Windows Update for Windows 7 after 1-2020

Topic

New Reply

I have a group of about 130 Win7 client systems I have been looking after for years and still do. I plan to continue doing that for another 5 years. The exciting part of this story is that we started not having any windows update in May 2017.

Two years on, our systems run much better than ever. They just run. My support work load has fallen off by at least 75%. Not a single infection or hacking attempt.

None of these are enterprise systems, just home PCs. All systems have a major Anti-virus product that I have selected. In my case it is Bitdefender Antivirus + (not the security product). Most have switched to Chrome browsers, which no longer requires the security problem prone Adobe Reader, Adobe Flash Player or Java. These three programs are needed by Internet Explorer, but not by Chrome, and are a common hacker/virus attack vector. The fact is that the Chrome browser is now in use by more than 2/3’s of Windows users. None of these systems have versions of Microsoft Office any more recent than 2010.

Windows Update had been a standard of security that was heavily relied upon by scores of Windows users for decades. Applying the once monthly updates became a mandatory ritual that most all Windows owners followed. Windows Update is by default automatic. For all those decades it worked largely flawlessly.

Unfortunately, the quality of Windows Updates has fallen off badly. This has given rise to numerous defective updates that cause a whole range of problems. Many updates are re-issued, some many times over.

Coincident with this falloff in quality, starting just after Microsoft ended Windows 7 development (December 31, 2014) and began security-only “support,” Microsoft changed the objectives of these updates from primarily security-only, to feature-related along with security. The “features” often contain(ed) changes to Windows 7 that some owners did (do) not want. At first they could selectively reject specific updates. October 2016, Microsoft changed the way it assembled updates in a way that no longer allows people to be selective. They call this new type of update “Roll-ups”. These Roll-ups are an all or nothing kind of deal, that includes all manner of “updates” that are largely unpublished. There is a way to get just the security updates, but it is complex and fraught with problems unless you are a serious technician. Therefore out of reach of most people.

Best advice is to set Windows Update setting to “Never check for updates.” Unfortunately, that means Windows Update no longer works automatically, but requires the user to manage the update process. However, this is the only way to take control of the situation. Enterprise IT folks have always done it this way.

If you really must continue to update, in spite of my advice to not do so, do NOT do updating until the day before the next cycle begins on the 2nd Tuesday of the month. That allows time for most of the erroneous updates to get fixed. Woody Leonhard, a tech writer extraordinaire, operates a web site, which does an excellent job of advising on Windows Update. It features his MS-DEFCON rating system that tells you when NOT to update, and when to do so. There is even a section on his web site http://www.askwoody.com, that specifically deals with Windows 7 updating.

The security-only crowd (Woody calls them Group B) was popular at first but by June of 2017, that strategy fell apart because defects in security only updates got fixed in the “roll-up updates.” So, that made security only updating impractical for all but the most technically competent.

Woody’s recommendation is that Windows 7 owners should stick to Group A, which just accepts all Microsoft roll-up updates and simply allows whatever changes Microsoft decides to make.

Another group, Group W, of which I am a member, simply does no further updating. That group has decided the risk of not applying updates that could immunize your system from some disease, hacker or virus is a lesser risk than applying updates and allowing your system to become something you would not buy if you had a choice. Of course this strategy includes some other choices that become far more critical: A very good antivirus program, switching to a browser that will be updated and therefore be more secure, and the acceptance that the January 2020 date that Microsoft has set for the end of updates for Windows 7, has already come.

When I re-build a system, I follow a very specific process of updating. Note well that I do not apply any updates after May 2017:

Use a Win7 install disk with SP1. This disk need only match the product type (home, pro, etc.) an bitness (32 or 64) of your Microsoft Product Key
Select Custom, not Upgrade
Switch to advanced and Delete all partitions, only one logical partition – C:, which will be created by the installer.
After install and activation, install network drivers if not installed already
Do NOT install anything until all Windows Updating is completed. Not even antivirus.

Set Windows Update to Never
Download and install either one or two updates manually. ***Note exception below if not starting with SP1 disk. In most cases only the first (KB3138612) of these is needed. If that produces a result that says the update is not appropriate for your computer, you need to first install the 2nd of these (KB3020369), then install the first (KB3138612). Choose the one that is for your machine — 32 bit (X86) or 64 bit (X64).
KB3138612

32 bit,

https://www.microsoft.com/en-us/download/details.aspx?id=51208

64 bit

https://www.microsoft.com/en-us/download/details.aspx?id=51212

KB3020369:

32 bit

https://www.microsoft.com/en-us/download/details.aspx?id=46827

64 bit

https://www.microsoft.com/en-us/download/details.aspx?id=46817

Switch from Windows-only updates to Microsoft updates
Reset Windows Update setting to Never
Start Windows Update
When a list of updates is offered (likely nearly 200 or so), refuse the following updates by right-clicking on them and choosing hide
Anything labeled Roll-up, with the exception of .net roll-ups

Any update that is NOT described as “Security” whose issue date is later than December 31, 2014. That is the date Windows 7 development ended.

