ERPMan's Windows 7 X64 & Server 2008 R2 X64 System Updates Page

ERPMan's Windows 7 X64 & Server 2008 R2 X64 System Updates Page
(Updated Monday January 22, 2024)

Maximize the web browser window when viewing this page [using at least 1024 by 768 screen resolution].

Windows 7 & Server 2008 R2 SP1 will change the version number from 6.1.7600 to 6.1.7601.

NOTE: Security updates listed here will be grouped by each year they were released. Also, Microsoft
               has switched to a new monthly cumulative update format for Windows 7 & Server 2008 R2,
               effective October 2016. Each new monthly cumulative update rollup will supersede/replace the
               previously mentioned update rollup from the previous month and will eventually include all the
               security updates before late 2016. Starting November 2016, new security updates will be
               released only at the Windows Update & Microsoft Update Catalog sites. Starting April 2017,
               Microsoft has stopped publishing new Security Bulletins and only the MS Security Update Guide
               site features new security updates released in April 2017 & later.

   NOTE: It is not necessary to download & install all of the updates listed on my page. You are not required
              to install them unless your system has suffered serious problems. Make sure you download the
              patches for the correct operating system. You can uninstall most system updates from your system
              if they cause more problems than they fix.

I've made this page simply for informational purposes and to make downloading updates faster & easier. All the updates for
Windows 7 listed here can only be installed under the x64 (not ia64) version of Windows 7 & Server 2008 R2.
Before installing any Win7 or Server 2008 R2 updates, be sure to activate and validate your copy of Windows 7/Server 2008 R2.

Key = Windows 7 and Windows Server 2008 R2 are both Windows NT 6.1.7600.16385
            Installing Service Pack 1 will change the version number to 6.1.7601.17514.
            SP - Service Pack, NT - New Technology or Network, IIS = Internet Information Server, Cli. = Client
            RDP - Remote Desktop Protocol, AKB - ActiveX Killbits, MSI - Microsoft Installer / Windows Installer
WMC - Windows Media Center, ESU - Extended Security Updates, POS - Point-of-Sale
[a little star * indicates a new system update; the <> symbol means to install a patch with caution because it may have a
   possible side effect; I am not responsible if the updates you download here do more harm than good]

Notice: Microsoft ended support for the original/RTM release Windows 7 on Tuesday April 9, 2013. Windows 7 users must
upgrade to SP1 to receive full support and to install any updates listed below. Also, extended support for most editions of
Windows 7 (except for certain Win7 Embedded editions) ended on January 14, 2020 as noted in MS support KB article 4057281.

Recent changes made to this page: (up to a month of changes)
1/22/2024 - Added links to the January 2024 security updates for Win7 Embed POSReady SP1 & Server 2008 R2 SP1.
12/22/2023 - Added links to the December 2023 security updates & removed links to the September 2023 security updates for
Win7 Embed SP1 & Server 2008 R2 SP1.

Windows 7 New Security Monthly Rollups & Security-Only Updates for Paid ESU Subscribers
(need to be using Windows Embedded POSReady 7 edition or Server 2008 R2 edition) - ESU support for
Server 2008 R2 SP1 w/ MS Azure ended for good on January 9, 2004 while ESU support for
POSReady 7 ends for good on October 8, 2024

<> ~ * Windows 7 Embedded POSReady SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5034169 [Jan. 2024] (Download here) (5034169) # &
<> ~ * Windows 7 Embedded POSReady SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB5034167 [Jan. 2024] (Download here) (5034167) # &

Notes: I will list the three most recent 2024 monthly & security-only update rollups for Win7 POSReady SP1 for Paid ESU Subscribers,
          just in case the recent ones cause more problems than fixing them. However, the January 2024 security updates for
          Server 2008 R2 SP1 will remain listed here, even when support for Server 2008 R2 with ESU ended on January 9, 2024.
& - These new Win7 updates released Jan. 2024 & later will require the KB5017397 & newer servicing stack updates as well as the
     KB5016891 or newer ESU licensing preparation package update as well as a paid ESU license in order to receive and successfully install
     these new updates. A FAQ on the Extended Security Updates (ESU) program is mentioned in MS support article 4497181.

