Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


glnz

POSReady 2009 updates ported to Windows XP SP3 ENU

Recommended Posts

TBH I don't know for certain that intel FSB chips are not effected by atleast 1 varient of spectre.  It seems reasonable to me that all intel CPUs are effected by 1 variant of spectre. aka meltdown.

It is not clear to many people that we are talking about 3 different kinds of attacks here.  To exploit each attack requires different methods and not all CPUs are vulnerable to every kinda of vulnerability.   I mean that there are many architecture changes between for example a p4 and a I7.  It could be that theoretically a p4 can be attacked the code and the means in which to exploit that architecture is different than the I7.    

Many people are familiar with the way people write viruses.  You pick the most common operating system and write some code that will effect the most people.  If it is true that the code needs to be different to attack a P4 than a I7 how many people do you think are going to write a virus for that knowing that probably no one isa P4.

Where I got this idea was from intels own white paper where the disused that the differences about how a CPU with hyperthreading couldn't be attacked the same way as a CPU without hyperthreading for example. 

Example in the white paper for 

Branch Target Injection

The ability to interfere with the processor’s predictors to cause such a side channel is highly
dependent on the microarchitectural implementation thus the exact methods used may vary across
different processor families and generations.

three variants,

known as a “bounds check bypass,” “branch target injection,” and a “rogue data load,” all of which use slightly different methods of attack

Currently MS has pushed out a patch to all computers to disable their previous patch becasue its buggy.  I think it really doesn't matter.

 

If anyone is good at compiling code or running linux go here and you can check if your CPU is actually vulnerable by running sample code.  Instead of all the BS software people keep posting that only tells you if you are patched and is a waste of time.

Here are POC links proof of concept so you cna run real code to test.

https://github.com/raphaelsc/Am-I-affected-by-Meltdown

https://github.com/crozone/SpectrePoC

https://github.com/IAIK/meltdown/

Edited by Destro

Share this post


Link to post
Share on other sites

2 hours ago, Destro said:

TBH I don't know for certain that intel FSB chips are not effected by atleast 1 varient of spectre.  It seems reasonable to me that all intel CPUs are effected by 1 variant of spectre. aka meltdown.

Spectre: Formerly more than 10 years ago, the processors accessed the cache memory through a bus called FSB, which was outside the processor.

Since 2008, to access the cache faster, the FSB was suppressed and this memory was introduced inside the processor chip itself. Since then there are the problems of Spectre.

Processor without FSB (CPU access directly to the cache) -> affected by repetitive reading of the cache memory by measuring the access time -> Spectre -> repair with new microcode to the processor using BIOS (causes instability for the moment)

Meltdown: Processor since 1995 (not related to the FSB) -> affected by access to speculative data of the cache by jumping privilege levels -> Meltdown -> repair already done by Microsoft patch (already available KB4056892 for Intel and fix error of not boot AMDs with KB4073290)

--- There is a lot of publicity on this subject and people think of a real danger. Truly the danger is minimal. The browsers are already updated to mitigate these vulnerabilities regardless of whether you put the Microsoft patches. To this we add that Meltdown is already mitigated with patch. We have for the moment Spectre that to take passwords we must download a malware with our permission and execute it. And it is tremendously complicated because we would have to make a specific malware for each processor. Motherboard manufacturers have already started to release BIOS updates with Intel's new microcode, but they have caused instabilities in the systems. They have recommended going back to the previous BIOS and waiting for Intel to fix the problems.

I am really more worried about the MINING on the web than Spectre. :P

Edited by wyxchari

Share this post


Link to post
Share on other sites
2 hours ago, wyxchari said:

Spectre: Formerly more than 10 years ago, the processors accessed the cache memory through a bus called FSB, which was outside the processor.

Since 2008, to access the cache faster, the FSB was suppressed and this memory was introduced inside the processor chip itself. Since then there are the problems of Spectre.

Processor without FSB (CPU access directly to the cache) -> affected by repetitive reading of the cache memory by measuring the access time -> Spectre -> repair with new microcode to the processor using BIOS (causes instability for the moment)

Meltdown: Processor since 1995 (not related to the FSB) -> affected by access to speculative data of the cache by jumping privilege levels -> Meltdown -> repair already done by Microsoft patch (already available KB4056892 for Intel and fix error of not boot AMDs with KB4073290)

--- There is a lot of publicity on this subject and people think of a real danger. Truly the danger is minimal. The browsers are already updated to mitigate these vulnerabilities regardless of whether you put the Microsoft patches. To this we add that Meltdown is already mitigated with patch. We have for the moment Spectre that to take passwords we must download a malware with our permission and execute it. And it is tremendously complicated because we would have to make a specific malware for each processor. Motherboard manufacturers have already started to release BIOS updates with Intel's new microcode, but they have caused instabilities in the systems. They have recommended going back to the previous BIOS and waiting for Intel to fix the problems.