Any Office update whose issue date is later than June 2017, displayed on the right side of the window as you select the individual update

Proceed to update and run the same process as previously described again and again until no more are offered.
*** If you cannot find an SP1 install disk, the step where the 2 specific updates (KB3138612 and KB3020369) described and linked above does not get done until the updating process installs SP1.

Install any missing drivers, using drivers downloaded only from the OEM support page.
Install the following Security-only updates for October 2016 through May 2017. You do not have to restart until all the following are installed. You can find an excellent guide on this topic at:

https://web.archive.org/web/20170812061720/https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/

You do not need to restart until all these updates are completed. When you do restart, it may take a while to process it and get back to your desktop screen

October, 2016 KB3192391:
64 bit:

http://download.windowsupdate.com/d/msdownload/update/software/secu/2016/10/windows6.1-kb3192391-x64_8acd94d8d268a6507c2852b0d9917f4ae1349b6c.msu

32 bit:

http://download.windowsupdate.com/d/msdownload/update/software/secu/2016/10/windows6.1-kb3192391-x86_a9d1e3f0dea012e3a331930bc1cd975005827cb6.msu

November, 2016 KB3197867
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2016/11/windows6.1-kb3197867-x64_6f8f45a5706eeee8ac05aa16fa91c984a9edb929.msu

32 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2016/11/windows6.1-kb3197867-x86_2313232edda5cca08115455d91120ab3790896ba.msu

December, 2016 KB3205394
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2016/12/windows6.1-kb3205394-x64_71d0c657d24bc852f074996c32987fb936c07774.msu

32 bit:

http://download.windowsupdate.com/d/msdownload/update/software/secu/2016/12/windows6.1-kb3205394-x86_e477192f301b1fbafc98deb94af80c6e94231e54.msu

January, 2017 KB3212642
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/01/windows6.1-kb3212642-x64_f3633176091129fc428d899c93545bdc7821e689.msu

32 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/01/windows6.1-kb3212642-x86_d5906af5f1f0dc07a5239311b169619ce255ab12.msu

February, 2017. There were no updates this month
March, 2017 KB4012212
64 bit:

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_2decefaa02e2058dcd965702509a992d8c4e92b3.msu

32 bit:

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_6bb04d3971bb58ae4bac44219e7169812914df3f.msu

April, 2017 KB4015546
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4015546-x64_4ff5653990d74c465d48adfba21aca6453be99aa.msu

32 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4015546-x86_a753365290d940872860776113f226436a18ca9b.msu

May, 2017 KB4019263
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows6.1-kb4019263-x64_d64d8b6f91434754fdd2a552d8732c95a6e64f30.msu

32 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows6.1-kb4019263-x86_e978e662d844d13ccf726944c39e4b678159bcde.msu

May, 2017 IE update KB4018271
64 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/04/ie11-windows6.1-kb4018271-x64_7c8d8beb9999d65c8db17001c697e82a9a0bb1d1.msu

32 bit:

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/04/ie11-windows6.1-kb4018271-x86_3eb0c93394fca87f3de52ae200a57e1770e741d6.msu

After Windows 7, system drivers and all updates are installed and any stable applications like Microsoft Office are installed and updated, and before any data or dynamic applications are installed such as antivirus software, create a system image. It will take 3 or 6 DVD +Rs (not -Rs) and about an hour. When you are done you will have a very nice bit of insurance. Should you ever again need to re-build a corrupted system or replace a hard drive, you will have a precise duplicate of your system as it is at this point. You can restore that image to a hard drive in 20 to 60 minutes. Creation of System Image is found in your menu under Maintenance, Backup and Restore.

Another great feature about creating the image is that you do not need an install disk or a product key to do the re-install the next time, and you will have saved yourself all the time you put in this time.

You will, in fact, have a final-state Windows 7 installation which could run on this particular computer as long as the computer hardware itself holds up and the software you prefer is still usable. In fact, Microsoft could evaporate, and your Windows 7 system would still function just fine, even if you had to install a new hard drive.

I emphasize the need for PLUS R DVD blanks. Do not use the more common MINUS R DVD blanks.

Install software, ending with antivirus software.
Then copy data into the newly created system.

CT

Total of 21 users thanked author for this post. Here are last 20 listed.

RamRod, amber438, MrChaz, woody, Microfix, AussieBoy, Elly, Groundhog45, Chris B, Northwest Rick, Kirsty, AusJohn, Spiral, HH33, Myst, jburk07, SueW, Steve S., wdburt1

Reply | Quote

Replies

Thanks very much for your detailed procedure. I’ve been a Group B updater since Microsoft first started the ‘roll-up’ system for Windows 7, though as pointed out, this might prove problematical for some people for the reasons you mention.

Another source of info for those seeking to reinstall Win 7:  A while back, PKCano shared a step-wise approach to doing a Group B reinstall. The thread probably ought to be read in its entirety but here is the specific post:

https://www.askwoody.com/forums/topic/windows-updates-after-reboot-which-do-i-need/#post-145231

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

1 user thanked author for this post.

jburk07

Reply | Quote

There is a revision of that procedure I have done in the last six months or so, with the newest SSU and such. Maybe you can find it.

2 users thanked author for this post.

Steve S., jburk07

Reply | Quote

Thanks, Steve. There are a lot of sites around that list the updates to not install. I figured out that all of them are post 12-31-14. Further, my logic is anything that was not a security update after that date was not a feature update but one that I just did not need. Hence my strategy, as outlined.