Windows 7 New Security Monthly Rollups & Security-Only Updates for Paid ESU Subscribers
(need to be using Windows Embedded Standard 7 or POSReady 7 editions) - ESU support for
Embedded Standard 7 ended for good on October 10, 2023 while ESU support for POSReady 7
ends for good on October 8, 2024 and ESU support for Server 2008 R2 SP1 w/ MS Azure ended
for good on January 9, 2024

<> ~ Windows 7 Embedded POSReady & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5033433 [Dec. 2023] (Download here) (5033433) # &
<> ~ Windows 7 Embedded POSReady & Server 2008 R2 SP1 Security Only Quality Update - KB5033424 [Dec. 2023] (Download here) (5033424) # &
<> ~ Windows 7 Embedded POSReady & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5032252 [Nov. 2023] (Download here) (5032252) # &
<> ~ Windows 7 Embedded POSReady & Server 2008 R2 SP1 Security Only Quality Update - KB5032250 [Nov. 2023] (Download here) (5032250) # &
<> ~ Windows 7 Embedded & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5031408 [Oct. 2023] (Download here) (5031408) # &
<> ~ Windows 7 Embedded & Server 2008 R2 SP1 Security Only Quality Update - KB5031441 [Oct. 2023] (Download here) (5031441) # &

Notes: I will list the three most recent monthly & security-only update rollups for Paid ESU Subscribers, just in case the most recent
          ones cause more problems than fixing them.
& - These new Win7 updates released Feb. 2023 & later will require the KB5017397 & newer servicing stack updates as well as the
     KB5016891 or newer ESU licensing preparation package update as well as a paid ESU license in order to receive and successfully install
     these new updates. A FAQ on the Extended Security Updates (ESU) program is mentioned in MS support article 4497181.

Windows 7 New Security Monthly Rollups & Security-Only Updates for Paid ESU Subscribers
(need to be using Windows 7 Professional, Ultimate or Enterprise editions / Server 2008 R2 editions)
ESU support ended for good on January 10, 2023

<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5022338 [Jan. 2023] (Download here) (5022338) # &
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB5022339 [Jan. 2023] (Download here) (5022339) # &
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5021291 [Dec. 2022] (Download here) (5021291) # &
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB5021288 [Dec. 2022] (Download here) (5021288) # &
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB5020000 [Nov. 2022] (Download here) (5020000) # &
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Update - KB5021651 (need KB5020000 rollup installed first) [Nov. 2022] (Download here) (5021651) # &

Notes: I will list the three most recent monthly & security-only update rollups for Paid ESU Subscribers, just in case the most recent
          ones cause more problems than fixing them.
& - These new Win7 updates released Feb. 2020 & later will require the KB4537829 & newer servicing stack updates as well as the
     KB4538483 or newer ESU licensing preparation package update as well as a paid ESU license in order to receive and successfully install
     these new updates. A FAQ on the Extended Security Updates (ESU) program is mentioned in MS support article 4497181.

Windows 7 Security Monthly Rollups & Security-Only Updates [from March 2017 to February 7, 2020]

<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Monthly Preview Rollup - KB4539601 {released Feb. 7, 2020} (Download here) (4539601) # %
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Update - KB4539602 {released Feb. 7, 2020} (Download here) (4539602) # %
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB4530734 [Dec. 2019] (Download here) (4530734) #
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4530692 [Dec. 2019] (Download here) (4530692) #
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB4525235 [Nov. 2019] (Download here) (4525235) #
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4525233 [Nov. 2019] (Download here) (4525233) #
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB4507449 [July 2019] (Download here) (4507449)
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4507456 [July 2019] (Download here) (4507456)
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4499175 [May 2019] (Download here) (4499175) =
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB4489878 [Mar. 2019] (Download here) (4489878) =
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Monhtly Rollup - KB4091290 {released March 1, 2018} (Download here) (4091290) ^
<> ~ Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4054521 [Dec. 2017] (Download here) (4054521) ^
<> Windows 7 SP1 & Server 2008 R2 SP1 Security Monthly Quality Rollup - KB4012215 [March 2017] (Download here) (4012215) ^
<> Windows 7 SP1 & Server 2008 R2 SP1 Security Only Quality Update - KB4012212 [March 2017] (Download here) (4012212) ^

