Jump to content

POSReady 2009 updates ported to Windows XP SP3 ENU


glnz

Recommended Posts

1 hour ago, glnz said:

HEY - does the Avast annoyance interfere with the good updates (my first four above)?  Heinoganda - what do you think?

1. If a virus scanner malfunctions, so that some files on an NTFS volume can not be copied, then this problem could also occur during the installation of updates.

Here is again improved by side Avast, another μUpdate is provided. That means I would wait until the problem is solved or uninstall the Avast version 17.9.3761.0.

2. KB4056615 is causing more or less problems, as already written in this topic. In my opinion, a not yet properly tested update where apparently still has no OEM status. I will wait for a follow-up update, although there were no specific problems on my system.

3. Ultimately, you have to decide for yourself if you take the risk because of the first problem that an error occurs, the same also applies to the second point.

:)

Link to comment
Share on other sites


Time to stop worrying and love the bomb...? From Microsoft's official guidance Protect your Windows devices against Spectre and Meltdown  (expand "My operating system (OS) is not listed. When can I expect a fix to be released?") (emphases in the quote added by me):

Quote

We will not be issuing updates for Windows Vista or Windows XP-based systems including WES 2009 and POSReady 2009.

Although Windows Vista and Windows XP-based systems are affected products, Microsoft is not issuing an update for them because the comprehensive architectural changes required would jeopardize system stability and cause application compatibility problems. We recommend that security-conscious customers upgrade to a newer supported operating system to keep pace with the changing security threat landscape and benefit from the more robust protections that newer operating systems provide.

I think this should also settle the confusion some people seem to have over whether KB4056615 was supposed to be a Meltdown fix: it wasn't.

Edited by mixit
Link to comment
Share on other sites

40 minutes ago, mixit said:

I think this should also settle the confusion some people seem to have over whether KB4056615 was supposed to be a Meltdown fix: it wasn't.

So what exactly was it for then?
:dubbio:
Surely you don't release an out of sequence update to fundamental system files which haven't been updated for ten years, like ntfs.sys, unless there's a very critical reason for doing so!
:)

Edited by Dave-H
Typo
Link to comment
Share on other sites

39 minutes ago, Dave-H said:

So what exactly was it for then?
:dubbio:
Surely you don't release an out of sequence update to fundamental system files which haven't been updated for ten years, like ntfs.sys, unless there's a very critical reason for doing so!
:)

"An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions." (marked as Important, but Exploitation Less Likely). Doesn't sound very Meltdownish to me. For whatever reason, they decided to release a whole bunch of Windows OS patches early. Take a look at the Server 2008 updates for instance, clearly things like Microsoft Color Management information disclosure vulnerability aren't related to Meltdown.

Edited by mixit
Link to comment
Share on other sites

Perhaps the furore around Meltdown and Spectre made them look more closely at related things generally, and they found a whole nest of security bugs that hadn't been addressed before!
:lol:
As an off-topic aside again, I applied the Patch Tuesday updates to a friend's Windows 7 machine this morning, and for the first time ever, although it prompted for a reboot as usual, there was no "installing updates, don't switch off your computer" progress prompt either before shutdown or after reboot as there normally is.

That was very strange, but I don't know if it's significant.
It does say that all the updates installed successfully.
:dubbio:

Link to comment
Share on other sites

If you look more closely at the post, not only the download links have been specified, but also the susceptibility (CVE-2018-0748) was listed in KB4056615 with link to the Security TechCenter where the vulnerability is described. Regarding the Meltdown and Specter Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002. Furthermore, I think that the Windows XP kernel does not provide complete native support for more recent processors. Therefore, I doubt the SpecuCheck.exe or a customized Speculation Control Validation PowerShell script could even work properly. Since my latest processor is only an Intel Core 2 Duo E6420 and has no sideband technology, I can therefore make no specific statement or test.

Fact is that KB4056615 is still flawed and leads to problems where it emerges from the previous post.

Then the problems when a virus scanner is not working properly, what is difficult to understand? If a virus scanner with the file system NTFS leads to malfunctioning with the copying of files, there should better not be installed updates concerning the Windows XP, nobody wants a BSOD.

 

@Dave-H

If Windows 7 - Windows 10 is affected by a third-party virus scanner, it must be up to date and the registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat  "cadca5fe-87d3-4b96-b7fb-a231484277cc"=dword:00000000

should be present for the security update to become available due to Meltdown and Specter. 

However, there are problems with older AMD processors, where it can lead to a BSOD!

:)

Edited by heinoganda
Link to comment
Share on other sites

Problem with Specucheck and the like, is they only tell you if you are patched, but that has nothing to do if your CPU is architecturally vulnerable or not.  Theres been a lot of hysteria more hysteria than facts.  Hopefully in the furture we can obtain real live samples of exploit code, but to date there actually is none?  So no code yet mass hysteria over vulnerabilities.  We have yet to see any examples of how this vulnerability could practically be used to steal any encrypted passwords.  Or passwords entered over SSL.  If we are talking about vulnerabilities to steal clear text passwords sitting in memory thats just stupid.  And even if there was an exploit would it run on XP and not just bluescreen the computer becasue it will only run  on 10?  No body knows the answer to any of these questions.  The vulnerabilites may effect all CPUs so some people say, But there are suttle differences in the way prefetching is implemented across CPUs.  So a variant that may run on like a I7 wouldn't necessarily run on ARM.