I should have added that “optional” windows updates are 99% terrible. The only ones that I ever use are the sometimes early dated driver updates for Intel hardware. Otherwise Optional WU’s are to be avoided.

CT

1 user thanked author for this post.

Steve S.

Reply | Quote

Here’s another “under the table” release by Microsoft about security breaches in Windows 7 they’ve just owned up to.  Check out https://www.catalog.update.microsoft.com/Search.aspx?q=KB4499175 if you’re interested…then you can explain it all to me.

Reply | Quote

Thanks, CT, for making your detailed instructions easily available again, despite the attempts of MS to keep them off the Web. So much for freedom of expression on the Internet!

If W10 is really as good as MS wants us to believe it is, MS shouldn’t need to bludgeon and connive to get users to adopt it. We have three W7 Pro 64 machines which do what we need them to do and we see no point in changing to a privacy-invading OS with such a tumultuous (dare I say “incompetent?”) update history.

As I see it, we have three options come W7 EOL:

1) Change to W10, then fight endlessly with MS to preserve what’s left of our computer privacy and struggle constantly to protect our computers (and therefore our businesses) from chaotic, apparently untested updates. This seems like a real venture in self-abuse and I have no desire to stick my head into that pencil sharpener.

2) Switch to Linux Mint and keep W7 available as an offline VM guest within the Linux host. Linux comes with a bit of a learning curve and limited choices in certain specialized software, but it also comes with absolute freedom from MS, with no snooping, and with updates which are far more reliable. That specialized software could be preserved within the W7 VM.

3) Now that we know that it’s possible, reinstall and harden W7, per your instructions, and trust that it will work successfully for at least a few more years (in one of your posts, I think you mentioned perhaps 5 years), though at some point I assume that there will likely still be a need to change the OS (to ___?).

Heretofore, I’ve been leaning toward Linux Mint with our current W7 configurations imaged and copied into a VirtualBox VM, but I’m intrigued and tempted by your approach to preserving W7. My primary concerns relate to:

A) If at all possible, making any transfer to a post-W7 EOL configuration as (relatively) simple and painless as possible, and the thought of having to reinstall all my specialized software on W7 gives me buttwillies. Although I’ve owned and worked with DOS/Windows machines since 1985 and can handle most basic Windows issues for our businesses and our family without too much trouble, I don’t consider myself a tech by any stretch of the imagination, so I don’t want to get into any projects that are way above my pay grade. In the immortal words of Dirty Harry, “A man’s gotta know his limits.”

B) Making sure that my wife’s MS Outlook and its enormous PST file, as well as her MS Office 2010 setup, are kept intact and readily accessible under any new configuration, as they contain many important business emails and documents which she needs to search through periodically. Although she is now using LibreOffice and is willing ultimately to switch to Thunderbird for her emails – both LO and TB come standard with Linux Mint, our previous first choice for post EOL computing – I will need to make provision for her to have reasonably straightforward access to her historical emails, and also to MS Office in case there are occasional functions it can handle which LO can’t. I’ve not yet researched the degree of difficulty involved in reinstalling those programs in W7, complete with all her old emails and documents.

C) For better or worse, computers are a necessary part of our lives, but we personally have only so much time available in our lives to deal with computer change-over issues, hence the attraction of the (apparent) time-saving advantage of installing a Linux OS pre-packaged with much of the basic software we already do use or can use (LO and Mozilla’s Firefox and TB), then installing a previously-created system image of our respective present W7 configurations in a VirtualBox VM in each of the machines. Similarly, assuming we outlive your rough five-year prognosis for a “CT-spec” W7 machine, if we’re ultimately going to have to switch to some other OS anyway, would we perhaps save time, grief, and hassle by biting the bullet now?

Any thoughts that you or others may have on any of this will be both welcome and appreciated.

Many thanks.

Group 7-L (W7, heading toward Linux)
W7 Pro x64 SP1
Linux Mint 18.3 Cinnamon 64-bit
Linux Mint 17.1 Xfce 32-bit

2 users thanked author for this post.

khubilgan, Chessie

Reply | Quote

Making sure that my wife’s MS Outlook and its enormous PST file, as well as her MS Office 2010 setup, are kept intact and readily accessible under any new configuration, as they contain many important business emails and documents which she needs to search through periodically.

I strongly suggest that you break the “enormous” PST file into several smaller files. Perhaps by year or by quarter. If you don’t do that, at some point the PST file is going to get so big that it may become corrupted.

I did this in the past for one of my customers who received literally tons of email every day, but refused to auto-delete any of it, and rarely manually deleted any of it. Every three months I created her a new PST file and retired the one she had been using. (“Retired” in this case means that it was no longer the default PST file in Outlook.) I would simply create a new PST file and manually create the folders that she needed; I would then make that the default Outlook PST file; I then adjusted the names of the files so that the retired PST file would be called something like “2015 Jan-Mar”.

There was one person who sent the lion’s share of the incoming email; I created a new PST file for incoming email from that person, and I created a rule that would send all email from that person to that special PST file. That one step greatly slowed down the growth of email in the primary inbox.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

3 users thanked author for this post.