Notes: I will list the three most recent monthly & security-only update rollups, just in case the most recent ones cause more problems
          than fixing them. I will continue to list the March 2017 updates for users who have Intel Kaby Lake and AMD Ryzen CPUs
          installed in their computers. I will also continue to list the KB4054521 & KB4091290 updates for Win7 SP1 on older X64 systems.
          Note that the security-only updates are not cumulative but the security monthly updates are cumulative. For a
          complete list of Security Only & Security Monthly Updates, see this Windows 7 SP1 & Server 2008 R2 SP1 Update History page.
~ - The KB4022719, KB4022722 & later security updates contain an updated Windows Update Agent that no longer allows checking for
updates thru Windows Update when these updates are installed on machines with either Intel Kaby Lake or AMD Ryzen processors.
Use the wufuc tool or the WuaCplFix tool to allow Windows Update to check for updates with recent Intel & AMD CPUs after installing the
latest Win7 updates.
= - The KB4489878 rollup update from March 2019 is the last rollup to contain the PciClearStaleCache.exe file, however, that file is
     included in the KB4499175 security-only update from May 2019. I will continue to list the KB4489878 and KB4499175 updates.
<> - See the corresponding MS support KB articles on the issues/problems with the recent security updates.
# - The August 2019 and newer monthly rollup & security-only updates will require the KB4490628, KB4474419 & KB4536952 updates
     installed first.
% - The December 2019 & newer monthly rollup & security-only updates will display full end-of-life (EOL) notifications for Windows 7
      starting January 15, 2020 after any of these updates are installed. Win7 users can follow the directions on this blog to disable
      the EOL notifications for good & continue using Win7.

Windows 7 Security Updates - Year 2016

(MS16-077) [Win7 SP1] (3161949)	*
(MS16-059) [Win7 SP1 + WMC] (3150220)	(MS16-072) [Win7 SP1] (3159398)
(MS16-055) [Win7 SP1 > fix2] (3156754)	(MS16-056) [Win7 SP1] (3155178)
(MS16-032) [Win7 SP1] (3139914)	(MS16-033) [Win7 SP1] (3139398)
(MS16-014) [Win7 SP1 > fix1] (3134228)	(MS16-027) [Win7 SP1 > fix1] (3143146)
(MS16-007) [Win7 SP1 > fix2, fix3, fix4 & fix5] (3124901)	(MS16-013) [Win7 SP1] (3115858)

Windows 7 Security Updates - Year 2015

(MS15-132) [Win7 SP1 > fix1] (3116162)	(MS15-133) [Win7 SP1] (3109103)
(MS15-117) [Win7 SP1] (3101722)	(MS15-119) [Win7 SP1] (3092601)
(MS15-097) [Win7 SP1 > fix2] (3086255)	(MS15-109) [Win7 SP1 > fix2] (3096443)
(MS15-088) [Win7 SP1 > fix1] (3082458)	(MS15-090) [Win7 SP1] (3060716)
(MS15-082) [Win7 SP1 > fix2 + RDP8.1] (3080348)	(MS15-085) [Win7 SP1] (3071756)
(MS15-060) [Win7 SP1] (3059317)	(MS15-069) [Win7 SP1 > fix1] (3072631)
(MS15-037) [Win7 SP1] (3046269)	(MS15-038) [Win7 SP1 > fix1] (3049576)
(MS15-028) [Win7 SP1] (3030377)	(MS15-029) [Win7 SP1] (3035126)
(MS15-011) [Win7 SP1] (3000483)	(MS15-015) [Win7 SP1] (3031432)
(MS15-002) [Win7 SP1] (3020393)	(MS15-004) [Win7 SP1 + RDP 8.1] (3020388)

Windows 7 Security Updates - Year 2014

(MS14-066) [Win7 SP1] (2992611) (MS14-078) [Win7 SP1] (2991963)

(MS14-043) [Win7 SP1] (2978742) ~ (MS14-064) [Win7 SP1 > fix2] (3011443)

(MS14-007) [Win7 SP1] (2912390) (MS14-039) [Win7 SP1] (2973201)

Windows 7 Security Updates - Year 2013

(MS13-090) AKB [Win7 SP1] (2900986) (MS13-098) [Win7 SP1] (2893294)

(MS13-081) [Win7 SP1 > fix3, fix4, fix5] (2870008) ~ (MS13-081) [Win7 SP1 > fix6 & fix9] (2870008)

(MS13-027) [Win7 SP1] (2807986) (MS13-079) [Win7 SP1 & AD LDS] (2853587)

Windows 7 Security Updates - Year 2012

(MS12-082) [Win7 SP1] (2770660) *

(MS12-072) [Win7 SP1] (2727528) (MS12-073) [Win7 > FTP Service 7.5 & IIS 7.5] (2733829)

(MS12-036) [Win7 SP1] (2685939) (MS12-054) [Win7 SP1 > KB2705219 - V2] (2733594)

(MS12-024) [Win7 SP1] (2653956) (MS12-033) [Win7 SP1] (2690533)

(MS12-013) [Win7 SP1] (2654428) (MS12-020) [Win7 SP1 > fix1 & fix2 - V2] (2671387)

(MS12-004) [Win7 SP1] (2631813) (MS12-006) [Win7 SP1] (2585542)

Notes: Download & install these updates in ascending order [from bottom to top]. Be sure to install Windows 7 Service Pack 1
before installing any of the security updates mentioned above.
<> Caution: Problems have been noted after installing certain Win7 security updates that are marked with an <> symbol.
Read the corresponding MS support articles of the affected security patches.
~ - Fix3 of MS13-081 (aka. KB2862330) was revised January 2014 to resolve problems with the original patch, so download and
install V2 of this update. The MS14-043 security update only applies to all the editions of Win7 SP1 except for the Starter
and Home Basic Editions.