Well, considering that no BIOS update shall probably be ever released for Intel's processors older than 6th gen, which is the case of most of us in the XP community, and that it's doubtful whether MS ever will release a Melddown fix for POSReady 2009 (they've already said, in no uncertain words, that XP, VIsta and 8.0, much less 2k and older, won't ever get any from them), the foreseeable future for the XP community, Vista and 8.0 diehards might be conceived as somewhat less reasuring. However, since I've had my opinion asked earlier in January -- and that remains my POV --  I've been saying that:

On 1/18/2018 at 11:53 AM, dencorso said:

At present I think treating it as FUD is the best option. Two of the variants require direct access to the machine to compromise it. The other one is more serious: while Windows (any NT 5.x+ AFAIK) is immune to it, browsers and JavaScript inside them (and maybe Java, too) may not be. So: using safe browsers and up-to-date Java (or no Java), should keep common people safe enough. Big corporations are surely at risk, though, it's a question of cost/benefit ratio, obviously. BTW, I doubt there'll ever be a BIOS update for my IvyBridges... if I had to bet, I'd bet on Intel leting owners of older processors out in the rain. Their rep is tarnished already, you know... Give the attachment below careful consideration, and see whether you agree with me or not.
 

DTHTQ9wX0AE6YQ3.jpg

 

  • Like 2

Share this post


Link to post
Share on other sites
On 31/1/2018 at 8:01 AM, Destro said:

TBH I don't know for certain that intel FSB chips are not effected by atleast 1 varient of spectre.  It seems reasonable to me that all intel CPUs are effected by 1 variant of spectre. aka meltdown.

It is not clear to many people that we are talking about 3 different kinds of attacks here.  To exploit each attack requires different methods and not all CPUs are vulnerable to every kinda of vulnerability.   I mean that there are many architecture changes between for example a p4 and a I7.  It could be that theoretically a p4 can be attacked the code and the means in which to exploit that architecture is different than the I7.    

Many people are familiar with the way people write viruses.  You pick the most common operating system and write some code that will effect the most people.  If it is true that the code needs to be different to attack a P4 than a I7 how many people do you think are going to write a virus for that knowing that probably no one isa P4.

Where I got this idea was from intels own white paper where the disused that the differences about how a CPU with hyperthreading couldn't be attacked the same way as a CPU without hyperthreading for example. 

Example in the white paper for 

Branch Target Injection

The ability to interfere with the processor’s predictors to cause such a side channel is highly
dependent on the microarchitectural implementation thus the exact methods used may vary across
different processor families and generations.

three variants,

known as a “bounds check bypass,” “branch target injection,” and a “rogue data load,” all of which use slightly different methods of attack

Currently MS has pushed out a patch to all computers to disable their previous patch becasue its buggy.  I think it really doesn't matter.

 

If anyone is good at compiling code or running linux go here and you can check if your CPU is actually vulnerable by running sample code.  Instead of all the BS software people keep posting that only tells you if you are patched and is a waste of time.

Here are POC links proof of concept so you cna run real code to test.

https://github.com/raphaelsc/Am-I-affected-by-Meltdown

https://github.com/crozone/SpectrePoC (**** Used this code for my XP ***)

https://github.com/IAIK/meltdown/

Intel Celeron M380 with FSB:

2BQ8y.jpg

Vulnerable to Spectre.

 

Pentium Dual Core E6700 with FSB:

2BQ9C.jpg

Vulnerable to Spectre.

_________________________________________

 

http://www.securityweek.com/malware-exploiting-spectre-meltdown-flaws-emerges

Edited by Sampei.Nihira

Share this post


Link to post
Share on other sites
On 1/8/2018 at 7:12 PM, ivanbuto said:

Is anyone facing a problem with a never-ending "checking for update" status?
I am using Windows XP Professional with Microsoft Update. My Office installations include Office 2000 and Office 2010.
I last installed some Office 2010 security updates in September. Though I applied the POSReady registry hack, I have not installed any of the updates intended for POSReady 2009 (only KB4019276 manually).

