Leaderboard

I'm gonna leave this guide for defusing the timebomb here. http://cache.tehsausage.com/flash/defuse.txt Instead of changing the year to 2040, it replaces the value with a NaN - "not a number". Adobe's code will check if the current time in milliseconds is above NaN, which always returns false, so it basically means infinity. I did it before january 13th, everything Flash-related works fine. Now I wonder if it's possible to set the system date to before January 13th, install the latest flash, then follow the guide and return the system date to how it was. Also apparently the same exact hack works for Linux version as well. defuse.txt

https://www.bleepingcomputer.com/news/security/windows-finger-command-abused-by-phishing-to-download-malware/ It is interesting to note that Finger.exe is also available in Windows XP. The exe is in the "System32" folder. This type of attack will probably never affect our OS. But considering the rarity of use of the Finger.exe command, it might be interesting to consider blocking it. Adding a rule to block the connection in your firewall has the same effect. P.S. For OS after W.XP, for example w.10 x64, the rules are at least 2 because you also need to lock the exe in "syswow64".

It's indirect protection. If they change the method of attack it will be in vain. I personally prefer to use a direct block. I put a custom rule in NVT OSArmor that blocks Finder.exe: [%PROCESS%: *\finger.exe] In OSes later than W.XP it is easy to get a firewall hardening for the most abused commands via the tool below: https://hard-configurator.com/download/ LOLBin - Add If a rule is not in the list it is easy to add it.

Agreed. and this being the case, let me report that on Windows 7 32-bit I restored sucessfuly working flash to IE 11.0.9600.19866 Update Version: 11.0.220 (KB4586768) and to Firefox ESR 52.9.1 (32-bit) by modding the internal date, removing the invalidated digital signature and adjusting the PE-Checksum (@UCyborg's method), but (even after replacing also %SystemDrive%\Users\<username>\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.465\pepflashplayer.dll) wasn't able to restore it to working state on Google Chrome 87.0.4280.141 (Official Build) (32-bit). On the browsers I was able to restore working flash, both <https://helpx.adobe.com/flash-player.html> and <https://get.adobe.com/flashplayer/about/> worked OK, too, somewhat surprising. The attached pic is from the latter on IE11, BTW. OTOH, both browsers on which flash is working give me the same results as @Tripredacus had on Kongregate (viz. the supernova ad), regretably.

Well, I surely do know that Russia expands to vast territories , but perhaps @Vadim could enlighten us more as to which version of Chinese Flash v34 he's been using (and, to a second degree, his actual whereabouts ) ... @ED_Sln , have you only tried the "official" stub (on-line) Chinese installers? Perhaps related, but today I finished my Chinese Flash tests and upon more thorough inspection of the re-packaged setups, I discovered that the DLLs have been patched, because their SHA-2 digital file signatures have been invalidated: So, it is my educated guess, the Chinese repackers may have lifted the officially imposed geo-restrictions...

In chrome-based browsers this is possible through an extension. The best extension from a privacy point of view is: https://chrome.google.com/webstore/detail/font-fingerprint-defender/fhkphphbadjkepgfljndicmgdlndmoke?hl=it

Yes, but the Flash files are all still present as far as I can see, although it no longer works because of the time bomb. I would expect a future update to actually remove them, and the associated registry entries as well. I don't think that KB4577586 has been automatically implemented yet, although as you say it may well be included in a future monthly security patch. As far as I can see it wasn't in last Tuesday's patch (KB4598242), and there's no mention of Flash in the patch documentation.

The Flash embedded in the operating system stopped working last Tuesday on Windows 10 as I expected, but that may just have been because of the time bomb in the Flash files. I guess a future OS update may well actually remove all the Flash files as well, at the moment they do seem to be still there.

