POSReady 2009 updates ported to Windows XP SP3 ENU

[Atari800XL]

Well, the POSReady/Installed=1 tweak is getting a lot of press now, eg. one of the biggest Dutch PC news sites:

http://tweakers.net/nieuws/96252/windows-xp-gebruikers-kunnen-door-registerhack-updates-blijven-ontvangen.html

 

If microsoft would decide to "do something about it", maybe we'll have to go back to modding the update files, so please harkaz, keep the original instructions available here!

[bphlpt]

Yeah, the amount of press it is getting is just an indication of how popular that XP still is.  IMHO it is only a matter of time before MS closes this loophole.

 

Cheers and Regards

[Dave-H]

It will be interesting to see if MS do try to block this somehow.

It can hardly have come as a surprise to them that people have discovered it!

I'm hoping that as long as it's confined to a relatively few geeks like us they won't worry too much, after all we're hardly going to be expecting support for it!

[RJARRRPCGP]

yeah the MULTIPLE_IRP_COMPLETE_REQUESTS BSOD comes from symantec.  The other is a memory corruption wile overwriting the free memory with Zeros so that it can be used again:

********************************************************************************                                                                             **                        Bugcheck Analysis                                    **                                                                             ********************************************************************************PFN_LIST_CORRUPT (4e)Typically caused by drivers passing bad memory descriptor lists (ie: callingMmUnlockPages twice with the same list, etc).  If a kernel debugger isavailable get the stack trace.Arguments:Arg1: 0000008f, The free or zeroed page listhead is corruptArg2: 0008679f, new pageArg3: 000763ff, old pageArg4: 00000000, 0Debugging Details:------------------BUGCHECK_STR:  0x4E_8fCUSTOMER_CRASH_COUNT:  1STACK_TEXT:  nt!KeBugCheckExnt!MmZeroPageThreadnt!Phase1Initializationnt!PspSystemThreadStartupnt!KiThreadStartupSTACK_COMMAND:  kbFOLLOWUP_IP: nt!MmZeroPageThread+13080528529 cc              int     3SYMBOL_STACK_INDEX:  1IMAGE_NAME:  memory_corruptionFAILURE_BUCKET_ID:  0x4E_8f_nt!MmZeroPageThread+130

Are the RAM timings fine?

When I had "PFN_LIST_CORRUPT", it was with a RAM overclock, I think it was with my Kingston PC2100 DDR SDRAM at about 145 Mhz, even when it seemed that I couldn't make it occur again.....

Edited May 27, 2014 by RJARRRPCGP

[Guest]

Microsoft now starts lying. Up until last month they were good enough for XP now all of a sudden they are not? 

Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP. 

http://news.softpedia.com/news/Microsoft-Despite-Update-Hacks-Windows-XP-Is-Still-Insecure-443904.shtml

Edited May 27, 2014 by -X-

[jaclaz]

Actually they are not lying (please read as "not lying more than usual").

 

It is most probably true that the updates

aren't intended for desktops computers running the full version of XP

 

 (which doesn't really mean that they won't work, only that they were not intended for it)

 

Also the following statement:

The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers," a company spokesperson said.

 

is very accurate .

 

These updates are actually intended for Windows Embedded and Windows Server 2003 customers.

They do not fully protect Windows XP customers (as well as they do not fully protect Embedded And Windows Server 2003 ones ).

 

Also here:

Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.

 

given the amount of issues that previous updates caused (when XP was supported), I have some doubts about those updtes havine EVER being tested (thoroughly) on Windows XP , and of course "significant" without any data is one of those words that can mean anything, you know like these (ALL considered by someone constituting a significant risk to health or safety, before being debunked):

http://www.hse.gov.uk/myth/myth-busting/index.htm

I like these ones , carrying a parasol at  a race:

http://www.hse.gov.uk/myth/myth-busting/2013/case204-racecourse-parasol.htm

and carrying new shoes without a box:

http://www.hse.gov.uk/myth/myth-busting/2014/case248-customers-buying-shoes.htm

are reknown as dangerous activities.

 

The best way for Windows XP customers to protect their systems is to upgrade to a more modern operating system, like Windows 7 or Windows 8.1."

 

 

Nothing to see here, people, move along. 

