[POSReady 2009 updates ported to Windows XP SP3 ENU]

Off Topic:

1 hour ago, glnz said:

AFTER running heinoganda's Cert_Updater twice in the recent few days, but BEFORE running any of this week's updates

Am I the culprit again, where the blame is, on your ailing system?  There are alternatives where you get the current root certificates and no longer need to use "heinoganda's Cert_Updater". Furthermore, you can uninstall the modified KB4134651, if you think that you have problems with it.

 

[Root Certificates and Revoked Certificates for Windows XP]

7 hours ago, Thomas S. said:

I am not sure and sorry if I am wrong - but is it possible that your very helpfull tool has an old UPDROOTS.EXE ?

The tool works perfectly even under Windows 7. Unfortunately the forum lacks many follow-up comments after February 2018, where also explains why it is so. Microsoft deletes stale or insecure root certificates with the "delroots.sst" file, which is not an error. Now there are users who are still working with very outdated e-mail programs, but these have their problems with modern encryption technologies. A workaround may be "ProxHTTPSProxyMII" or install from the file "delroots.sst" the timely, valid certificates, definitely not recommended.

[[Cancelled by the Author] Extended Kernel for XP (ExtendedXP)]

This requires no further comment!

[Upgrading IE8 to TLS 1.2]

KB4316682 is only available through the WSUS catalog.

http://download.windowsupdate.com/d/msdownload/update/software/crup/2018/05/ie8-windowsxp-kb4316682-x86-embedded-enu_cc345109f94dd7b763cc415385974632a058fd07.exe

To enable TLS 1.1 and 1.2 in Internet Explorer 8, run the following code for a reg file.

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2]
"OSVersion"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1]
"OSVersion"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"SecureProtocols"=dword:00000a80

 

[Upgrading IE8 to TLS 1.2]

13 hours ago, FranceBB said:

In other words, even though he didn't tell me when it's gonna be included in the next update cycles, it seems that Microsoft *will* include it in the next update cycles.

For an operating system that will be supported until April 2019? I am not so optimistic, since even TLS 1.2 should be considered unsafe. Hope dies last.

13 hours ago, FranceBB said:

I'm as happy as Larry.

If there is no EEC support up to the end of support, you have to rename yourself Larry. 

[Upgrading IE8 to TLS 1.2]

@dencorso

I have not even noticed, the only difference I've found between valid and invalid certificate.

 

Update:
In connection with the Explorer (shell32.dll), an adjustment seems to be necessary by MS, because of the encryption.

[Problems accessing certain sites (Https aka TLS)]

@Thomas S.

cffi==                  1.11.2 > 1.11.5
cryptography== 2.1.4   > 2.2.2
packaging==      16.8    > 17.1
pyasn1==           0.4.2   > 0.4.3
pyOpenSSL==    17.5.0 > 18.0.0
urllib3==            1.22    > 1.23

[Problems accessing certain sites (Https aka TLS)]

Have new build generated by ProxHTTPSProxy (Rev2k), various python modules and CA certificates (cacert.pem) updated. If anyone has interest please write a PM to me.

[Microsoft patches Windows XP to fight 'WannaCry' attacks]

1 hour ago, dencorso said:

Well, that's because some users are actualy supermegaueberultraparanoid...

Well, I'm worried because so many old barrels can also have an unpleasant content. The following example shows fish specialty from Sweden.

[Microsoft patches Windows XP to fight 'WannaCry' attacks]

Actually, I do not understand why an old barrel is reopened. For this problem, there were even official updates for Windows XP sp3 (users who received the updates for POSReady 2009, got updates a little earlier)! 

Currently KB4012598 has been replaced by KB4041995 from 10/05/2017!

[Microsoft security essentials and Windows XP]

10 minutes ago, mo832 said:

QUESTION: was your post for the German version software above intended for me and my issue, or for the general user audience?

As there was a demand for a German version of MSE in this topic, it is just a different language version.

[Microsoft security essentials and Windows XP]

Have times with my local proxy the download link for MSE v4.4.0304.0 German extracted from Microsoft Update, here it will be offered to me after the search under software optional.

Download from MS:

http://download.windowsupdate.com/d/msdownload/update/software/ftpk/2013/11/mseinstall_17f531645ed7e5b4043adecd21bcea2fc21b50f1.exe

Download over web.archive.org:

https://web.archive.org/web/20180130200636/http://download.windowsupdate.com/d/msdownload/update/software/ftpk/2013/11/mseinstall_17f531645ed7e5b4043adecd21bcea2fc21b50f1.exe

 

@mo832

Have you tried using the MSE Updater to reset the Antivirus Update Engine (RAUE)? Then update the Virus-Definition for MSE (1).
 

[IE 8 in 2018?]

@apreese16

Disable automatic updates and reboot. Now MSI 4.5 (KB942288-v3) should be installed, then manually install the latest update of IE8 (KB4052978). Make sure that TLS 1.0 is active in Internet Explorer 8. Now the search should work with Windows Update in Internet Explorer 8. If you have the Microsoft Office Compatibility Pack or Office 2007-2010 installed, Microsoft Update may resolve this problem again. In this scenario, you must manually install the latest updates for these products from October 2016 or go back to Windows Update.

Note: You can not just enter the POSReady entry in the registry, a detailed manual has been to the "POSReady 2009 updates ported to Windows XP SP3 ENU" published!

[Latest Version of Software Running on XP]

On 28.1.2018 at 6:02 AM, sdfox7 said:

Skype (now owned by Microsoft) is officially still supported on Windows XP SP3 with Internet Explorer 8. Apparently Microsoft still has a soft spot for XP.

