windows 7\/Server 2008 R2<\/a>
0patch fixes CVE-2020-1530 in Windows 7\/Server 2008 R2<\/a>
0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2<\/a>
0patch fixes CVE-2020-1062 in Windows 7\/Server 2008 R2<\/a> <\/p>\n

0patch supports Office 2010 with micro patches after the end of support (EOL)<\/a>
Windows 7\/Server 2008\/R2 ESU support for the second year<\/a> <\/p>\n

Windows 7 ESU-Update KB4538483 (May 2020)<\/a>
Windows 7 ESU Preparation Package Update KB4575903 (July 31, 2020)<\/a>
Windows 7 Sept. 2020 Updates: BypassESU v8 required<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[German]In my blog post Windows 7 SP1: ESU Support for 2021 \u2013 Part 1  I had pointed out that from January 2021 a new ESU license is required to receive further security updates for this operating system. Those who do not … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[991,2610,69,195,17,18],"class_list":["post-17985","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-0patch","tag-bypassesu","tag-security","tag-update","tag-windows-7","tag-windows-server-2008-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/17985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=17985"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/17985\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=17985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=17985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=17985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}