IT administrators who signed up for Windows 7 post-retirement support have found that there is a new prerequisite that must be installed before they can download the patches they have already paid for.
This week, Microsoft slowed down the much-appreciated post-retirement support for Windows 7 by telling IT administrators that there is a new prerequisite that must be installed before they can download the patches they have already paid for.
The last-minute requirement was titled «Extended Security Update License Preparation Package» and was identified as KB4538483 in Microsoft number format.
The license preparation package can be downloaded manually from the Microsoft Update catalog. It should also appear in WSUS (Windows Server Update Services), the patch management platform used by many commercial customers. However, it will not be delivered automatically through the Windows Update service, on which some very small companies depend to provide the necessary patches.
Hard could be a word for the new requirements management process. «So do we need to implement the license preparation package, restart, check for updates again, install the new updates, and restart again?» asked someone identified only as Eric on Twitter. (He claimed to have been an administrator for more than 15,000 Cincinnati Windows customers.)
«That’s right,» the Windows Update Twitter account replied.
Failure to implement KB4538483 means that computers running Windows 7 that have been prepared to receive the first post-retirement extended security updates (ESUs) released on Tuesday, February 11th will not receive security updates.
Earlier this week, Microsoft had said nothing about the last-minute requirement, although the company had been in talks before ESU debuted this month. Microsoft had detailed instructions for purchasing ESUs and preparing Windows 7 systems for patches. Even when KB4538483 reached the Update Catalog and Microsoft went through it step by step, even here and here, the notification of the new prerequisite was extremely discreet.
No wonder KB4538483 surprised administrators.
«For small businesses, this has been very annoying,» said Susan Bradley, a network and security consultant who moderated the PatchMangement.org mailing list and a contributor known as «The Patch Lady» on the advice site. Windows AskWoody.com. Bradley has been actively investigating how small businesses could acquire ESU in the months leading up to the launch of the program.
«I had to personally help several of my clients to purchase these keys, I thought they were all configured and I had to go to them, remotely on their computers and install this last minute update knowing that they will not know how get this patch, not exactly how to install it, because I don’t normally go to the Microsoft catalog site, «he said.
Bradley, like anyone outside of Microsoft, had no idea why the Redmond, Washington company surprised ESU customers. «It didn’t behave like a normal service patch,» he noted. After further investigation, Bradley speculated that KB4538483 is «licensed».
Computerworld asked Microsoft to explain KB4538483, asking, «Why was KB4538483 suddenly needed?» and «Has Microsoft overlooked anything before?»
«Extended Security Updates (ESU) Licensing Packages (KB 4538483 and KB4538484) address the activation experience requirements identified during our testing and evaluation with a large population of preview clients,» said Microsoft, responding and not responding to questions, a common thing. «We launched the ESU licensing packages at the launch on 11 February 2020, to provide a consistent user experience in the future, a minimum number of package installations and to minimize the general disruption of customers.»
More outages now, so will there be fewer outages later? Good.