Unfortunately, there is no newer version for Windows XP (latest version 7.36.0.150). Currently, however, version 7.40.32.104 is offered which no longer works under Windows XP. The last working where I have is the version 7.37.32.103 (here the high voice frequency shares are not cut off).

[Cryptojacking block for Windows XP]

Even my outdated Google Chrome 44.0.2403.130 seems to be still immune.

[Which e-mail providers are possible for the registration?]

An acquaintance of mine would like to register for the MSFN Forum, but he does not get an activation e-mail at "freenet.de" or "mail.de". Is there a blacklisting or whitelisting by e-mail provider?

 

[Microsoft security essentials and Windows XP]

3 hours ago, sdfox7 said:

I have always recommended that people download the programs using the original source page Internet Archive (http://windows.microsoft.com/en-us/windows/security-essentials-download):

https://web.archive.org/web/20131116114651/http://windows.microsoft.com/en-us/windows/security-essentials-download

Clicking on the yellow "Get It Now" will bring you to the next page where you can select a language and Windows version.

https://web.archive.org/web/20131102224656/http://windows.microsoft.com/en-us/windows/security-essentials-all-versions

The direct link for XP 32 bit is http://mse.dlservice.microsoft.com/download/A/3/8/A38FFBF2-1122-48B4-AF60-E44F6DC28BD8/enus/x86/mseinstall.exe

Unfortunately, only the version 4.10.209.0, this does not work on Windows XP!

[Microsoft security essentials and Windows XP]

3 minutes ago, jaclaz said:

BUT, is it any newer than November 2013 ? 

I can offer the version 4.8.204.0 Rev.6, if interested, please send a PM.

[Microsoft security essentials and Windows XP]

Microsoft Security Essentials 4.4.304 is currently being officially offered through Microsoft Update (with IE8 http://www.update.microsoft.com/microsoftupdate)!

 

If an offline installer is desired, copy the file "MSEInstall.exe" to/on any directory/drive under "%windir%\SoftwareDistribution\Download\Install". The setup of MSE running at this time can still be canceled.

 

 

[POSReady 2009 updates ported to Windows XP SP3 ENU]

7 hours ago, glnz said:

Well, if I get another BSOD, I'll try the uninstall.  But why stop there?  Why not go back to SP2?

This is absolute nonsense, why do not you try it to narrow down the real issue for your BSOD? Currently I have no problems with Avast version 17.9.3761.0 after the current μUpdates 328/329. KB4056615 is not installed on my system as this update was really knit with hot needles at a time when everything revolves around Meltdown and Specter.

[POSReady 2009 updates ported to Windows XP SP3 ENU]

6 hours ago, glnz said:

Got a second BSOD this month on my XP - while nothing was happening.  (Maybe my machine is just getting bored?)

Here's a link to a zip with all the info:  <LINK>

The immediate culprit seems to be an Avast AV Free driver aswStmXP.sys, which is version 17.9.3754.0, last modified December 21, 2017, 1:06:34 PM.

However, with all the recent updates and reg key change instigated by the AV companies for Meltdown and Spectre (what about Smersh and Thrush?) , I wonder whether there isn't a conflict with our recent POS updates.

Thoughts?

Please do not be angry with me, but in your security delusion, you seem to have not internalized some issues with KB4056615 in this topic yet. Why not simply uninstall KB4056615 and then see if this issue still crops up. KB4056615 did not seem to be tested well enough at Microsoft and still contains bugs! A broken kernel can also trigger this error.

[List of updates to avoid the never-ending search on Microsoft Update]

37 minutes ago, jaclaz said:

Thanks, but sorry  , I still don't understand, if I don't have the IE8 installed, what would an update to IE8 do?

Or since the update is cumulative (and updates other files) does it mean that it will install nonetheless?

Of course, you would need to install IE8 before the IE8 cumulative update can be installed, which includes updates that were previously offered separately (hlink.dll, inetcomm.dll, jscript .dll and vbscript.dll).

[List of updates to avoid the never-ending search on Microsoft Update]

@jaclaz

The last update for IE6 was KB3124275 from 01/11/2016, the problem with svchost.exe appeared from November 2016 on and means that from this point on when using WU in advance manually the most recent cumulative update for IE8 should be installed. In addition, if you are using MU, you must have the relevant Office Compatibilty Pack / Office 2007 updates from November 2016 to date so that svchost.exe's high processor load does not occur. 

Note:
If you also use POSReady updates for Windows XP sp3, it is also advisable to install the cumulative update for IE8, because the components for Microsoft Office 2000 (hlink.dll), Microsoft Internet Messaging API (inetcomm.dll), JScript (jscript .dll) and VBScript (vbscript.dll) are no longer available in separate updates.

[POSReady 2009 updates ported to Windows XP SP3 ENU]

On the subject of Meltdown and Specter, according to this test, an Intel P4 is affected. Unfortunately, it is the problem that Intel still AMD published a more detailed list of affected CPU's. A patch for Windows can unfortunately mitigate this problem, even if the BIOS / UEFI the microcode was patched, the real problem remains. Only a new CPU helps where the architecture no longer allows these forms of attacks.

[POSReady 2009 updates ported to Windows XP SP3 ENU]

2 hours ago, Thomas S. said:

I use most NTFS formatted sticks because of big files.

For external media (stick, flashcard and old good mechanical hard drive) I use exFat. Anyone who has already dealt with this file system should, like me with an external HDD, see this file system as an advantage. With various defragmentation tools I noticed that the data was never fragmented.