diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index 48b2eb1..d5bad96 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -439,6 +439,10 @@ jobs:
     - name: Setup cmake
       uses: lukka/get-cmake@latest
 
+    - name: Apply patch
+      run: |
+        git apply --verbose --ignore-whitespace --directory=external/src/grpc/third_party/boringssl-with-bazel patches/boringssl/win7.patch
+
     - name: Build p2pool
       run: |
         mkdir build
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a69055d..d7ed33f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -215,7 +215,7 @@ if (WITH_UPNP)
 endif()
 
 if (WIN32)
-	set(LIBS ${LIBS} ws2_32 iphlpapi userenv psapi dnsapi dbghelp)
+	set(LIBS ${LIBS} ws2_32 iphlpapi userenv psapi dnsapi dbghelp advapi32)
 	if (CMAKE_CXX_COMPILER_ID MATCHES GNU)
 		set(LIBS ${LIBS} bcrypt)
 	endif()
diff --git a/patches/boringssl/win7.patch b/patches/boringssl/win7.patch
new file mode 100644
index 0000000..c8a4bec
--- /dev/null
+++ b/patches/boringssl/win7.patch
@@ -0,0 +1,58 @@
+diff --git a/src/crypto/rand_extra/windows.c b/src/crypto/rand_extra/windows.c
+index a44774d23..09cf10942 100644
+--- a/src/crypto/rand_extra/windows.c
++++ b/src/crypto/rand_extra/windows.c
+@@ -26,6 +26,7 @@
+ OPENSSL_MSVC_PRAGMA(warning(push, 3))
+ 
+ #include <windows.h>
++#include <wincrypt.h>
+ 
+ #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
+     !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
+@@ -61,16 +62,40 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
+ // See: https://learn.microsoft.com/en-us/windows/win32/seccng/processprng
+ typedef BOOL (WINAPI *ProcessPrngFunction)(PBYTE pbData, SIZE_T cbData);
+ static ProcessPrngFunction g_processprng_fn = NULL;
++static HCRYPTPROV g_hCryptProv = NULL;
++
++static BOOL WINAPI wrapper_CryptGenRandom(PBYTE pbData, SIZE_T cbData)
++{
++  return CryptGenRandom(g_hCryptProv, cbData, pbData);
++}
+ 
+ static void init_processprng(void) {
+   HMODULE hmod = LoadLibraryW(L"bcryptprimitives");
+-  if (hmod == NULL) {
+-    abort();
++
++  if (hmod) {
++    g_processprng_fn = (ProcessPrngFunction)GetProcAddress(hmod, "ProcessPrng");
++    if (g_processprng_fn) {
++      return;
++    }
+   }
+-  g_processprng_fn = (ProcessPrngFunction)GetProcAddress(hmod, "ProcessPrng");
+-  if (g_processprng_fn == NULL) {
+-    abort();
++
++  if (CryptAcquireContext(&g_hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) {
++    g_processprng_fn = &wrapper_CryptGenRandom;
++    return;
++  }
++
++  DWORD err = GetLastError();
++  if (err == NTE_BAD_KEYSET) {
++    if (CryptAcquireContext(&g_hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {
++      g_processprng_fn = &wrapper_CryptGenRandom;
++      return;
++    }
++    else {
++      err = GetLastError();
++    }
+   }
++
++  abort();
+ }
+ 
+ void CRYPTO_init_sysrand(void) {
diff --git a/tests/src/check_win7.py b/tests/src/check_win7.py
index 3f2f062..924bb12 100644
--- a/tests/src/check_win7.py
+++ b/tests/src/check_win7.py
@@ -293,6 +293,7 @@ allowedAPIs = {
 	"GetFileAttributesA",
 	"OpenThreadToken",
 	"GetOverlappedResult",
+	"CryptGenRandom",
 }
 
 f = open(sys.argv[1], 'r')