Integrate7 script – automatically download and slipstream all updates!

Page 42 of 45 FirstFirst ... 324041424344 ... LastLast

  1. Posts : 87
    Windows 7 Professional x64
    Thread Starter
       #411

    New version 3.80
    - Included November 2022 Cumulative Update (KB5020000)
    - Included November 2022 Cumulative .NET Framework Update (KB5020688)
    - Included September 2022 Servicing Stack Update (KB5017397)
    - By default, disabled depricated SMBv1 protocol (can be reenabled by changing DisableSMBv1 from 1 to 0)
    - Added ExtraScripts/DisableNetBIOS.cmd which can be used to disable obsolete NetBIOS over TCP/IP protocol
    (it cannot be integrated and has to be run after all network interfaces/cards drivers are installed on the system)​

    Links:
    --> Integrate7 v3.80 (GDrive) <--
    --> Integrate7 v3.80 (OneDrive) <--

    Password:

    Integrate2020

    Hint:

    SMBv1 is only needed if you share printers or folders with Windows 2000/XP. It is obsolete, potentially vulnerable and should be disabled as it is on Windows 10.
    NetBIOS over TCP/IP is only needed if you share printers or folders with Windows 3.x, 9x or DOS. Completely obsolete now.

    PS. Fill free to make any custom mods or patches to the script.



    - - - Updated - - -

    Shadow Lord said:
    Where can I disable your "fix" in the script? The reason some of us are staying with Win7 is because of support for older tech. If I wanted it to be as problematic as Win10/11 I would just install Win10/11. Thanks.

    1.
    LLNR has been been introduced with Windows Vista. If you use pre-Vista network environment, you don't need it.
    If you use modern systems, you don't need it too.
    On old systems NetBIOS name resolution is used instead, on modern systems mDNS is used instead.

    2. All above protocols are naming protocols and are used only on LANs (not on the Internet).
    They enable you to connect to shared resources (ie. printers and drives) via computer names instead of via IP addresses.
    If you disable one of these protocols, another one will be used. So there are no disadvantages of disabling LLNR and security is potentially improved.
      My Computer


  2. Posts : 98
    Windows 7 Pro 64-bit
       #412

    Thank you very much for the thread and posts,

    per this update, September Monthly Update KB5017361 added native UEFI and Secure Boot support for Windows 7.

    Have you verified this?
    (your September 2022 Servicing Stack Update (KB5017397) should have covered older KB5017361. i.e. 97 > 61)

    Windows 7 now supports native UEFI and Secure Boot!!!

    wkeller said:
    New version 3.80
    - Included November 2022 Cumulative Update (KB5020000)
    - Included November 2022 Cumulative .NET Framework Update (KB5020688)
    - Included September 2022 Servicing Stack Update (KB5017397)

    For .NET 5.1 mentioned below (If You need them, download them manually and/or use Windows Update)

    Is it compatible with Windows 7? As I know, .NET 4.8 is highest version for Windows 7.

    wkeller said:
    What is NOT included ?

    1. Telemetry-only or activation checking updates (I recommend against installing them through WU. Just hide them, when using WU).

    2. Packages not included in original Windows 7 installation DVD, like:

    - Windows Management Framework 5.1
    - Windows Remote Software Administration Tool
    - etc.

    If You need them, download them manually and/or use Windows Update.
      My Computer


  3. Posts : 87
    Windows 7 Professional x64
    Thread Starter
       #413

    siliconbeaver said:
    per this update, September Monthly Update KB5017361 added native UEFI and Secure Boot support for Windows 7.
    If KB5017361 supports Secure Boot, KB5020000 supports it too. KB5020000 has all fixes and patches that are included in KB5017361.
    But Secure Boot support is not so important in real life. Most UEFIs has an option to disable Secure Boot or you can use Windows 10 bootloader (Secure Boot aware) to boot Windows 7.
    The main problem with Windows 7 is lack of GOP support (which supersedes VESA BIOS on UEFI v3 systems), not the lack of Secure Boot support.

    siliconbeaver said:
    For .NET 5.1 mentioned below (If You need them, download them manually and/or use Windows Update)
    Is it compatible with Windows 7? As I know, .NET 4.8 is highest version for Windows 7.
    1. You are confusing Windows Management Framework with .NET Framework.
    Windows Management Framework is intended for system administrators to remotely manage their Windows Servers.
    You probably don't need it.

    2. .NET 5 is not an update for .NET 4. The former could be installed aside of the latter, not instead of it.
    .NET 5 is however no longer supported on any system, because it is superseded by .NET 6.

    3. Different .NET versions are only partially compatible or not compatible at all.

    So generally speaking if you use:
    .NET Framework v1 applications, you need .NET Framework 1.0 or 1.1 (the latest is the best)
    .NET Framework v2 applications, you need .NET Framework 2.0, 3.0 or 3.5 (the latest is the best)
    .NET Framework v4 applications, you need .NET Framework 4.0, 4.5, 4.6, 4.7 or 4.8 (the latest is the best)
    .NET Core applications, you need .NET Core 2.1, 3.0 or 3.1 (the latest is the best)
    .NET applications, you need .NET 5, 6 (LTS) or 7 (LTS version is probably the best)

    See also here for differences between .NET and .NET Framework.

    4. .NET 6.0 LTS and .NET Core 3.1 LTS are compatible with Windows 7 SP1 with ESU updates, according to Microsoft source.
    .NET Framework 4.8 is also supported on Windows 7, but latest .NET Framework 4.8.1 is not.
    See here for latest download links of .NET and .NET Core or here download links of .NET Framework.

