Jump to content

POSReady 2009 updates ported to Windows XP SP3 ENU


glnz

Recommended Posts

2 hours ago, Destro said:

only if you are running a Intel CPU that is based on integrated memory control you are vulnerable.  That means anything that uses a FSB is safe.  A lot of people don't understand that.

1st Gen Core means basically FSB cpus like Core 2 Duo.  After that intel re branded their new architecture that used a integrated memory controller as 2nd generation core.

OK ... so my older Pentium ThinkPads are safe since the CPU Processor is FSB ... if I understand everything.

Intel Pentium M Processor 745 (2M Cache, 1.80 GHz, 400 MHz FSB)

... if so, then thanks for clearing some of this up. I happen to like and still enjoy using my older ThinkPads with WinXP.

I wasn't going to ditch them anyway ... I don't store any passwords and with the New Moon browser that roytam1 brought to MSFN in the Windows XP thread, everything is 'good to go' for 2018.

monroe

 

Link to comment
Share on other sites


Thats correct.  Assuming that list released by Intel is 100% accurate.  A Pentium M  PGA479 is not affected.  It is not part of any of the listed intel architectures. 

I have a T43 laying around somwhere its pretty good for how old it is.  What I am curious is if this new patch adversely affects CPUs that are not vulnerable in the 1st place.  Need to run benchmarks and do a lot of testing to see.  If it does It could be somthing to avoid and block on a case by case basis.

Link to comment
Share on other sites

It's not quite a full list but it is a good enough list of intel parts I posted on page 134.  Best advice I have is to download CPUz if you don't know what cpu have.  Cross reference it with the list I posted.  The list I posted is all encompassing so if the list says 3rd generation core and your cpu falls in that category than yes,.  If that doesn't make sense than I would say research wiki.  There is most likely a page on wiki that has your cpu and it will tell you what gen it is.  But I think for an average intelegent person you don't need my list and just take what I said.  If it has a integrated memory controller its effected and move on if it doesn't it isnt.  if you don't know the difference between integrated memory controller and FSB than I suggest to research that some.

 

But also I think if at this point in time you are very worried about this issue you have some kinda god complex.  Nobody is gonna target average joe right now.  Any one looking to exploit this that has figured it out is gonna go after the big players they can extort some money or steal some trade secrets or somthing from.  Not that there is even a attack in the wild yet becasue there have been zero reports of this being exploited in the wild yet chances that it will happen to you are pretty much zero.  Right now.

Link to comment
Share on other sites

It seems my laptop with Intel Merom T7200 Core 2 Duo CPU is unaffected by this vulnerability (despite being EM64T) unlike my other computers with Intel Bloomfield Core i7-920.:( Currently installing these updates is a big risk because of ntfs.sys incompatibility with many applications. I will not going to install them on any of my PCs in the next month or two.:wacko:

Edited by Bersaglio
Link to comment
Share on other sites

Thanks Destro, I think if I'm understanding you correctly and not overthinking this, I am safe.  I believe I do have an FSB processor.

Intel® Pentium® Processor E2180

1M Cache, 2.00 GHz, 800 MHz FSB

Link to comment
Share on other sites

Just to add about where you can get some information on your setup ... if you have AIDA64 or Everest installed.

I got this information on FSB from AIDA64 ... Everest also says the same thing.

AIDA64

North Bridge Properties:

North Bridge                 Intel Odem i855PM
Intel Platform                 Carmel
Supported FSB Speeds         FSB400
Supported Memory Types         DDR-200 SDRAM, DDR-266 SDRAM
Maximum Memory Amount         2 GB
Revision / Stepping             03 / A3
Package Type                 593 Pin Micro-FCBGA
Package Size                 37.5 mm x 37.5 mm
Core Voltage                 1.2 V
In-Order Queue Depth         12

... also I got the FSB information from Google at the Intel web site:

Intel Pentium M Processor 745 (2M Cache, 1.80 GHz, 400 MHz FSB)

...

Link to comment
Share on other sites

Hi, back again!
I tried running the KB4056615 installer using the /overwriteoem switch, and this time it updated all the files correctly.
No adverse effects noticed so far, touch wood!
I've still got a yellow shield in the system tray telling me it needs to be installed, but a scan on MS Update now comes up clean, so I'm assuming the shield will eventually go away. It does stick around for a while sometimes on some updates anyway.

I'm not sure whether reading recent post that the update was necessary for me anyway.
My main machine is X5460 Xeons, and the netbook is an Atom N2800.
:dubbio:

Link to comment
Share on other sites

I'm glad that didn't break anything, Dave.  Keep us posted as you test it some.  I think I'm going to sit this out now based on Destro's explanation.  However, if an updated release that doesn't need to be forced through comes out, I'll let it work it's magic.  

BTW, Dave, did you confirm if you have an FSB chip?

Edited by SD73
Link to comment
Share on other sites

Yea were just assuming that Intel is telling us the truth.  Google said they didn't test the vulnerability on any CPU older than 2011 but made blanket statements.  In any case I don't think that there is a immediate threat for average users.  As far as I have read this is actually a pretty difficult attack to pull off in the 1st place.  Harder to pull off than like the average malware that joe smo gets from click baiting.  Personally I have said other times that I don't run AV and never get viruses so I personally dont feel threatened at this time.

