When Microsoft announced the end-of-support for Windows 7 and Windows Server 2008 R2 more than two years ago, the company offered its Extended Security Updates (ESU) program. ESU allowed organizations that were still running the aforementioned OSs to receive important security updates to help them stay safe from cyberthreats.
While Microsoft will provide the final batch of security updates for Windows 7 in January 2023, a platform called 0patch aims to to take Microsoft’s place in keeping the old operating systems protected against cyberthreats. 0patch announced this week that it will provide its micropatching service until January 2025 for Windows 7, as well as Windows Server 2008 R2 devices (via Techspot).
“We have decided to keep providing security patches for Windows 7 and Windows Server 2008 R2 for critical vulnerabilities that are likely to get exploited, and will be happy to keep you secured for a fraction of what you had paid for ESU so far,” 0patch’s blog stated.
0patch’s micropatches are applied directly in the memory of running processes instead of changing your executable files, so a user doesn’t need to restart their computer to finish installing the updates.
If a user is under Microsoft’s ESU program and wants to continue receiving security updates with 0patch, they only need to apply all remaining ESU updates. Then, they need to install the 0patch “Free Agent” on their Windows 7 or Server 2008 R2 computers and register them to their 0patch account. You can download it on this page here.
Back in March 2022, the 0patch team released an unofficial fix for an old Windows vulnerability. Three months later, they also deployed a patch for a Microsoft Support Diagnostic Tool zero-day vulnerability.