Installing/Activating Windows 7/Server 2008/2008 R2 Extended Security Updates (ESU) MAK Key

Update 06.11.2020: Microsoft activation link updated.


Update 03.12.2020: Before installing and activating ESU keys, please ensure you have installed all prerequisites outlined under Prerequisite For Deploying ESU below.


Introduction

Announced by Microsoft on March 12, on January 14, 2020, Windows 7 and Windows Server 2008/2008 R2 will go out of support, and soon thereafter Office 2010. Out of support means that there will no longer be any development or security patches released for these operating systems.

If you have not yet updated to a modern operating system and still want security patches, you will need to sign up for these through the Extended Security Updates (ESUs) program.

In this blog post, I cover the prerequisite and how to deploy and activate Windows 7 ESU license on both internet connected computers and air-gaped computers. Note, the assumption is you already obtained and purchased a Windows 7/Windows Server 2008/2008 R2 Extended Security Updates MAK key.

Prerequisite For Deploying ESU

To deploy the Windows 7 ESU you will need the following prerequisite on your clients/servers:

  1. Install the following SHA-2 code signing support update and the following servicing stack update (SSU):
    • Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1:
      Servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1: March 12, 2019 (KB4490628)
      and
      SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019 (KB4474419)
    • Windows Server 2008 Service Pack 2 (SP2):
      Servicing stack update for Windows Server 2008 SP2: April 9, 2019 (KB4493730)
      and
      SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019 (KB4474419)
  1. Install the SSU listed below (or a later SSU) and the ESU licensing preparation package:
    • Windows 7 SP1 and Windows Server 2008 R2 SP1
      Servicing stack update for Windows 7 SP1 and Server 2008 R2 SP1: February 11, 2020 (KB4537829) or later
      and
      Extended Security Updates (ESU) Licensing Preparation Package (KB4538483)
    • Windows Server 2008 SP2:
      Servicing stack update for Windows Server 2008 SP2: February 11, 2020 (KB4537830) or later
      and
      Extended Security Updates (ESU) Licensing Preparation Package (KB4538484)

The Windows 7 ESU Activation ID

The Activation IDs are provided by Microsoft on: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807

ESU Program ESU SKU (or Activation) ID 
Windows 7 SP1 (Client) 
Year 1 77db037b-95c3-48d7-a3ab-a9c6d41093e0 
Year 20e00c25d-8795-4fb7-9572-3803d91b6880 
Year 34220f546-f522-46df-8202-4d07afd26454 
Windows Server 2008/R2 (Server)
Year 1 553673ed-6ddf-419c-a153-b760283472fd 
Year 204fa0286-fa74-401e-bbe9-fbfbb158010d 
Year 316c08c85-0c8b-4009-9b2b-f1f7319e45f9 

How To Install And Activate The Windows 7 Extended Security Update MAK Key On Internet Connected Computers

After you have purchased the Windows 7 ESUs, you will receive a MAK key. This MAK is unique to your organization, but not unique for each devices, which means you will use the same MAK key to activate to your devices.

Execute the following commands in a Elevated Command Prompt:

  1. cscript c:\windows\system32\slmgr.vbs /ipk <MAK Key> 
  2. cscript slmgr.vbs /dlv  *Note, take note of the Activation ID which should also be listed in the above chart
  3. cscript c:\windows\system32\slmgr.vbs /ato <Activation ID>
  4. slmgr.vbs /dli hit enter (You should now see ESU status is Licensed)

How To Install And Activate The Windows 7 Extended Security Update MAK Key On Air-Gapped Computers

Execute the following commands in a Elevated Command Prompt:

  1. slmgr.vbs /ipk <MAK Key>
  2. cscript slmgr.vbs /dlv *Note, take note of the Activation and Installation ID (Do not close this command prompt window)
  3. Call MS: 1-888-725-1047 or visit Microsoft Product Activation http://m.vivr.io/7xPzEPN (select 6 Digits) and provide the Installation ID. MS will provide you with the Confirmation ID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, write it down
  4. slmgr.vbs /atp <ConfirmationID> space <ActivationID>
  5. slmgr.vbs /dli hit enter (You should now see ESU status is Licensed)

Conclusion

It is important to ensure your organization has a strategy in place for Windows 7 and Server 2008/2008 R2 upgrade. In the meantime its highly recommended you obtain a ESU license to ensure your operating system is kept protected. Contact us today to order your ESU license’s to stay protected!

Is your organization purchasing ESUs license? How are you handling the Windows 7/Server 2008 and or Server 2008 R2 end of support?

Please leave a comment below!

ITsPaul is a managed service provider located in Ottawa, Ontario. We provide IT support, services and offer Web development.

4 Replies to “Installing/Activating Windows 7/Server 2008/2008 R2 Extended Security Updates (ESU) MAK Key”

  1. Hi,

    Your link to Microsoft Product Activation is dead.

    1. Hello Marvin,
      Thanks for pointing that out. The links expires from time to time as they are smartphone links. Here is the updated link –> http://m.vivr.io/7xPzEPN
      The guide has also been updated to reflect this.

      Thanks

  2. Hi, thanks for this article which was very useful, I do have a question though, how can I do this on several servers? I need to be able to roll out the MAK to them do you have a method of doing that? Thanks.

    1. Hello there,

      I’m glad you found it useful. Yes there is, you can use Microsoft VAMT to accomplish this task.

      Here is guide on how to accomplish this. It was written for isolated computers (computers that have no internet connectivity) but it’s the same concept.

      https://www.itspaul.ca/step-by-step-guide-vamt-mak-proxy-activation-for-isolated-air-gapped-networks

      Cheers

Leave a Reply

Your email address will not be published.

You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*