Link to comment
Share on other sites

I sent a message to Microsoft, trying to sensibilise them on the issue:

"According to the Microsoft statement about the Spectre and Meltdown issue, Windows XP and XP-Based systems like POSReady 2009 won't get the patch, despite the latter is supported 'till 2019. Many manufacturers providing recent hardware don't even support XP and many old CPU are not affected by the issue, but many businesses are running VMs on recent hardware, that's why I think it would be extremely useful to have the patches available for XP and XP based OS, considering it's still the third most used OS."

 

They'll probably just ignore my email, but at least I tried.

Edited by FranceBB
Link to comment
Share on other sites

I have a problem with the latest Outlook 2010 security update kb4011273

Oulook will not start and gives some error messages.

OUTLOOK.EXE The application was interrupted with CTRL+C

Error OLMAPI32.DLL

Have someone else this behavior?

Or maybe it is a problem with latest XP security update kb4056615?? :huh:

Anyway, after deinstallation kb4011273 Outlook 2010 works as before - but this is not the best option I think.

Link to comment
Share on other sites

Fortunately my old CPUs are not affected by Spectre-Meltdown because they have FSB: Intel Pentium III (XP), AMD Athlon XP 1700+ (XP), Intel Atom N270 (XP), Intel Pentium 4 (XP W7 registry forced patch), Intel Pentium D 830 (XP).

Affected without FSB: Intel i5-6500 (W10): registry forced patch because Malwarebytes (crack premium version) does not activate the registry.

XP KB4056615, W7 KB4056894, W10 KB4056892

Include INTEL AMD ARM: https://www.techarp.com/guides/complete-list-cpus-meltdown-spectre/

NVIDIA chips is affected. New driver.

MSI and ASUS motherboards has updated all the BIOS.

 

Edited by wyxchari
Link to comment
Share on other sites

3 hours ago, wyxchari said:

Malwarebytes (crack premium version) does not activate the registry.

I strongly suggest you not to crack an antivirus; they could stop providing new defitions anytime without bothering to tell you, or worse.

 

Edited by FranceBB
Link to comment
Share on other sites

Heinoganda, wyxchari and all -

First, Avast has micro-updated to 17.9.3761.278 (from 17.9.3761.0).  I was able to copy successfully the test file suggested by Heinoganda.  So, unless there is still a danger, I shall install the NON-meltdown+spectre updates:

  • Cumulative Security Update for Internet Explorer 8 for WES09 and POSReady 2009 (KB4052978) - actually, I already installed this *
  • 2018-01 Security Only Update for .NET Framework 4 on WES09 and POSReady 2009 (KB4054173)
  • 2018-01 Security Only Update for .NET Framework 2.0 on WES09 and POSReady 2009 (KB4054178)
  • 2018-01 Security Only Update for .NET Framework 3.0 on WES09 and POSReady 2009 (KB4055229)

NOT INSTALLING YET (because still dangerous per Heinoganda):  KB4056615 and KB4056941 - but see next
Nothing to install for the Office 2003

Second, - about the Meltdown+Spectre patches KB4056615 and KB4056941:  do I even need them?  My XP machine has Intel Core 2 Duo E6850  @ 3.00GHz - Conroe 65nm Technology.  That is NOT on the list provided two above by Wyxchari: https://www.techarp.com/guides/complete-list-cpus-meltdown-spectre/ .  Also, I protect my XP machine with black duct tape and (in the back) an extra layer of dust.  So, should I just hide these two updates? 

  • But my CPU apparently does NOT have FSB.  FSB is not mentioned anywhere in Speccy or CPU-Z, and SIW says "FSB - Not available".  Wyxchari - what do you think?

Third, since the yellow shield appeared a few days ago asking me to install the two dangerous KB4056615 and KB4056941 (which I have NOT installed), my CPU has been running at 50% non-stop.  A single svchost.exe has been doing this, and I don't know why.  Even * installing Cumulative Security Update for Internet Explorer 8 for WES09 and POSReady 2009 (KB4052978) and rebooting has NOT helped.

  • However, I installed that * Cumulative Security Update for Internet Explorer 8 for WES09 and POSReady 2009 (KB4052978) while I still had the bad Avast 17.9.3761.0.  Maybe the bad Avast prevented a good installation.  So maybe I should now UNinstall this KB4052978 and REinstall it.  How do I UNinstall KB4052978?  And, specifically, how do I UNinstall it so that the machine will let me REinstall it?

Thanks, all.  Special thanks to Heinoganda for patience!

Edited by glnz
Link to comment
Share on other sites

27 minutes ago, glnz said:

Second, - about the Meltdown+Spectre patches KB4056615 and KB4056941:  do I even need them?

They are not Meltdown+Spectre patches - as things stand right now, those won't be coming to XP-based OSes at all. KB4056615 has seen some pretty serious issues that have been reported here (they don't happen to all installations - I personally have encountered no problems so far) , I haven't noticed any reports about problems with KB4056941 specifically.

EDIT: Unrelated, but important for Office 2000/XP/2003 users:

 

Edited by mixit
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...