Bill C., HH33, SueW

Reply | Quote

Thanks, Jim.  I’ve heard of the idea of reducing the size of PST files, but appreciate your explanation and advice.  It make good sense, but I confess to having put it off A) in the hope my wife could find some (very scarce) free time to go through her Outlook and dump whole folders of unneeded emails (no sense in retaining junk), and B) in the hope that our post W7 EOL solution would become clear, thus perhaps offering other solutions (e.g., changing to Mozilla Thunderbird).

Your post was a welcome reminder that I need to get that process moving; much appreciated!

Group 7-L (W7, heading toward Linux)
W7 Pro x64 SP1
Linux Mint 18.3 Cinnamon 64-bit
Linux Mint 17.1 Xfce 32-bit

Reply | Quote

If she isn’t cleaning up her email now, she won’t clean it up in the future unless there is no choice. (Been there, done that.)

You could look at it this way: Do it for her (the small PST files) because you love her, without any hope that she will one day come around.

One additional note: By continually creating new PST files and then moving emails manually from one to the other (rather than trying to shrink existing ones), you will greatly lessen the likelihood of one of them becoming corrupt.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

As I see it, we have three options come W7 EOL:

There is a 4th choice that you may not have considered: Windows 8.1. Windows 8.1 with Classic Shell installed can be configured to look and feel exactly like Windows 7; all of your Windows 7 software will run under Windows 8.1; and Windows 8.1 will receive support from Microsoft for three additional years (till January of 2023).

The best option is to obtain a Windows 8.1 retail license (not an easy task these days), so that you can install Windows 8.1 on any computer, or in a VM running on a Linux machine.

If you can’t find a Windows 8.1 retail license, check the computers that you have – you might have a computer that has a Windows 8.1 OEM license, which would allow you to install a fresh copy of Windows 8.1 on that computer.

Another option is to buy a refurbished Windows 8.1 computer. Here are some really promising-looking computers:
https://www.dellrefurbished.com/desktop-computers?filter_category=310&filter_hard_drive=46&filter_processor_brand=371%2C357
(I’ve never shopped at this site myself, but it looks like really good stuff.)

If I was looking for a Windows 8.1 computer, I would shop at that site.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

2 users thanked author for this post.

Razz, HH33

Reply | Quote

Interesting 4th choice; I hadn’t considered W8.1.  On the plus side, switching to W8.1 would postpone for three years the current dilemma of how best to avoid W10 and allow us to use our current software during that time.  On the other hand, it would perhaps be postponing the inevitable, namely, the need to find, install, and get used to another non-W10 OS while preserving our ability to use essential Windows-specific software.  We just have to figure out which non-W10 OS arrangement will impact our businesses and lives least.  Thanks for the idea; we’ll have to give W8.1 some serious thought.

Also, I’ve recently come across another possible choice, the use of a KVM switch at each workstation to switch between an Internet-connected new computer (Linux Mint or ___) and the current W7 machine which would be Internet-isolated.  I’m not savvy enough on KVM switches to know if there are major pitfalls I’m unaware of with this idea, other than the extra electricity required to run two computers at each desk.  Any thoughts on this would be most welcome.

Group 7-L (W7, heading toward Linux)
W7 Pro x64 SP1
Linux Mint 18.3 Cinnamon 64-bit
Linux Mint 17.1 Xfce 32-bit

Reply | Quote

Three years is a long time in the computer world. Having until January 2023 to move to another OS will give you a very long time before you have to make the move to something else.

During those three years, you can be learning Linux or some other OS; and you can set up a dual boot on your computer with Windows 8.1 on one side and Linux Mint (or whatever) on the other side.

Who knows what the situation will be in three years? Things might be totally different than they are right now.

Windows 8.1 (with Classic Shell) is literally your last chance to have “Windows 7” for a few more years.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

1 user thanked author for this post.

jburk07

Reply | Quote

As one who also keeps a Win7 machine running so I can take advantage of Windows Media Center, the only issue that we all confront is hardware failure.  Installation of Win7 on newer Intel chips and motherboards is not supported and I think only can be done with some degree of difficulty.  Anyone running Win7 for “critical” apps should also have some hardware backup that can be put in place if the primary components go south on you.

 

Reply | Quote

I have confronted the problem of installing Win7 on Intel’s newer chips. It is complicated solution but it can be done.

The problem is that the Win7 install disk does not have embedded USB3 drivers. So, you need to create a Win7 install media with them. I followed the instructions on this Dell page and it all worked out just fine.

http://www.dell.com/support/article/ca/en/cabsdt1/how11804/how-to-install-windows-7-on-systems-with-skylake-chipset?lang=en

I would not be surprised if someone has built this and is selling the solution in the form of a USB key.

CT

7 users thanked author for this post.

jburk07, Steve S., Elly, laidbacktokyo, satrow, Northwest Rick, Kirsty

Reply | Quote

I am encountering the following nag when I click on your Dell link, I wonder why?

Access Denied
You don’t have permission to access “http://www.dell.com/support/article/ca/en/cabsdt1/how11804/how-to-install-windows-7-on-systems-with-skylake-chipset?” on this server.