Until now no problems found Tested with Fixed 2 partition VHD type MBR - BIOS / UEFI with Mini 7/8/10 x64 UsedSize 2 GB for booting with UEFI Grub4dos or UEFI Grub2 from RAMDISK. Menu entries for Mini 7/8/10 x64 in VHD as UEFI RAMOS \EFI\grub\menu.lst title Boot /2MU_10.vhd - UEFI Grub4dos SVBus RAMDISK - 3 GB find --set-root --ignore-floppies --ignore-cd /2MU_10.vhd map --mem --top /2MU_10.vhd (hd) chainloader (hd-1) title Boot /2MU_7.vhd - UEFI Grub4dos SVBus RAMDISK - 3 GB find --set-root --ignore-floppies --ignore-cd /2MU_7.vhd map --mem --top /2MU_7.vhd (hd) chainloader (hd-1) title Boot /2MU_8.vhd - UEFI Grub4dos SVBus RAMDISK - 3 GB find --set-root --ignore-floppies --ignore-cd /2MU_8.vhd map --mem --top /2MU_8.vhd (hd) chainloader (hd-1) \grub\grub.cfg menuentry "Boot /2MU_10.vhd - UEFI Grub2 SVBus RAMDISK - 3 GB" { search --file --set=vhd_drive --no-floppy /2MU_10.vhd map --mem --rt ($vhd_drive)/2MU_10.vhd boot } menuentry "Boot /2MU_7.vhd - UEFI Grub2 SVBus RAMDISK - 3 GB" { search --file --set=vhd_drive --no-floppy /2MU_7.vhd map --mem --rt ($vhd_drive)/2MU_7.vhd boot } menuentry "Boot /2MU_8.vhd - UEFI Grub2 SVBus RAMDISK - 3 GB" { search --file --set=vhd_drive --no-floppy /2MU_8.vhd map --mem --rt ($vhd_drive)/2MU_8.vhd boot }

Sorry, i kinda lied here. Version 27.0.0.180 may be the last non-SSE2 NPAPI plugin for Windows, but having just booted my Debian install i found out that the last SSE build for linux is v.10.3.183.50 Additionally, i found out that the MSFN forums cause their tab to crash in Firefox 60.7.1-ESR for some reason...

Thats great! Im going to try it to install office 2010 updates

Sadly, it didn't help me, installed both symbolas from your link, but still seeing weird rectangles. I'm on a new chrome.

Which is surprising, considering how spread XP is in China... By the way, since you're testing the Chinese version, I know you malware-scanned it and it was fine, but can you also check if it's opening a connection to some dodgy Chinese server when you're using it? If it's not, then it's probably gonna be safe, but, you know, I wanna be really sure before I install anything from China on my computer.

I use v1.3.5 and it's reliable. In fact it looks more like XP than the 1.4 beta. You may wait a LONG time for the RTM. There is also XP Explorer.

Make sure you have first downloaded all the cab files - you can leave them in the Vista downloads folder but you'll find it easier to create a subfolder for those cabs - call the folder "cab downloads" (without quotations) and move all the cabs into that folder. IMPORTANT: In your explorer address bar at top, highlight and COPY the address to where you moved your cab files ie: C:\Users\Jimz\Downloads\cab downloads You will be posting this address in your "cmd" prompt later to direct where your downloaded cab files are After copying the cab files location, you want to finally run your "cmd" with an administrative privilege. click start - all programs - accessories - command prompt (run as administrator). copy and paste these commands (make sure your path to update folder is correct) - the following is appreciated as per credit to GHM: To BULK install updates, I usually run the following set of commands: forfiles /p <path to update folder> /m *.cab /c "cmd /c mkdir @fname" forfiles /p <path to update folder> /m *.cab /c "cmd /c pkgmgr /ip /m:@file /s:@fname /norestart" The first command creates a folder for each individual update and the second one installs each update and extracts onto each created folder. Here's a practical example. Say, I have all of the updates from the repository located in my Downloads folder inside my user profile. In this case, I want to install every update in the "General" folder. I'd use the commands above like so: forfiles /p "C:\Users\Jimz\Downloads\cab downloads" /m *.cab /c "cmd /c mkdir @fname" forfiles /p "C:\Users\Jimz\Downloads\cab downloads" /m *.cab /c "cmd /c pkgmgr /ip /m:@file /s:@fname /norestart" I'd recommend you install no more than 200 updates at a time. This can also be used to create an updated Vista ISO for later use (tutorial coming soon™) Anyway, here's the link for the repository https://mega.nz/folder/MgBRSKKK#rDcZY60CQ7uWMRUcagT4EQ

@roytam1 thanks!

