Bypass Microsoft's update block for Windows 7, 8.1 PCs running Kaby Lake, Ryzen

GitHub user Zeffy created a custom patch to defeat Microsoft's update block for Windows 7 and 8.1 users using devices powered by next-gen processors.

Although Microsoft blocked Windows updates to Windows 7 and 8.1 PCs powered by new CPUs, one unhappy user found a way around the block so devices with next-generation processors can continue to get security updates for the older operating systems.

Microsoft warned users several times that they needed to jump on the Windows 10 bandwagon. That didn’t go over very well, so Microsoft extended Windows 7 and 8.1 support on some Skylake-powered devices.

However, the Redmond, Washington, giant stuck to its guns about forcing devices with the new processors Kaby Lake or AMD Ryzen onto Windows 10. The company said, “7th Gen Intel Core (Kaby Lake) processor family and AMD’s 7th generation processors (e.g. Bristol Ridge) will only be supported on Windows 10, and all future silicon releases will require the latest release of Windows 10.”

When this month’s patches were released, Windows 7 and 8.1 users with new processors saw the below unsupported hardware warning:

Your PC uses a processor that is designed for the latest version of Windows. Because the processor is not supported together with the Windows version that you are currently using, your system will miss the important security updates.

That didn’t please GitHub user “zeffy”. Zeffy dug into the March rollup updates and found a changelog that stated, “Enabled detection of processor generation and hardware support when PC tries to scan or download updates through Windows Update.”

Zeffy wrote:

Which is just Microsoft's nice way of telling everyone who'd rather keep using Windows 7 or 8.1 on their Intel Kaby Lake or AMD Ryzen systems to screw themselves. There have even been people with Intel and AMD systems from 2015 who have reportedly been locked out of Windows Update because of this!

When the April patches came out last week, Zeffy tested his scripts and found that they worked. In essence, Zeffy found a way to stop Microsoft’s CPU detection so Windows 7 or 8.1 users can continue to get security updates.

All-in-one script lets new processors receive security updates for Windows 7, 8.1

Yet instead of following all the original steps, Zeffy simplified the process by releasing an all-in-one patch for KB4012218, KB4012219, KB4015546, KB4015547, KB4015549 and KB4015550.

“There is now only one script which includes all the various .xdelta files for patching different versions of wuaueng.dll on Windows 7 and 8.1 (x64 and x86), and it will figure out which one to use automatically,” Zeffy wrote.

The script includes support for the monthly security rollups for Windows 7 and 8.1, as well as the security-only quality update for both of the older operating systems.

In bold print, Zeffy emphasized:

PLEASE note: I have only tested this on Windows 7 x64 and a Windows 8.1 x64 virtual machine. If you want to try the patch out, please create a system restore point first, or use it in a VM. Always be very careful when you are modifying system files!

Also note that this patch will not magically make updates work that are truly incompatible with next-gen CPUs. Though I haven't heard of any such updates yet, it is still worth mentioning.

I have not tested Zeffy's scripts, but it may be worth trying if you received the warning when trying to update your machine and you resent Microsoft trying to force you onto Windows 10.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful cybersecurity companies