Reference #18.6c022417.1558214016.9bf2d1c5

It can’t be that my VPN has routed me to a blocked server again, because I can open the links in your longer detailed procedure post just fine…

Reply | Quote

Use this link to check you IP address.

1 user thanked author for this post.

Northwest Rick

Reply | Quote

Thanks PK, but no joy. As I said, I am only having a problem with that one referenced address. I see “/ca/en/” embedded in there, could this be a cross-border access issue? He is, after all, CANADIAN Tech…

Reply | Quote

Link works in my Firefox 66.0.5. Try it this way. It’s going to open in a new tab.
If that doesn’t work, look what kind of add-on blockers you are using.

1 user thanked author for this post.

Northwest Rick

Reply | Quote

Try via a uk/en link, or a DDG search for the article ID.

Reply | Quote

I checked the link before I sent it. It works on my Chrome browser just fine

CT

1 user thanked author for this post.

Northwest Rick

Reply | Quote

CT and PK – my apologies, apparently I caused my own problem.

Just today I was tinkering with a way to thwart the system information my browser blithely and recklessly broadcasts to whatever sites I visit, and therefore to any malicious intruder. It involves spoofing the UserAgent feature. At first I tried a general.useragent.override key with an empty string as a value, which I confirmed sends out no UserAgent response at all on the network monitor.  This is what caused the problem.

I was aware that, though most sites would just shrug at this, a few might throw a fit. The links in Mr CT’s longer procedure post were in the former category, so no problem there. But the Dell link fell into the latter, and shipwrecked.

I have done two things to deal with this, short of surrender:

1. I replaced the empty string value with a nonsensical Opera 3.2 (DOS 4.4) AirborneFlock; this also makes it unnecessary for me to re-enter the override key on browser restarts (an empty string value is a deletion trigger).

2. I supplemented my add-ons with User-Agent Switcher, which I keep disabled until I encounter an access problem, then quickly enable to get past those.

The Dell link was not a hard case, it responded just fine to the nonsensical string value. JPM Chase, on the other hand, tried to be helpful and threw up “you appear to be using an obsolete browser (or some such thing) and encouraged me to switch to one of the big three. I ignored it, because the flag is irrelevant to the reality that I am using a capable browser, and therefore have full access to my online account without resorting to the dormant add-on!

When I was working, I was the guy in the office who knew 10% more about IT than the next most savvy fellow (this was pre-Windows), so I was considered to be the go-to resource for esoteric DOS commands. “In the kingdom of the blind, the one-eyed man is king,” as the Greek proverb goes. Among this AW Lounge crowd, though, it’s a much different story. I can still fight my way to a solution (usually!) but there are a lot of stumbles, and it’s not getting easier!

Again, sorry for the confusion…

Reply | Quote

also please refer to the attached copy of usb3.0 drivers’ files as taken by me from the genuine Dell’s win7sp1x64pro .iso dated of 2017-04-27

DELL_WIN7SP1PROX642017-04-27_DVD_W7_SU-sources-OEM-1

Reply | Quote

Thanks, CT, for the Dell link. I run Windows 7 on older, slower hardware for now, but have Windows 10 running on a Coffee Lake i7-8700K  Z370 motherboard computer. I’ve considered installing Windows 7 on a seperate SSD in that computer and came across two sites that address doing so. These might also be of interest to others with a Z370 or other modern chipset mobo. Since I haven’t tried it yet, none of this is personally verified.

https://www.overclock.net/forum/6-intel-motherboards/1642446-how-install-windows-7-coffee-lake-pc-z370-chipset-mb-asus-maximus-x-hero.html

https://www.reddit.com/r/intel/comments/7fy8yz/full_report_installing_windows_7_ultimate_on/

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

Reply | Quote

At some point, it will be necessary to move to a different or upgraded operating system.

Where or when is that point?

On permanent hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender

Reply | Quote

For me and most of my clients that time (when I have to change OS) will be:

-My computer hardware has failed
-Some important piece of software like Chrome is no longer available
-Or, i just plain don’t use it any longer but are using a shirt pocket computer (they call it a smart phone) with Android, instead.

I am planning on about 5 years.

Unless Microsoft suddenly has a moment and decides to change its present course, which is very highly unlikely. I do have some clients who ask for a recommendation. I suggest Chromebook or Apple. Many in this forum will try Linux, but that is not an OS for the masses.

Microsoft (since Windows 8) no longer produces a product that I want to use. It is not a consumer product company any longer which is made very clear if you ever try to actually contact the company. The reality is that Android is the OS for “the people” now.

CT

9 users thanked author for this post.

Kranium, jburk07, Geo, wdburt1, Elly, SueW, dgreen, geekdom, Kirsty

Reply | Quote

geekdom:

“At some point, it will be necessary to move to a different or upgraded operating system. Where or when is that point?”

I have pretty much sorted out the “when” as well as the “where to”: I have had Linux Mint (19.1) installed in dual-boot with Windows 7 already for about two months, and also have a MacBook Pro laptop that I am using more and more as my workhorse for programming and for the data analysis heavy on number-crunching, since mid 2017, bought then with the idea of having a practical alternative to Windows 10. Everything that I have been able to test in this new setup (Win 7 + Linux + Mac) is working fine, and working together.

