Home  |  German version of the page  | 

Previous months 2018: Oct
Previous months 2017: MayAprMarJan
Previous months 2016: DecNovOctSep, AugJulJun

Last Update: 2022-04-13

Change notes

In March 2019 two updates were released which add support for SHA-2 code signatures to Windows 7, comprised of a new Servicing Stack (KB4490628) and the actual update adding support for SHA-2 code signatures (KB4474419). See updated table below. The combination of both updates prepare Windows 7 to handle updates that contain only a SHA-2 code signature, which are to be expected in the upcoming months. Starting in July 2019 the support for SHA-2 code signatures is required to receive future updates!

In October 2018 the Servicing Stack for Windows 7 (KB3177467) was rereleased. See updated table below.

Starting in May 2017 the complete list of monthly update can be found on this separate page. This should make maintenance a bit easier and give visitors a better overview without too much hassle.

Information on Windows Vista can be found on this separate page - for the last three remaining Vista users ;).


Valid as of: Oct 2016 (2016-10-11)
Valid until: Until MS breaks something again
Note: The above dates only refer to the "speedup" update, the "magic" patch, not the whole page!

This HowTo is valid for Win7 SP1 and 8.1, which have been newly installed or haven't been updated for some time. It should also help on systems that were up-to-date last month.

These instructions were only tested on Win7 SP1.

Solution to the issue

The term "solution" might be a little bit exaggerated, since the following HowTo only tries to make sure that the Update Agent doesn't need to check all updates, so the check for new updates is done faster.

Install the following updates BEFORE letting Windows search for updates, to avoid this very search taking "forever".

It's sufficient to install one of the Servicing Stack Updates. The current version is highlighted in bold.
Important: One of the Servicing Stack Updates is required before July 2016 Rollup can be installed!
KB Win7 x64 Win7 x86 Win8.1 x64 Win8.1 x86
Support for SHA-2 code signatures Download Download - -
Servicing Stack Update March 2019 Download Download - -
Servicing Stack Update October 2018 Download Download - -
Servicing Stack Update July 2016 - - Download Download
July 2016 Rollup Download
Direct link September 2016
Direct link September 2016 [HTTP]
Direct link September 2016
Direct link September 2016 [HTTP]
- -
July 2016 Rollup - - Download Download
KB3020369 Servicing Stack Update April 2015 Download Download - -
KB3021910 Servicing Stack Update April 2015 - - Download Download
Maybe you wonder why July 2016 Rollup. The answer is simple: This particular update contains a more recent (as far as I know the latest) version of the Update Agent. With this update the time needed to search for new updates is reasonable, almost regardless of the updates installed on the system; the search times vary, of course, but not as ridiculously much as without July 2016 Rollup.

If you're a user of Intel Bluetooth Hardware and have trouble with BT due to KB3172605, you can take a look at the page October page; it contains some links that might be helpful in resolving the issues.

Steps to take after Windows installation

Some automation

To ease the pain of installing multiple systems you can use e.g. this script which is updated regularly. Put the script and all updates in the same directory - a USB flash drive or network share may be a good place. The script determines the Windows version (Vista, Win7 or Win8.1), its architecture (32 or 64 bit) and so on. It makes use of the command given above. Just double-click the script - after you've disabled automatic updates (see above) - and it installs all required updates automatically, including the latest Windows Update Agent (if present). Reboot the system after the script is finished, and you're done. Re-enable automatic updates as needed.

If you intend to install Windows Updates on a whole network of systems, it's probably better to use some dedicated solution for this, e.g. WSUS Offline Update, which already installs the prerequisites in current releases.


If you are curious why the search for updates takes such a long time, check out the background information.

Thanks to T. Wittrock, author of WSUS Offline Update, Denniss, Canadian Tech, Woody Leonhard, Cliff Hogan, lmacri and the community.


You can reach me via the following forums:
It is not permitted to copy and subsequently republish any of these pages!

Valid HTML 4.01 Transitional