Jump to content

POSReady 2009 updates ported to Windows XP SP3 ENU

glnz

By glnz
in Windows XP

 Share

Recommended Posts

Mathwiz

Mathwiz

Posted
Posted

The other vulnerabilities aren't related to Remote Desktop. That one, we got the fix for! You can safely leave the Remote Desktop service enabled.

The other vulnerabilities also aren't terribly serious IMO. The risk is pretty small and XP is still reasonably safe to use.

But they're still worth being aware of.

Link to comment
Share on other sites

Mcinwwl

Mcinwwl

Posted
Posted

Ok, one question. I'm testing updates collection on VM, and I'm trying to compare it with what I will be offered via Windows Update.

The problem is, that I cannot download updates via Windows Update, page does not open. Is there any trick to do so, or should I install Microsoft Update first?

Link to comment
Share on other sites
wyxchari

wyxchari

Posted
Posted (edited)
3 hours ago, Mcinwwl said:

The problem is, that I cannot download updates via Windows Update, page does not open. Is there any trick to do so, or should I install Microsoft Update first?

- Install: SP3, IE8, Windows Update Agent. I use 7.4. Install Windows Update Agent 7.4.7600.226 which is the last one with manual installation. The 7.6.7600.256 has automatic installation but needs the previous agent already installed, so if there is no agent installed you have to start with 7.4. https://support.microsoft.com/en-us/help/946928/information-for-network-administrators-about-how-to-obtain-the-latest (Change en-us to your language as pl-pl?)

- Switch from Windows Update to Microsoft Update:
    - Activate Control Panel / automatic updates and it is important to wait about 5 minutes
    - http://www.update.microsoft.com/microsoftupdate
    - Install ActiveX until it says it has been installed.
    - Close IE8.
    - Turn off automatic updates.
    - Reboot. If it fails to repeat again expecting more.

Edited by wyxchari
1
Link to comment
Share on other sites
ED_Sln

ED_Sln

Posted
Posted
2 hours ago, Mcinwwl said:

Is there any trick to do so, or should I install Microsoft Update first? 

You need to install IE7 or IE8 and WindowsUpdateAgent-7.6. Then IE can be removed, the search for updates should remain working.

Link to comment
Share on other sites
heinoganda

heinoganda

Posted
Posted (edited)

@Mcinwwl

If it does not work try the following, highlight and accept at AU Notify me but don't automatically download or install them. Wait a while until the yellow warning sign appears. Then WU / MU should work in IE too.

XPTEST21.jpg

Have a test where I have the WindowsUpdateAgent-7.6.7600.xxx installed, enabled in IE6 TLS1 and SSL2 / SSL3 disabled. First I got offered KB898461 and have this installed. After that, I was offered as follows

 

XPTEST1.jpgXPTEST2.jpgXPTEST3.jpgXPTEST4.jpgXPTEST5.jpgXPTEST6.jpgXPTEST7.jpgXPTEST8.jpgXPTEST9.jpgXPTEST10.jpgXPTEST11.jpgXPTEST12.jpg

I can gladly send you the WindowsUpdateAgent, which I use myself (installed in my updaterollup with the parameters /wuforce /quiet /norestart), version 7.6.7600.257 via PM.

Furthermore, the direct link to MU 

http://update.microsoft.com/microsoftupdate

:)

Edited by heinoganda
Link to comment
Share on other sites
Mcinwwl

Mcinwwl

Posted
Posted (edited)
2 hours ago, heinoganda said:

If it does not work try the following, highlight and accept at AU Notify me but don't automatically download or install them. Wait a while until the yellow warning sign appears. Then WU / MU should work in IE too.

 

Have a test where I have the WindowsUpdateAgent-7.6.7600.xxx installed, enabled in IE6 TLS1 and SSL2 / SSL3 disabled. First I got offered KB898461 and have this installed. After that, I was offered as follows

Well it worked, thanks :)

and now I laugh hard:

obraz.png.c58ffa8d2e1b22779bb7917b54cd5d0e.png

And I tried to use it. Guess what blocked me.

originality.thumb.JPG.bc5042be8c867441135c2cd493bd7221.JPG

windows need to check if it's original. Hm. Let's click:

ohwell.JPG.875cda56e920ae27b0e7bcf765dfc3f9.JPG

Hopefully, as heinoganda suggested, doing it via Automatic updates works.

nowość means new

Edited by Mcinwwl
Link to comment
Share on other sites
Spacedust

Spacedust

Posted
Posted

Anyone noticed Microsoft Security Essentials stopped updating on 22th April on XP with PosReady 2009 mod?

Even manual updating doesn't work. Updates are downloaded but not installed.

Link to comment
Share on other sites
Vistapocalypse

Vistapocalypse

Posted
Posted
On 5/15/2019 at 5:02 PM, Mathwiz said:

Hmm - article mentions XP, Server 2003, Server 2008, Win 7, and Server 2008 R2 - what about Vista?

 

On 5/16/2019 at 3:16 PM, Mathwiz said:

Vista/Server 2008 can download and install KB4499180 to patch this vulnerability

I appreciate all the concern for Windows Vista on page 199 of this thread! You might be interested to know that Microsoft has just revised Customer guidance for CVE-2019-0708, which now advises those running Vista to install KB4499180 for Server 2008. The KB article has also been revised to include Windows Vista.

2
Link to comment
Share on other sites
glnz

glnz

Posted
  • Author
Posted

Vistapocalypse - I have Avast AV Free 18.8.2356 and installed KB4500331 ten days ago.  No problems so far that I see.

 

But then again, I use duct tape.

2
Link to comment
Share on other sites
FranceBB

FranceBB

Posted
Posted (edited)

I wanna tell you something that happened to me. I have a network populated by Windows XP machines, all patched and with Avast and they are all connected to internet and they use it on a daily basis for any sort of stuff. There are other machines in the network that are running other OS like Fedora Linux with Nod32 antivirus and Android with Avast as well. Last but not least, there are virtual machines with Win10, Win98 and other versions of Windows for testing purposes, but they are not accessible from the outside world. Recently we decided to setup a test bench in bare metal, running Windows Server 2019 and connect it to internet and the outside world. We've got an email from the ISP stating that one of our machines has probably been compromised as it has been used in an attack. Later on, we found out that the attacker managed to get access to the machine by using a vulnerability in the RDP protocol of Windows Server 2019. The machine had all the latest updates installed, but no antivirus or firewall other than the default Microsoft ones (it was a test bench after all). It's funny how someone who attacked a network full of Windows XP machines just ignored them, went straight to the one running Windows Server 2019 and managed to compromise it...

It surely makes you think...

Edited by FranceBB
5
Link to comment
Share on other sites
wyxchari

wyxchari

Posted
Posted (edited)
40 minutes ago, FranceBB said:

It's funny how someone who attacked a network full of Windows XP machines just ignored them, went straight to the one running Windows Server 2019 and managed to compromise it...

I have always thought that having the latest is never the best. The latest operating system (or now version of Windows 10) is the worst thing you can have for security. Computers must be updated but not to the latest version. For example, it is better to have Windows 1803 updated than 1809 updated. Microshit uses our computers as a test bench and the correct updates are passed on to companies after 4 months or more. The proof of this is in the Windows 10 itself, update options and selection of the download semi-annual channel.

Edited by wyxchari
6
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...