I have tried deleting the authcab.cab file, and also cleaning the SoftwareDistribution\Download folder, but that has not helped.

speaking of KB4019276, that patch should be available on Windows Update or Microsoft Update effective Jan. 16, 2018 (starting off as an Optional update in Jan. 2018 and in Feb. 2018 it'll be listed as a Recommended update).  still requires a bunch of registry entries and other patched DLL files like crypt32.dll to enable the newer TLS protocols on XP

  • Like 1

Share this post


Link to post
Share on other sites
6 hours ago, erpdude8 said:

still requires a bunch of registry entries and other patched DLL files like crypt32.dll to enable the newer TLS protocols on XP

Can you elaborate (esp. on "patched DLL files like crypt32.dll"), please? :angel

Share this post


Link to post
Share on other sites

KB4019276 is not really helpfull.

For my understanding it gives only IIS conections (server - client) the TLS 1.2 option.

NOT for https (internet).

If you wish to get TLS 1.2 with actual ciphers under Win XP see this thread: Problems accessing certain sites (Https aka TLS)

It works great if configured correctly (but sometimes need a little "handwork" for full access to some sites with nested certifikates).

 

Share this post


Link to post
Share on other sites

Cannot install latest Java - jre-8u161-windows-i586.exe.   The installation just stops after a few seconds.  I uninstalled the prior version and even tried safe mode, but no luck.

And I did the uninstall and tried this full offline download because the normal java update also hadn't been working.

So no java anymore?  And what will that do anyway?

Edited by glnz

Share this post


Link to post
Share on other sites

Known problem I'm afraid.
See here, and here, and the subsequent posts.
It has been reported to Oracle, but whether they will do anything to fix it as they don't officially support XP any more, I don't know.
:(

Edited by Dave-H
Addition

Share this post


Link to post
Share on other sites
15 minutes ago, Dave-H said:

Known problem I'm afraid.
See here, and here, and the subsequent posts.

Sure enough. Solution (sort of, but works!)
Remove Java using the jre1.8.0_152 (or 151) installer, reboot, then reinstall Java jre1.8.0_152 (or 151) and check it's working.
Then proceed as described by @Thomas S.:

On 1/29/2018 at 7:39 PM, Thomas S. said:

Or this with an workaround :)

worksonmymachinestarburst_3_thumb.png

Share this post


Link to post
Share on other sites

I can do it but can somone just make a detailed guide on how to do it that normal people can understand.  If no Ill do it but pls.

Share this post


Link to post
Share on other sites
10 hours ago, Destro said:

I can do it but can somone just make a detailed guide on how to do it that normal people can understand.  If no Ill do it but pls.

For what? Java? Here we go:

To fix the installing problem in Win XP you can try to "install" the "new" Java file versions by hand in the "old" Java program directory.

If you have done the standard installation you have the Java files installed in the default folder "c:\programs\java\jre1.8.0_151"

Workaround:

  1. Download the new Java files (v161) as packed archive "jre-8u161-windows-i586.tar.gz"
  2. Close all programms
  3. Via explorer MOVE all the entire files / folders from "c:\programs\java\jre1.8.0_151" to a backup folder (name dosn't matter).
  4. Open the archive "jre-8u161-windows-i586.tar.gz" with 7z. In the subfolder "jre1.8.0_161" you can see the same structure as before in the program folder.
  5. Copy all files / folders under "jre1.8.0_161" into the default folder "c:\programs\java\jre1.8.0_151"

The name of the "old" program folder dosn't matter, it works.

If you open the Java control panel you can see and administrate the new version.

If you do not wish the old version number as directory name you can do a step before the workaround:

  1. Download the latest standalone version running under XP (this is v151, may be it is present on your PC in an temporary folder?)
  2. Uninstall the installed version
  3. Install the version v151 and change the folder for installation to (for example) "c:\programs\java\" (this is now the new default Java folder)
  4. Go on as described above...

This works for me. It may be that something will not work, but I don't know any issue at this time.

But remember: in the "installed programs listing" you see ever the old (last really installed) version string "v151".

And don't be confused about other subfolders with lower version numbers in the Java program directory.

If you don't need / use older Java versions (for excample 7) then you can uninstall them - and delete this old stuff.

:)

 

Edited by Thomas S.

Share this post


Link to post
Share on other sites

Thomas S - Many thanks.  I'll try later this week.

But I am curious - what if I had no Java?  What would that do to my life?

Share this post


Link to post
Share on other sites

Thomas - to get the .gz file, I went to

http://www.oracle.com/technetwork/es/java/javase/downloads/jre8-downloads-2133155.html?printOnly=1

but it continuously says I'm unauthorized to download.  This is after I temporarily permitted all cookies and scripts on the page, etc.  What am I doing wrong?  SHould I get the .gz file elsewhere?

(Meantime, I re-installed earlier version 152.)

Thanks.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×