Starting Tuesday, January 10, 2023 Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting. And All editions of Windows 8.1, launched nine years ago in November 2013, will also reach EOS on January 10, 2023.
“Most Windows 7 or 8.1 devices will not meet the hardware requirements for upgrading to Windows 11, as an alternative, compatible Windows 7 PCs can be upgraded to Windows 10 by purchasing and installing a full version of the software,” Microsoft explains.
In addition, with Google Chrome 109 the company noted, drop support for Windows 7 and 8.1 starting in February 2023. Similarly, Microsoft Edge 109, is the web browser’s last version to come with support for Windows 7 and Windows 8/8.1
NVIDIA is no longer providing Windows 7 and Windows 8.1 drivers since last year, starting in October 2021.
According to Statcounter GlobalStats Currently, Windows 7 runs on over 11% of all Windows systems worldwide, while Windows 8.1 is used by 2.59% of Microsoft customers.
KB5022352 and KB5022346 last update For Windows 8.1
Microsoft has released the final Windows 8 Monthly Rollup: KB5022352 and Security-only: KB5022346 Both include miscellaneous security improvements to internal OS functionality but unfortunately also some known issues which will now never be addressed.
- Authentication might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if encryption types are not set or if RC4 Encryption type is disabled on the domain.
- Starting in this release, we are displaying a modal dialog box to remind users about the End of Support for Windows 8.1 in January 2023. This reminder does not appear on managed devices that run Windows 8.1 Pro or Windows 8.1 Enterprise.
- Resolves a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.
Known issues
- After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs.
KB5022338 and KB5022339 last update for Windows 7
Microsoft fixed 40 vulnerabilities with Windows 7, Here 8 Vulnerabilities critical classified as Critical as they allow Denial of Service (DoS), Elevation of Privilege (EoP), and Remote Code Execution (RCE) and the remaining 35 important and 1 moderate. The following are eight critical Vulnerabilities.
- Microsoft Cryptographic Services Elevation of Privilege Vulnerability — CVE-2023-21730
- Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability — CVE-2023-21679
- Microsoft Cryptographic Services Elevation of Privilege Vulnerability — CVE-2023-21561
- Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability — CVE-2023-21556
- Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability — CVE-2023-21555
- Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability — CVE-2023-21548
- Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability — CVE-2023-21543
- Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability — CVE-2023-21546
Windows 7 KB5022338 and KB5022339 also bring similar changes that include miscellaneous security improvements to internal OS functionality but still some known issues there which will now never be addressed.
- Authentication might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if encryption types are not set or if RC4 Encryption type is disabled on the domain.
- Resolves a known issue that affects apps that use Microsoft Open Database Connectivity (ODBC) SQL Server Driver (sqlsrv32.dll) to connect to databases. The connection might fail. You might also receive an error in the app, or you might receive an error from the SQL Server.
Known issues:
After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.
The company says this issue is expected in the following circumstances:
- If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
- If you do not have an ESU MAK add-on key installed and activated.
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated.
- After this update or a later Windows update is installed, domain join operations might be unsuccessful and error “0xaac (2732): NERR_AccountReuseBlockedByPolicy” occurs.
Windows 7 SP1 and Windows Server 2008 R2 SP Download links
Also, Microsoft mentioned these updates are not available via Windows Update this can only be installed with a manual download. You can download these updates from the Microsoft Update Catalog website using the links below.
- KB5022338 — 2023-01 Security Monthly Quality Rollup for Windows 7
- KB5022339 — 2023-01 Security Only Quality Update for Windows 7
You must install the updates listed below and restart your device before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.
Windows 8.1 and Windows Server 2012 R2
- KB5022352 — 2023-01 Security Monthly Quality Rollup for Windows 8.1
- KB5022346 — 2023-01 Security Only Quality Update for Windows 8.1
Also, New cumulative updates are available for the latest Windows 10 22H2, read the changelog from here.