 

jaclaz

[submix8c]

Aw, gee... no mention of Vista at all.

Let me get this straight... An MS Security Bulletin is issued, naming the exact problem. A fix is issued that coincides with Server2k3/POSReady (and more than likely Vista/7/8 and Servers maybe). Being that both are "built upon XP" then they "won't work", so don't upgrade to Vista just jump directly to 7/8 (no upgrade path from XP, mind you ). And how much would you be willing to bet that a hex compare of the "supported" prev->fixed would yield the exact same "patch" that (would have been) applied to XP.

Edited May 27, 2014 by submix8c

[Jeffery]

Ohh so they don't test this Updates anyone for Windows XP? So everyone who bought the premium support for Windows XP got scammed by Microsoft.

Edited May 27, 2014 by Jeffery

[submix8c]

No! Don't misunderstand. These are "unofficial" that are being discussed.

Read these -

http://www.microsoft.com/en-us/microsoftservices/support.aspx

http://www.landesk.com/migrate/xp-support.html

The (apparently) "tested" ones are "custom" ones, which -may- (at least some/most of them, depending on what the "fix" is) be exactly the same as the Win2k3/POSReady ones. There -may- be other "fixes" that aren't made public.

 

Too late for "the deal"...

http://www.techradar.com/us/news/software/operating-systems/microsoft-is-paying-windows-xp-users-50-to-jump-ship-to-newer-machines-1234115

 

edit - also notice the "custom" part of the filename for the XP fixes for KB2964358.

Edited May 27, 2014 by submix8c

[jaclaz]

For the record, in my understanding, this:

http://www.landesk.com/migrate/xp-support.html

 

Simple Patching for Windows XP Premium Support

The end of support for Windows XP has passed, and security updates are no longer available for XP users, forcing them into an ongoing “zero day” vulnerability.

Although Microsoft is offering an extension support to its customers, it is only for those who pay exorbitant fees for the premium support contract. However, even with the contract, the organizations are still responsible for deploying the custom patches into their environment.

There is an option

LANDESK is offering custom content support as a service to Microsoft customers to streamline the Windows XP patching and deployment process. This annual subscription from LANDESK will streamline the delivery for the patches privately released by Microsoft for Windows XP Professional and is offered as a single purchase for total coverage.

Upgrading to a new operating system can be tedious and costly. Regardless of the reason for your continued use of Windows XP, we are here to support you.

 

Translates to:

Since the good MS guys, notwithstanding the awful amount of money you have to give 'em to get the patches, also suck in delivering/deploying them,  you should really give us some more money to assist you in fixing what they are not good at.

i.e. it is an added service, besides the need for paying MS for extended support...

 

 

jaclaz

Edited May 27, 2014 by jaclaz

[submix8c]

Well, yeah.... For reference to the post before mine...

[Atari800XL]

UPDATE: To automatically apply the patch to any update.exe file v6.3.13.0 or later (for any langugage) run these commands:

 

gsar -o -s:xE8:x02:xBA:x02:x00:x85:xC0:x75:x41 -r:E8:x02:xBA:x02:x00:x31:xC0:xEB:x41 update.exe pechecksum -c update.exe

 

 

 

Harkaz, I was just "archiving" this, but there's a tiny mistake here. There should be an "x" right after the " -r:", so:

"-r:E8"

should be

"-r:xE8".

 

We might need this one after all some day in the future

 

Thanks once more for your work!

[dencorso]

OK. I've now fixed the original post for harkaz. Thanks for the heads up!

[bluebolt]

Hard to miss this one:

 

http://www.computerworld.com/s/article/9248614/Windows_XP_hack_resurrects_patches_for_retired_OS

[harkaz]

As for the "functionality issues" argument in M$ statement this may be true only with a very limited set of files. For example, an update containing kblchecker.dll (KB2686509) had been released seperately for normal XP and Embedded versions. I can't give you a complete list of such files, however, it's worth find the differences between these 2 KB2686509 updates -  we might be able to make more general observations.

 

If there are such updates in the future, the CAT signing method I have presented at RyanVM can be used to create the new update catalog files (after properly porting the patch from the Embedded-only update). As a reminder, the update catalog files are primarily used for SFC protection.