How to verify if your Windows 7 can get Extended Security Updates (ESUs)

Windows 7 can get Extended Security Updates

Microsoft has ad Extended Security Updates for Windows 7 for those who are willing to pay by computer subscription. With support for Windows 7 ending on January 14, 2020, it is therefore essential to check if your Windows 7 can obtain Extended Security Updates (ESUs). In this article, we will explain how to check the eligibility of your Windows 7 system. We have also included details for Windows Server 2008 R2 SP1.

Check if Windows 7 can get extended security updates

The following is a list of the minimum system requirements and installation processes to verify the presence of EUS. If you have a Windows 7 virtual machine hosted on Azure, you will receive free updates for ESU.

  1. Minimum system requirements of the operating system
  2. SHA-2, maintenance stack update and monthly accruals
  3. Activation using the ESU key
  4. Install knowledge base updates for final verification.

If the knowledgebase update fails, follow the troubleshooting methods.

1) Minimum system requirements of the operating system

The first criterion for obtaining ESUs is that you should have updated your copy for Windows 7 Service Pack 1 (SP1) and Server 2008 R2 SP1 or Windows Server 2008.

2) SHA-2 maintenance stack update and monthly accruals

Then you have to Install the SHA-2 code signature support update, the battery maintenance update, and the monthly rollups. Here are the details offered by Microsoft:

  1. Install the following SHA-2 Code Sign Support Update and the Stack Maintenance Update (SSU) or a subsequent SSU update:
    • 4474419 Updated SHA-2 Code Signing Support for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019
    • 4490628 Update for Stack Maintenance for Windows 7 SP1 and Windows Server 2008 R2 SP1: March 12, 2019
  2. Install the following Maintenance Stack Update (SSU) and Monthly Accumulation:
    • 4516655 Update of the maintenance stack for Windows 7 SP1 and Server 2008 R2 SP1: September 10, 2019
    • 4519976 October 8, 2019 – KB4519976 (Monthly total)

3) Activation using the ESU key

Once you have them, you can then install and activate your Windows using the ESU key you received from your cloud solution provider or from the Microsoft 365 Administration Center. MAK keys and you will need them to receive security updates for the entire year.

Follow these three steps to enable and check the status of your ESU key. Although Microsoft suggests using System Center Configuration Manager to send scripts to your enterprise devices. All these operations must be performed at the elevated command prompt. We will use SLMGR to activate and check.

Search ESU activation ID

  • Type slmgr / ipk and select Enter.
  • If the product key is successfully installed, you will see a message: Product Key Installed. with success.

Enable the ESU Product Key

  • Type slmgr / dlv, and select Enter.
  • Note the ESU Activation ID.
  • Type slmgr / ato and press Enter.

Check status

  • Type slmgr / dlv and select Enter.
  • Verify that the license status indicates that it is licensed for the corresponding ESU program.

You will have to repeat this process each year. You will receive a new MAK key each year, which should be enabled to continue receiving updates from ESUs.

Since your copy of Windows is already activated, you may wonder if the second key overwrites it. This is not the case. The ESU MAK key will be installed side by side with another activation key. This will not affect this other activation key.

4) Installing Knowledge Base Updates for Final Verification

Once successful activation, you need to install KB4528069 for Windows 7 SP1 and Windows Server 20008 R2 SP1. If you are running Windows Server 2008, install then KB4528069. You can obtain this update from the Microsoft Update catalog or Windows Server Update Services (WSUS).

This is a non-security update that is not available on Windows Update or Microsoft Update. This will help you to check if you want to obtain Extended Security Updates (ESU).

If the computer fails to connect online, you must follow a different method:

The first is to download the installation KB4519972 via USB or any other means. Then you must use the volume activation management tool to perform the proxy activation.

You will need to download and install the volume activation management tool, update the configuration file, configure the client firewall settings for VAMT, and then add the ESU product key to VAMT.

ESU updates will always search for MAK keys, and if they are missing, you will not receive updates. Since MAK keys are unique keys, make sure you have a clear discussion about how you will handle if the machine requires reinstallation.

Troubleshoot issues with Extended Security Updates (ESUs)

  1. Make sure all the prerequisites have been met.
  2. Restart if you have pending updates.
  3. Make sure to install this update on the Eligible edition ESU and supported architecture.
  4. If you have problems with the keys, ask the cloud partner to check if the keys you have been assigned are valid.
  5. You can always call the Microsoft Technical Support number 1-800-Microsoft (642-7676).

Microsoft also supports Windows 7 and Windows 2008 Embedded, POS Ready, Enterprise, Standard, Datacenter, Web, Workgroup.

Leave a Comment