The researchers who discovered the vulnerabilities, dubbed "Meltdown" and "Spectre," said that 
"almost every system," since 1995, including computers and phones, is affected by the bug. 
The researchers verified their findings on Intel chips dating back to 2011, and released their own 
proof-of-concept code to allow users to test their machines.

Thats a pretty bold statement to say it affects CPUs back to 1995 but never testing or proving that,

Link to comment
Share on other sites

The last two or three pages here are so advanced, I'm embarrassed to post the following.  Anyway, just FYI and mostly to heinoganda and Dave H:

On my Dell Optiplex 7010 MT with Intel Core i5 3470 @ 3.20GHz and Win 7 Pro 64-bit, I started XP Mode, updated its Avast to the bad 17.9.3761.0, updated its Malwarebytes, installed some missing Microsoft Updates BEFORE the dangerous KB4056615 and KB4056941, rebooted, and then ran the dangerous KB4056615 and KB4056941 and rebooted.

Well, XP Mode reboots well - no BSOD so far. 

Also, my XP Mode HAS the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat with name cadca5fe-87d3-4b96-b7fb-a231484277cc and value 0.  (But I checked for that key only after installing the dangerous KB4056615 and KB4056941.)

HOWEVER, to run Heinoganda's copy-file test, I just downloaded the MalwareBytes setup file "mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe" and copied it to another folder on the XP Mode C:\ drive.  Again, the copying process DOES NOT COMPLETE, and I cannot delete that MalwareBytes setup file from either the source folder or the target folder because it is "in use".  So the bad Avast version is still bad.

Caveat - my XP Mode does not have any version of Office and I have never set up its Outlook Express.  So this is not the same as running the dangerous KB4056615 and KB4056941 on my real XP Machine, which I am NOT doing for now.

EDIT - after all of the above - in the XP Mode - I see the following versions of these files:

ATMFD.DLL version 5.1.2.253 (matches Dave H's "5.1 Build 252 to 5.1 Build 253")
NTKRNLPA.EXE version 5.1.2600.7392 (matches Dave H's "5.1.2600.7259 to 5.1.2600.7392")
NTOSKRNL.EXE version 5.1.2600.7392  (matches Dave H's "5.1.2600.7259 to 5.1.2600.7392")
NTKRPAMP.EXE version 5.1.2600.7392 (matches Dave H's "5.1.2600.7259 to 5.1.2600.7392")
     HOWEVER, this updated one appears ONLY in
     C:\WINDOWS\Driver Cache\i386 and
     C:\WINDOWS\SoftwareDistribution\Download\7958aec60a800160443c5e556682587b\sp3qfe
          Everywhere else it appears, it is a preceding version.
NTKRNLMP.EXE version 5.1.2600.7392 (matches Dave H's "5.1.2600.7259 to 5.1.2600.7392")
     HOWEVER, this updated one appears ONLY in the same two folders above as NTKRPAMP.EXE - same story
NTFS.SYS version 5.1.2600.7392  (matches Dave H's "5.1.2600.5512 to 5.1.2600.7392 (the former was from 2008!)"

► What do you all think about NTKRPAMP.EXE and NTKRNLMP.EXE.  Shouldn't the new versions appear somewhere more interesting, like Windows\System32 ?

Edited by glnz
Link to comment
Share on other sites

Well the XP side of my netbook still seems to be OK, thank goodness.
I'm still puzzled as to why before the over-ride switch was added the patch didn't update two files in the \System32 folder, but did update the equivalents in the \DLLCache folder. That makes no sense at all to me!

Just another very quick query, which is of course completely off-topic here.
The 8.1 side of my netbook is stubbornly refusing to detect that it needs the update, despite me adding the necessary registry key which should allow Windows Update to offer it. I've scanned several times manually, and it still obstinately says "no updates available".
Anyone any quick suggestions as to why that might be?
Thanks, Dave.
:)

Link to comment
Share on other sites

Dave, I've read that at least with Win 10 the update won't be offered if it finds you have a virus program or something else that's not compatible with the new kernel.  You may want to check some of your ancillary programs for updates and try again or wait it out a bit as something more compatible may be in the pipe.

Link to comment
Share on other sites

@glnz

NTKRPAMP.EXE and NTKRNLMP.EXE aren't in \System32 on my system either, so I assume that's normal.

@SD73

It could be my internet security software stopping the update (Trend), but the same security software (albeit an earlier version) is independently installed on the XP side of the machine, and that didn't stop it being offered there. Mind you, the registry key isn't there either on XP!
Anyway, I thought that adding the registry key manually, if your internet security software vendor didn't do it for you, should over-ride that and allow WU to offer it anyway. Trend have said they will not be adding the key for people, but their software is compatible and they've given instructions on how to add it yourself.
This does not seem to be happening however, which is a bit puzzling.
:dubbio:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...