Windows 7 & Server 2008 R2 Service Packs: (for the x64 edition only, not for ia64 edition)

Windows 7 (Seven) & Server 2008 R2 Service Pack 1 Standalone Package (976932) <>
Windows 7 (Seven) Service Pack 1 Express-Internet Installer & Express CAB Package (976932) <>

Note: Only install the Windows 7 Service Pack if a newer hotfix or a security update requires it. Installing Service Pack 1 will
change the version number from 6.1.7600.16385 to 6.1.7601.17514. SP1 is the only Service Pack released for Windows 7.
<> Caution: See MS KB article 976932 for any issues/problems when installing Win7 SP1.

Other Updates & Add-ons for Windows 7 & Server 2008 R2:

DirectX Runtime Web Installer for Windows 7 & Server 2008 R2 (features other DirectX addons) [More Info]
DirectX June 2010 Redistributable release for Windows 7 & Server 2008 R2 (features some DirectX addons) [More Info]
Opentype & TrueType (TTF) Font Properties Extension X64 for Windows 7 X64 & Server 2008 R2 X64 {unofficial} (Download here) [More Info]
WinHlp32.exe Help Program to View *.HLP files (Windows 7) (Windows Server 2008 R2) (917607)
<> * Windows 7 SP1 Embedded & Server 2008 R2 SP1 KB5032383 Servicing Stack 2023 Update [required before installing Feb. 2023 & later security updates; install KB4490628 fix first] (Win7 Embed) (5032383)
<> Windows 7 SP1 KB5017397 Servicing Stack 2022 Update [required before installing Feb. 2020 & later security updates; install KB4490628 fix first] (Windows 7) (5017397)
<> Windows 7 SP1 KB5016892 Update [required before installing Aug. 2022 & later security updates; replaces KB4538483 fix] (Windows 7) (5016892)
<> Windows 7 SP1 KB4575903 Update [required before installing Feb. 2020 & later security updates; replaces KB4538483 fix] (Windows 7) (4575903)
<> Windows 7 SP1 KB4536952 Servicing Stack 2020 Update [required before installing Aug. 2019 & later security updates; install KB4490628 fix first] (Windows 7) (4536952)
Windows 7 SP1 KB4474419 SHA-2 Update V3 [required before installing new security updates made in August 2019 onward; revised Sept. 2019] (Windows 7) (4474419)
Windows 7 SP1 KB4490628 Servicing Stack 2019 Update [required before installing Mar. 2019 & later security updates; replaces KB3177467 fix] (Windows 7) (4490628)
Windows 7 SP1 KB2952664 Compatibility Update V25 [revised mid-June 2018] (Windows 7) (2952664)
Windows 7 SP1 KB4468323 Time Zone Update (replaces previous Time Zone fixes) (Windows 7) (4468323)
Windows 7 SP1 KB3181988 USB Update (requires KB3125574 update installed first) (Windows 7) (3181988)
Windows 7 SP1 KB3184143 Update (removes the "Get Windows 10 Free" related updates) (Windows 7) (3184143)
<> Windows 7 SP1 KB3172605 July 2016 Update Rollup (includes Windows Update Agent v7.6.7601.23453; revised September 2016) (3172605)
<> Windows 7 SP1 KB3125574 Convenience Rollup Update [requires KB3177467 or KB4490628 servicing stack update] (Windows 7) (3125574)
Windows 7 SP1 KB2891638 Work Folders Update (Windows 7) (2891638)
Windows 7 SP1 KB2888049 Update (required before installing IE11; included in KB3122574) (Windows 7) (2888049)
Windows 7 SP1 KB2882822 Update (required before installing IE11) (Windows 7) (2882822)
Windows 7 SP1 Remote Desktop Connection 8.1 Update Set > [part 1, part 2, part 3 & part 4] (2830477)
Windows 7 SP1 KB2834140 Update - V2 (need KB2670838 update installed first) (Windows 7) (2834140)
Windows 7 SP1 KB2729094 Segoe UI Font Update - V2 (Windows 7) (2729094)
<> Windows 7 SP1 KB2670838 Platform Update (Windows 7) (2670838)
Windows 7 SP1 KB2533552 Update [replaces KB976902 update; required before installing SP1 thru WU] (Windows 7) (2533552)
~ Windows Management Framework 5.1 for Windows 7 SP1 & Server 2008 R2 SP1 [replaces previous WMF downloads] (Windows 7) (release notes)