To me the main question now is: how I am going to maintain Windows 7 after EOL? That can be broken down into the following ones: Will there be patches that still can be installed the way some people seem to have figured out to do, when there are no longer patches officially meant for Windows 7? Or shall I keep the Windows 7 side cut off from the Web and use only the Linux side of the PC to contact the rest of the world?

So my job now, as far as taking care of the next January EOL transition goes, is to find useful answers to those questions, and to do it, preferably, sometime in the next six months.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Oscar – Out of interest may I ask what software are you using on the Macbook pro?

I presume you are keeping the Windows going to be able to retrieve old legacy work ?

cheers,

Razz

ASUS GL702VS 24GB RAM Intel Core i7 64 bit Win 10 Home 22H2 OS Build 19045.3693
Windows Feature Experience Pack 1000.19053.1000.0
Not Win 11 eligible.

Reply | Quote

That’s a very interesting question. I continue to run W7, it gets security updates but nothing else, I think it is pretty well patched and it runs almost as fast as when it was new, and I’ve had a number of screwed up file system issues that always got straightened out. I only had to do a re-install once in about 7 years of use, and I guess I’ll stay with it until you can’t get the hardware to run it. My wife has an Acer laptop that had a cruddy install of W10 on it, I tried to put W7 on it and it barked at me throughout the installation that the hardware wasn’t W7 compliant, but it did install and actually ran for a month or two then bombed out for reasons I never discovered. And it had hardware errors in the SATA drive, so I replaced it with a SSD, found a download for a clean W10 and installed and it runs way better than the original install, so I suppose that’s where I’d go if I couldn’t find compatible hardware any longer

Win7Pro, I5 CPU, 8Gb RAM, SSD boot drive, external 4Tb SSD storage

Reply | Quote

I plan on switching to W10 when my  2010 Walmart E-machine breaks and I have to buy a new one.

Reply | Quote

I take that back.  By then I might be ready for a Chromebook.

Reply | Quote

Canadian Tech wrote:

I emphasize the need for PLUS R DVD blanks. Do not use the more common MINUS R DVD blanks.

In terms of this thread, what is the difference between -R and +R DVD’s?

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

Cybertooth, whatever the reason for it, that CT’s advice is useful to people with ageing built-in DVD drives, and somewhat relevant to what might happen after Windows 7 EOL and how to deal with it.

Case in point: my own. The drive that came with my ca. 2011, HP Pavilion dv6t PC, was no longer burning files on blank DVDs. I was using “-R” DVDs and changing to “+R” ones took care of the problem as if by magic.

So, as I understand it, that problem was not because of some bad Windows patch, or of not patching (as might be the situation after January next year), but because optical drives, particularly ageing ones, can have trouble doing their job when one tries to use them for writing on blank “-R” DVDs. Not knowing this useful fact could cause unnecessary confusion, especially if the problem shows up after Windows 7 EOL.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Cybertooth

Reply | Quote

I routinely make system images of my clients’ Win7 systems when I re-build or replace the HD. I’ve done it hundreds of times.  I can tell you based on a lot of experience dash R DVDs are not nearly as reliable as plus R DVDs.  When last I used -r’s, one out of three disks would fail.  When I use +r’s, I rarely see a failure.  You can tell when it fails because the system image process that is part of Win7 does a read-back after it writes and rejects for the slightest imperfection.  The last thing you want is to find an image not usable when you need it.

My understanding is that -r was designed principally for video recording.  +r’s are far better for data.

I have never seen a PC which could read or write +r or -r differently.  They either do not work at all, or work just fine.  I also can tell from a lot of experience that DVD drives are poorly designed a fail quite often.  I would doubt the reliability of a DVD drive on a laptop over 5 years old.  Desktops tend to last longer, but they often fail mechanically when the drawer just will not open or close.  Desktop DVD players are a cheap item — about $20 and easy to replace.

I have read that +r’s are formatted differently than -r’s and that may be one of the reasons.

CT

3 users thanked author for this post.

Steve, jburk07, Cybertooth

Reply | Quote

[EP]

have you considered using “rewritable” DVD discs like DVD-RW or DVD+RW, Canadian Tech?
I just got a pack of them from my local Staples store a few weeks ago (of course these are now hard to find)

also the quality or reliability of the DVD discs are also important (had no problems with Verbatim brand DVDs) as the quality/reliability of the DVD drives themselves

• This reply was modified 5 years, 6 months ago by EP.

Reply | Quote

The following excerpt from a Lifewire article is the relevant part of a larger discussion of the differences between DVD-R and DVD+R:

DVD+R and DVD-R: Functional Differences
The main functional differences between DVD-R and DVD+R are the DVD recorder’s built-in defects management, the way the recorders format and rewrite DVDs, and their respective price tags.

With DVD-R, little marks are positioned in the grooves of the disc that determines how the DVD reader processes the information on the disc. DVD+R, however, does not have these land pre-pits but instead measures the wobble frequency as the laser processes the disc.

Even though these two formats were developed by different companies and can only be used on certain devices, some DVD drives are hybrid models and can support both DVD-R and DVD+R discs.

