Microsoft kills future security updates for Windows 7 on modern hardware

On the April 2017 patch day Microsoft has released two security bulletins KB4015549 and KB4015546 that will block future security updates on Windows 7 in case a newer processor is detected that is part of the following CPU Families: Intel KabyLake, AMD Bristol Ridge and AMD Ryzen.
The block mechanism is enforced by the new Windows Update Agent Version 7.6.7601.23735 this also prevents manually update installs using the .msu package. After installing the Microsoft Updates from above a UI nag screen will show up that reminds you of the non supported hardware, even when the system is working ok.

The error in the log file looks like this:

c98 Agent WARNING: WU client failed Searching for update with error 0x80240037
f24 AU >>## RESUMED ## AU: Search for updates [CallId = {692C634C-461A-46AC-82FD-16C025C65F22}]
f24 AU WARNING: Failed because device hardware is not supported and not exempt update was discovered with this scan.
f24 AU # WARNING: Search callback failed, result = 0x80240037
f24 AU # WARNING: Failed to find updates with error code 80240037

An Offline install will also not work:

444 PT + Offline serviceId = {CB8C92B3-A833-483F-A728-F55D2C09DAEC}
444 Agent WARNING: Only detected non-exempt updates on device with unsupported processor.
444 Agent FATAL: Device has unsupported processor. Return 80240037.
444 Agent * WARNING: Exit code = 0x80240037


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s