Notes: Since Windows 7 no longer includes the old Windows Help Viewer to view help files with the .HLP file extension, download
and install the WinHlp32.exe Help Program to restore the ability to view .HLP help files in Win7. The KB2670838, KB2729094,
KB2731771, KB2786081, KB2834140, KB2882822 & KB2888049 updates are needed before installing IE10/IE11 on Win7 SP1.
<> - The KB2670838 Platform Update for Win7 SP1 may cause blue screen errors on computers with certain AMD/Intel hybrid
graphics hardware. Download and install updated AMD/Intel hybrid video drivers that are compatible with the KB2670838 update
and install the KB2834140 update. The KB3172605 July 2016 Update Rollup & the KB3161608 June 2016 Update Rollup causes
Intel Bluetooth devices not to function correctly when using outdated Bluetooth drivers. Updated Intel Bluetooth drivers and
applications that are compatible with either the KB3161608 or the KB3172605 update have been released here. The KB4516655
& newer servicing stack updates will fail to install if the older KB4490628 servicing stack update is not installed first.
~ - The Windows Management Framework 5.0 download requires .NET Framework 4.5.2 or higher installed first.

Other sites to find system updates and/or info for Windows 7:

Microsoft Download Center [the best place to search for and download patches and updates for any MS software]
Microsoft Update Catalog site (this site allows searching & saving updates onto a PC; works in any modern web browser)
Microsoft Windows Update Troubleshooter page (go here if having trouble using the Windows Update site)
Microsoft Windows 7 Home page (main page for Windows 7)
Windows Desktop Product Life Cycle Main page (go here to determine how long Windows software is supported)
Microsoft Help & Support main site (main page for support on MS software)
Microsoft Support Advanced Search site (search for MS Support KB articles here)
Microsoft TechNet Security Bulletin Search Site (check here for new security bulletins, security fixes and workarounds)
Microsoft Security & Privacy for Home Users page (page on how to deal with security issues for home users)

Notes: Any downloads for Windows Seven (7) are found from its Windows Update feature. By default, Win7 may be setup to download and install system updates automatically while connected to the Internet. To turn the feature off [if you're annoyed by it] open the Control Panel, select the Windows Update control panel applet, click on the Change Settings link and select the option that says "Never Check for Updates (not recommended)", then click Ok to save your settings. Disabling the Automatic Updates feature by using that method will cause the Action Center feature to display some annoying pop-up messages that Automatic Updates was turned off, so open up Action Center, click on "Change the way Security Center alerts me" link to bring up the Alert Settings dialog box, uncheck the checbox next to Automatic Updates. Then click OK to save changes and close the Security Center window and Security Center will no longer display popup messages that Automatic Updates was disabled.

Information on how to obtain and install system updates under Windows 7:

How to Obtain Microsoft Support Files from Online Services: MS Support KB Article 119591

[click here to go to my Main page]

(MS14-066) [Win7 SP1] (2992611)	(MS14-078) [Win7 SP1] (2991963)
(MS14-043) [Win7 SP1] (2978742) ~	(MS14-064) [Win7 SP1 > fix2] (3011443)
(MS14-007) [Win7 SP1] (2912390)	(MS14-039) [Win7 SP1] (2973201)

(MS13-090) AKB [Win7 SP1] (2900986)	(MS13-098) [Win7 SP1] (2893294)
(MS13-081) [Win7 SP1 > fix3, fix4, fix5] (2870008) ~	(MS13-081) [Win7 SP1 > fix6 & fix9] (2870008)
(MS13-027) [Win7 SP1] (2807986)	(MS13-079) [Win7 SP1 & AD LDS] (2853587)

(MS12-082) [Win7 SP1] (2770660)	*
(MS12-072) [Win7 SP1] (2727528)	(MS12-073) [Win7 > FTP Service 7.5 & IIS 7.5] (2733829)
(MS12-036) [Win7 SP1] (2685939)	(MS12-054) [Win7 SP1 > KB2705219 - V2] (2733594)
(MS12-024) [Win7 SP1] (2653956)	(MS12-033) [Win7 SP1] (2690533)
(MS12-013) [Win7 SP1] (2654428)	(MS12-020) [Win7 SP1 > fix1 & fix2 - V2] (2671387)
(MS12-004) [Win7 SP1] (2631813)	(MS12-006) [Win7 SP1] (2585542)