Whether you have DVD-R or DVD+R discs, make sure that the DVD drive you intend to purchase says that they’re both supported. Similarly, if you already have a DVD+R or DVD-R machine and it’s not a hybrid DVD drive, make sure to only buy the discs your player supports.

Some DVD+R Advantages
According to the claims of the DVD Alliance, using a DVD+R recorder allows for the following abilities and features:

Instantly eject DVDs without having to wait for finalized formatting.
Ability to record one DVD disc partially on PC and partially on television.
Background formatting — while the disc is being formatted, you can simultaneously record on already-formatted portions of the same disc.
Enhanced ability to edit filenames, movie and song titles, and playlists.
100 percent compatibility with all other DVD players, while still enjoying the noted extra recording features.

Hope that helps.

Group 7-L (W7, heading toward Linux)
W7 Pro x64 SP1
Linux Mint 18.3 Cinnamon 64-bit
Linux Mint 17.1 Xfce 32-bit

2 users thanked author for this post.

MrChaz, jburk07

Reply | Quote

just make sure you are using a reliable DVD burner that can handle both DVD-R & DVD+R discs
I was able to buy the last batch of DVD+RW (rewritable) discs from a local Staples store and they work good

Reply | Quote

Thank you so much for this! I am redoing my windows 7 this weekend for the last time (bsod ugh) and came here to find out what updates I totally need.  I’ve not updated in many, many moons, have a great av and firewall program and don’t feel the need for win 10 at the moment.  I have about 5 hard drives and was wondering if I put the updates in a win 7 folder on one of them would that work for updating?

Reply | Quote

Canadian Tech,

I appreciate this information, and I’m currently preparing to create a modified ISO with all of the necessary updates slipstreamed so I don’t have to install them later. My question is, why have you chosen May 2017 as the cutoff date for installed updates? I recall that May 2016 was the last month before the first “rollup” was distributed in June 2016. I’ve always had a problem with these “rollups” due to the inability to choose which updates I want to install, but you’re installing a whole year of them. I may be missing something here, but I want to make sure before creating the ISO. Thank you.

Reply | Quote

Not meaning to be rude but how do you know not a single hacking attempt?  Every day in my inbox there is a hacking attempt.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

[Razz]

Susan – For the non techies on here you might elaborate on inbox please, or are you merely refering to phishing and email spam. tx

ASUS GL702VS 24GB RAM Intel Core i7 64 bit Win 10 Home 22H2 OS Build 19045.3693
Windows Feature Experience Pack 1000.19053.1000.0
Not Win 11 eligible.

• This reply was modified 5 years, 5 months ago by Razz.

1 user thanked author for this post.

Kranium

Reply | Quote

Susan is a Techie of some renown and more acclaim. I read her comment to mean she is sent detailed reports of hacking activity experienced by others. These may be asking for support or contributing to her knowledge base. It is not likely that she has succumbed to phishing. Though she probably looks at more than a few within a sandbox, just to understand new attempts better.

Reply | Quote

anonymous wrote:

Susan is a Techie of some renown and more acclaim. I read her comment to mean she is sent detailed reports of hacking activity experienced by others. These may be asking for support or contributing to her knowledge base. It is not likely that she has succumbed to phishing. Though she probably looks at more than a few within a sandbox, just to understand new attempts better.

I read her post as meaning she experiences hacking attempts every day through e-mails received in her inbox. Which makes sense when you consider her occupation. With all due respect, you seem to have read a lot into her post that simply isn’t there.

1 user thanked author for this post.

Kranium

Reply | Quote

Susan Bradley is a techie par excellence:

In real life, she manages a fleet of business systems (servers, workstations, and even iPhones) at a California accounting firm.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

It’s about time.  Let the debate begin.  It’s more productive than each party lobbing stuff out there from his or her corner, which is what we have had so far.  It’s made more difficult, and thus more useful and interesting, by the fact that the central question is whether the emperor–patching–is wearing anything.  I’m grabbing the popcorn and hope to learn something.

Reply | Quote

If you are hoping for a one judgement to rule them all, then you view this subject differently than I do. Susan writes for a very different audience than CT’s client list. Each is administrating, maintaining, and lobbing stuff from a corner that is appropriate for the group they associate with.

And thank whatever powers you prefer that there are different user bases. otherwise who would develop and who would purchase? The sellers need buyers and the buyers need sellers that stay secure. I do not wish to tell anyone how they must do something. But I really enjoy a resource like AskWoody where I can read both of these views, and more, to decide what makes most sense for me.

I do not wish for a debate to be won or lost. I want to read as many viewpoints as possible. Even the ones that are mutually exclusive. This site has room for both and many others.

Reply | Quote

Nobody said anything about winning or losing, one size fits all, or excluding viewpoints.  A real debate means starting to make some distinctions and accept some qualifications, rather that just put out stuff that sounds like it applies to everyone.  Such a discussion would allow the reader to learn when a particular approach make sense.

Reply | Quote

RE: Last Security Monthly Quality Rollup for Windows 7

Microsoft states that support for Windows 7 will end on Januray 14, 2020. January 14, 2020 is the second Tuesday of the month which is when Microsoft usually releases Monthly Quality Rollups for Windows 7.

Does anyone know if Microsoft will be releasing a rollup for Windows 7 on January 14, 2020?

