Microsoft sneaks Secure Boot support into Windows 7 shortly before support ends

Martin Brinkmann
Jan 10, 2023
Updated • Jan 10, 2023
Windows 7
|
13

Support for Extended Security Updates for Windows 7 is ending today officially. Microsoft will release a last cumulative update for Windows 7 on January 10, 2023 before the operating system is laid to rest.

Users and organizations who run Windows 7 have a few options available to them to continue using their devices. The official path is to upgrade devices to Windows 10 or 11, or replace them with newer devices that run these operating systems.

Those who prefer to stay on Windows 7 may subscribe to 0Patch for less than $30 a year to receive critical security updates for at least 2 years starting with the official end of support. There may also be options to install patches that Microsoft produces for systems that are based on Windows 7 and still supported by the company.

ADVERTISEMENT

Chinese blog CSDN discovered in October 2022 that Microsoft appears to have added support for Secure Boot to Windows 7 via the September 2022 cumulative updates. Microsoft did not announce the change in the changelog or elsewhere, to the best of our knowledge.

windows 7 secure boot

Microsoft introduced support for Secure Boot in Windows 8 and has not backported the feature to Windows 7 during Windows 7's official support lifecycle. Support for Windows 7 ended in January 2020 for all Home customers while Enterprise and business customers could extend the support range by up to three years for a price.

Secure Boot is a security technology that verifies the integrity of core system components, including the UEFI firmware drivers, EFI applications and the operating system. Only if these components are verified through checks is the operating system booted.

Twitter user Bob Pony published news about this on the messaging site recently. He posted a screenshot of a Windows 7 Enterprise system running Secure Boot. Secure Boot does not work on UEFI Class 3 systems directly to the information published, which means that a workaround is required. The second caveat is that the feature was introduced in an ESU update.

Lastly, it needs to be noted that it feels strange that Microsoft would add support for the feature near the end of the operating system's end of support date. Microsoft did not even reveal that it added the feature, which means that no one outside of the company knows why it was added just months before support end.

Now You: what is your take on this? Why did Microsoft add Secure Boot support to Windows 7? (via Neowin)

Summary
Microsoft sneaks Secure Boot support into Windows 7 shortly before support ends
Article Name
Microsoft sneaks Secure Boot support into Windows 7 shortly before support ends
Description
Microsoft introduced support for Secure Boot in the September 2022 cumulative update for the Windows 7 operating system.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. NeonRobot said on January 10, 2023 at 10:25 am
    Reply

    Martin, thanks for informing. Not mandatory, but nice addition to Win7 features.

  2. John said on January 10, 2023 at 11:50 am
    Reply

    Secure Boot is sort of a joke now, I don’t think its any great security tool baked into the UEFI. If you are still running Windows 7 its probably on relatively older hardware anyway. Many systems probably still using legacy bios and not UEFI. I suppose Microsoft is doing its best to brace these systems for a onslaught of attacks after support ends.

  3. Tom Hawack said on January 10, 2023 at 11:50 am
    Reply

    – “Microsoft appears to have added support for Secure Boot to Windows 7 via the September 2022 cumulative updates”

    Wouldn’t concern Windows 7 set to block updates. Last Windows 7 update here goes back to several years.

    – “Bob Pony […] posted a screenshot of a Windows 7 Enterprise system running Secure Boot.”

    If support for Secure Boot has effectively been added to Windows 7 (via the September 2022 cumulative updates), would this concern Windows 7 Home Edition as well or only Enterprise?

  4. NeonRobot said on January 10, 2023 at 12:05 pm
    Reply

    Not anyway. Modern stuff works fine, but i still use csm, x670 and even wrx80 chipsets works fine, of course with hacked drivers.

    1. Anonymous said on January 10, 2023 at 6:17 pm
      Reply

      Can you please tell me where I can find the 3-rd party or patched drivers for the new hardware?

  5. Emanon said on January 10, 2023 at 12:18 pm
    Reply

    Secure Boot is part of UEFI and even Windows Vista supports it, Microsoft only started enforcing on OEMs with Windows 8, but the feature always been there.

    Same way Microsoft is enforcing TPM on Windows 11, but is also a feature that been there for over a decade.

    So this article is extremely misleading.

    1. Service Pack said on January 10, 2023 at 1:57 pm
      Reply

      Windows 7 and older versions do not run when Secure Boot is enabled…

  6. Shawn said on January 10, 2023 at 7:55 pm
    Reply

    Ya also anyone notice the propaganda of climate change all over the operating systems Windows 11 screams it…

    What’s that all about smells worst than a prime minister or a president.. I’ve got a bad feeling about all of this.

    With all the restrictions around the world for carbon footprints what’s going to happen the OS is going to shut off certain times of day? Thanks but no thanks.

    Good catch on the Windows 7 patch though didn’t see that one.

  7. Anonymous said on January 11, 2023 at 1:35 am
    Reply

    Windows 7 will still be used by me for a while. Every update to Windows 11 only makes the situation worse. I hope that the decision makers for Windows 11 are all fired soon. A professional operating system like Windows 7 is something that we desperately need.

  8. Y. said on January 12, 2023 at 1:15 am
    Reply

    Either Microsoft had to backport some fix for the bootloader, and decided to not bother with stripping down features – or Microsoft wanted to make running Win7/2008R2 in VMs a tiny bit easier which would also make sense (recall that 2008R2 gets extra ESU year).

  9. Anonymous said on January 17, 2023 at 6:04 pm
    Reply

    Does it mean that Secure Boot is enforced on Windows 7 machines now ? Could it mean that Microsoft is preventing the use of alternative operating systems on these machines just at the time Windows 7 is becoming obsolete ?

    https://www.fsf.org/campaigns/campaigns-summaries#secureboot

  10. 11r20 said on January 19, 2023 at 12:21 am
    Reply

    Anonymous said on January 17, 2023 at 6:04 pm

    Does it mean that Secure Boot is enforced on Windows 7 machines now ? Could it mean that Microsoft is preventing the use of alternative operating systems on these machines just at the time Windows 7 is becoming obsolete ?

    11r20 says Yeppers, All the above. Win7 was the best they ever made.

    The Micro$hyyt bean counters don’t like the fact that an operating system they built in 09 belongs to us, and we’ll use it the way we want…I bought mine in 09, a model Win7-Pro with a New HD, Tower, Netlimiter, PiHoled Router etc.

    They don’t like us using clean-fast-quiet-secured-locked-down-systems that they can’t manipulate or destroy.

    We bought n’ payed for these systems and it appears that “secure-boot” may be the “kill-switch” that can be potentially used on unsecured systems.

    “Back to the Future”

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.