    5. I recommend to install .NET Framework 4.8 on every single system, because most .NET applications require or support it.
    .NET 3.5.1 is also recommended, because there are still quite a few .NET 2.0-3.5 apps.
    .NET 1.0/1.1 is very old and unsupported, so it is rarely needed and you should install it only if really necessary.
    Other .NET versions should also be installed only if necessary. There are not many desktop apps which require them.

    6. Windows 7 SP1 supports .NET 3.5.1 Framework natively and my script adds support for .NET Framework 4.8, so most users should be satisfied.
    Last edited by wkeller; 13 Nov 2022 at 01:07.
      My Computer


  4. Posts : 98
    Windows 7 Pro 64-bit
       #414

    Thanks for clarifying.

    I am staying with .NET 4.8.
      My Computer


  5. Posts : 37
    Windows 7 Pro 64bit
       #415

    wkeller said:
    1. LLNR has been been introduced with Windows Vista. If you use pre-Vista network environment, you don't need it.
    If you use modern systems, you don't need it too.
    ....
    On old systems NetBIOS name resolution is used instead, on modern systems mDNS is used instead.
    2. All above protocols are naming protocols and are used only on LANs (not on the Internet).
    Hi,

    Thanks for the explanation and creating options to disable SMB1/NetBIOS for the user. Yes, you are of course correct that security is improved by disabling outdated protocols. However, not all of us are using Win 7 systems in the wild/on the internet on a regular basis. Also not everyone "upgrades" consistently. As a vintage computer hobbyist I have many systems (some over 40 years old) that run outdated SW (I have a server that runs MS Lanman - of course it sits behind a NAT and is never exposed to the internet but I use it still to store and serve DOS SW) that I still need to to talk to. I think the best ideal is to provide the option to disable/not disable as needed per personal choice/requirement as you have done. The user can then decide how much "risk" they are comfortable with.
    Thanks again!
      My Computer


  6. Posts : 87
    Windows 7 Professional x64
    Thread Starter
       #416

    Shadow Lord said:
    The user can then decide how much "risk" they are comfortable with.
    You are right. The option should be available next release.

    And yes, I am aware that old systems are far from dead and can be very useful even in modern times. These are just tools, and it is up to user how can get benefits of it.
    I am also aware that there are plenty of technologies to make them secure (firewalls, proxy servers, managed switches, etc). If you are really smart, your system will be secure, no matter what OS/software you use.

    However average users are not smart IT technicians, so by default it is better to disable legacy protocols.
    Eg.: People may not remember, but famous WannaCry ransomware used SMBv1 protocol to spread.
      My Computer


  7. Posts : 37
    Windows 7 Pro 64bit
       #417

    wkeller said:
    You are right. The option should be available next release.
    That is great news! Thanks.
    wkeller said:
    However average users are not smart IT technicians, so by default it is better to disable legacy protocols.
    I can agree with that logic, i.e. the default for the option should be to disable and for those of us who need it we just turn it back on.

    p.s. Any chance of adding in the functionality of SIW2's (see here please) set date script into the Integrate7 script i n the next version as well? If not no worries. Thanks again!
      My Computer


  8. Posts : 87
    Windows 7 Professional x64
    Thread Starter
       #418

    New version 3.90
    - Included December 2022 Cumulative Update (KB5021291)
    - Included December 2022 Cumulative .NET Framework Update (KB5021091)
    - Disabled AeLookupSvc (ie. Application Experience service, completely useless nowadays)
    - Disabled CBS logs (ie. ever growing logs inside Windows\Logs\CBS folder)
    - Disabled obsolete LLNR protocol is now switchable (can be turned on by setting DisableLLNR=0)
    - By default (as previously), disabled depricated SMBv1 protocol (can be reenabled by changing DisableSMBv1 from 1 to 0)
    - As previously, added ExtraScripts/DisableNetBIOS.cmd which can be used to disable obsolete NetBIOS over TCP/IP protocol
    (it cannot be integrated and has to be run after all network interfaces/cards drivers are installed on the system)​

    Links:
    --> Integrate7 v3.90 (GDrive) <--
    --> Integrate7 v3.90 (OneDrive) <--

    Password:

    Integrate2020

    Hint:

    SMBv1 is only needed if you share printers or folders with Windows 2000/XP. It is obsolete, potentially vulnerable and should be disabled as it is on Windows 10.
    NetBIOS over TCP/IP is only needed if you share printers or folders with Windows 3.x, 9x or DOS. Completely obsolete now.

    PS. Fill free to make any custom mods or patches to the script.
      My Computer


  9. Posts : 3
    Windows 7 x64
       #419

    - Disabled AeLookupSvc (ie. Application Experience service, completely useless nowadays)
    There is a bug that doesn't allow you to delete or rename folders if Application Experience service is disabled.
    https://support.hcltechsw.com/csm?id...icle=KB0038316
    Copying .EXE files may result in a sharing violation error - Folder In Use - Windows Server | Microsoft Learn
    Application Experience - Black Viper | BlackViper.Com
      My Computer


  10. Posts : 15
    Windows 7 Pro x64
       #420

    ~ Should also disable/delete task:
    Code:
    \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
    Intel Pentium 4 said:
    There is a bug that doesn't allow you to delete or rename folders if Application Experience service is disabled.
    Does it actually still exists when telemetry is off? ~ I think possible solution was to disable both services:
    Code:
    Program Compatibility Assistant Service (PcaSvc)
    
    Application Experience (AeLookupSvc)
    Applying this already does everything: Disable/Remove Telemetry and Tracking Service | My Digital Life Forums
      My Computer


 
Page 42 of 45 FirstFirst ... 324041424344 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 17:58.
Find Us