Reply | Quote

[PKCano]

The Rollup issued on Jan 14, 2020, will be the last Supported update for Win7, unless you buy the ESU updates.

• This reply was modified 5 years, 2 months ago by PKCano.

2 users thanked author for this post.

Kranium, 280park

Reply | Quote

Thanks PKCano. Just to confirm, are you saying that Microsoft will adhere to their current routine and issue a rollup on January 14, 2020?

I have read a lot about ESU updates after January 14, 2020 and I have concluded that ESU updates will NOT be available for Windows 7 Home Premium. Am I correct?

Reply | Quote

Extended Support will not be available for Win7 Home Premium.

1 user thanked author for this post.

280park

Reply | Quote

I am surprised that 100 Windows 7 users would have been safe with only antivirus software and with no protection from windows updates, if indeed you are saying that none of them had infections.   Is that what you meant?  If we concede that it were true, will any popular antivirus software still work with Windows 7 in the future?  MSE antivirus updates I hear will end.  Has any AV company stated a lifecycle of a time they intend to continue for Windows 7?

Reply | Quote

Win7 Extended Support is avaliable from Microsoft (for a price, mostly for businesses) for three years until 2023. The MSE engine will not receive updates, but definition updates will not end.

Also, third-party application support will not end with Win7 EOS by Microsoft. Anti-virus, browsers, and other applications will be updated.

Reply | Quote

As far as I can see, no one has asked this question before so I think this is the best place to ask it.  We know that MS will end its support for Win 7 and we won’t get any more Win 7 updates in Windows Update after the Jan. 14, 2020 updates.

Main question:  Does this mean that Win 7’s Windows Update will not be giving us MS Office 2010 or later updates?  I have Office 2010 and I’ve always gotten my Office updates in WU.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

Reply | Quote

You should still get Office 2010 updates through WU until October:

End of support for Office 2010
Office 2010 (undated)
Support for Office 2010 will end on October 13, 2020 and there will be no extension and no extended security updates.

2 users thanked author for this post.

Charlie, OscarCP

Reply | Quote

September 12, 2022
Update

I still have 103 client Win7 systems in use. They are so rock solid stable that I rarely hear from them. I routinely check (using Team Viewer) to find out which are still in use.

Not one of them has had a Windows Update since June 2017. That’s more than 5 years now.

I have a close relationship with my clients and if something (anything) is wrong the call me. So, I can tell you with the greatest of confidence that not one has become infected or hacked (to any ones knowledge).

Susan, as someone already pointed out, your clientele and mine are very different kinds of users. Your knowledge and prowess in this field is legendary. However, my clients are simple mom and pop people who have a computer at home and use it for very routine kinds of things. If one of their computers was hacked or infected, it is a simple matter of restoring the last image. Very few have anything on their computers that they consider to be a security risk.

I have subsequently replaced many hard drives to maintain these computers. Those System Images that I routinely create are a wonder. It is simply amazing how neat it is to replace a hard drive, restore from that image and the computer is as good as gold running exactly as it was when I made the image.

Most of my clients now have smart phones, iPads or android equivalents of them. They use those far more than their computers which has reduced the need Of those clients who no longer use their Win7 systems, most simply no longer use any computer. A few that have replaced their computers have mostly replaced with Apples. Where as 7 or 8 years ago, I was helping my clients buy new computers at the rate of 30 or 40 a year, I have not had a single instance of a request for such assistance in years. Bottom line is that the marketplace for home Windows systems has diminished considerably.

CT

6 users thanked author for this post.

Steve, Cybertooth, Microfix, SueW, Charlie, Alex5723

Reply | Quote

@Canadian Tech, your clients IIRC are using Google Chrome and EoS for Chrome within Windows 7 is January 2023, What’s the browser plan beyond that? just curious..

If debian is good enough for NASA...

Reply | Quote

@Canadian Tech, I like this concept.  Five years gives me hope.  I just keep wondering when a browser will have compatability issues because it won’t work on Win7 anymore.

For this reason it will be an interesting experiment to see how long I can stay on Win8 which is approaching EOL/EOS for home users.

Win 8.1 (home & pro) Group B, W10/11 Avoider, Linux Dabbler

1 user thanked author for this post.

Charlie

Reply | Quote

Canadian Tech wrote:

Not one of them has had a Windows Update since June 2017. That’s more than 5 years now.

At home we have a Windows 7 PC with blocked updates since the day it was forcibly upgraded to Windows 10 in 2015. The PC has been immediately restored to Windows 7.
The PC is in use every day extensively and is rock solid stable. Never a bug, virus, crash…

2 users thanked author for this post.

Steve, Charlie

Reply | Quote

It’s very good to hear from you Canadian Tech, and to hear that things are still going well for you and your clients.  The last Windows 7 Security updates I allowed to be put into my Win 7 machine were on Feb. 1, 2021, and April 30, 2021 for MS Office 2010 updates.  I do still keep my antivirus and Firefox browser updated as I still go online with it, mainly on the same safe sites I’ve used for a long time.  No Win 7 problems and no MS Update grief.

Being 20 something in the 70's was far more fun than being 70 something in the insane 20's

Reply | Quote