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.7.win32-git-20210116-4b450ac-uxp-515814277-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.7.win64-git-20210116-4b450ac-uxp-515814277-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.7.win32-git-20210116-4b450ac-uxp-515814277-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.2a1.win32-git-20210116-5ac4ef4c7-uxp-515814277-xpmod.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.2a1.win32-git-20210116-5ac4ef4c7-uxp-515814277-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.2a1.win64-git-20210116-5ac4ef4c7-uxp-515814277-xpmod.7z Official UXP changes since my last build: - Issue #1705 - Part 1: Rename nsChangeHint_CSSOverflowChange to *ScrollbarChange. (e16ed489a) - Issue #1705 - Part 2: Add a ShowScrollbar enum to be used in ScrollReflowInput. (4681e04dc) - Issue #1705 - Part 3: Rename ScrollbarStyles to ScrollStyles. (0e6a9cc60) - Issue #1705 - Part 4: Add scrollbar-width CSS keyword to CSS parser. (65da2431f) - Issue #1705 - Part 5: Implement scrollbar-width:none for all target platforms. (c05bca316) - Issue #1705 - Part 6: Remove scrollbarbutton min-{width|height} rule from theme. (764e13c91) - Issue #1710 - Check for triggering principal URI in FTP subresource check. (c0db767c2) - Issue #1705 - Part 7: Implement scrollbar-width:thin on Windows. (382fe423e) - Issue #1705 - Part 8: Implement scrollbar-width:thin on GTK. (ecc771848) - Issue #1705 - Part 9: Implement scrollbar-width:thin on Mac (cocoa). (59ef3f4ed) - Issue #1624 - Fix slot access intrinsics for objects with > 16 reserved slots (7023db88c) - Issue #1705 - Part 9b: Revert overzealous changes on Mac (cocoa). (0939fde1a) - Merge pull request 'Add scrollbar-width CSS spec' (#1707) from 1705 into master (515814277) Official Basilisk changes since my last build: - [SSUAO] Update overrides for YouTube (734d737) - [Tabbed browser] Pref detach&tear-off of tabs. (4b450ac) Official Pale-Moon changes since my last build: - [SSUAO] Update overrides for YouTube (f50a12e7c) - Issue #1845 - Pref detach&tear-off tab handling. (16479d842) - Update about box repository information (5ac4ef4c7)

It's NOT the flag I advised ! I don't know what (don't read) google writes to the ordinary users , but according to their own documentation it does what it says, besides you may wanna read more carefully what I write , you have mixed up the two different flags : " --process-per-site - Enable the "Process Per Site" process model for all domains. This mode consolidates same-site pages so that they share a single process. More details here: - https://www.chromium.org/developers/design-documents/process-models - The class comment in site_instance.h, listing the supported process models. IMPORTANT: This isn't to be confused with --site-per-process (which is about isolation, not consolidation). You probably want the other one."

Guess you gotta switch to Waterfox then

Of course MSFN works with Chrome 88 and JS turned on. that is for if you use the website without JS or use a old browser

I'm glad I could make you laugh ))) . If you need that 360 browser , I strongly suggest you do the manual editing of the aforementioned files and cut out the telemetry yourself . You need to look for IPs and domains , esp. ".cn" , ."gov" , ".ru" . Most of them are written in plain text ! Just replace "http" with "zzzd" or smth like that. Replace IPs with non-existent ones . You may as well look the source code of chromium ungoogled and cut out google too. And don't forget to like my posts . Best regards.

Another minor problem with Windows 7 is that it cheats at Spider Solitaire by not properly shuffling the deck. My success rate with 2 suits went from about 50% to 7% when I changed from Window XP x64 to Windows 7 Ultimate x64.

I found that Windows Update with the patch broke at one point (I'm not sure why, but it happened after I tried switching the patch from stock Vista to Server 2008, so that might've had something to do with it), and I had to remove the patch, reboot, reinstall the patch, and reboot again before I could get it to work again. So, maybe try that? c

You see , you've just confirmed what win32 have been saying , you don't need to go any further than April 2017 for system replacement (yet you don't listen again !) , and the instructions were not deleted , they are here , repeated many times in the comments . I'm not gonna respond you anymore , please write to someone else and refrain from asking me and win32 the same questions over again , if you don't respect me , at least show some decency towards his marvellous work. Don't want this to end blocking you up completely . Edit : Better to use internal messaging and not pollute this topic with personal instructions , thanks. Goodbye.

I respect , so should you . How come it's not working only for you ? Ask other members if you don't want to listen to me , but please don't distract @win32

You were asking about >firefox< (and this has been answered earlier , scroll back) . Isn't this your question ? "What exactly does that mfplatsetup.cmd script do? How does it improve video playback on Firefox/forks of Firefox?"

I'd rather recommend than listening to the FBI but to upgrade your very unique Brain.exe instead. It's the best anti-virus out there. The only downside is, that Brain.exe can't be bought for money and downloading it is impossible, too. It must be fed proper knowledge to grow. And then one day, you will be capable of using the old operating systems online without running into a wall. Would I recommend to average users who use their brain on other things than computers to use Windows XP and Windows 7 for example? No, because that would put them easily in danger. But if you know, what you are doing, then you'll be able to avoid the problems. Use a hardware firewall, that you can configure. Block unwanted Javascripts. Block everything, you didn't ask for. Don't click on everything that sounds like a promising help to your problems. Learn to read links before clicking on them. These things. Also consider that something like Windows XP got more secure over time, as less and less people were using it. Windows 7 is still a very attractive target for mean hackers with circa 15% market share (2020).