Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


glnz

POSReady 2009 updates ported to Windows XP SP3 ENU

Recommended Posts

Well, the POSReady/Installed=1 tweak is getting a lot of press now, eg. one of the biggest Dutch PC news sites:

http://tweakers.net/nieuws/96252/windows-xp-gebruikers-kunnen-door-registerhack-updates-blijven-ontvangen.html

 

If microsoft would decide to "do something about it", maybe we'll have to go back to modding the update files, so please harkaz, keep the original instructions available here!

Share this post


Link to post
Share on other sites

Yeah, the amount of press it is getting is just an indication of how popular that XP still is.  IMHO it is only a matter of time before MS closes this loophole.

 

Cheers and Regards

Share this post


Link to post
Share on other sites

It will be interesting to see if MS do try to block this somehow.

It can hardly have come as a surprise to them that people have discovered it!

I'm hoping that as long as it's confined to a relatively few geeks like us they won't worry too much, after all we're hardly going to be expecting support for it!

:)

Share this post


Link to post
Share on other sites

yeah the MULTIPLE_IRP_COMPLETE_REQUESTS BSOD comes from symantec.  The other is a memory corruption wile overwriting the free memory with Zeros so that it can be used again:

********************************************************************************                                                                             **                        Bugcheck Analysis                                    **                                                                             ********************************************************************************PFN_LIST_CORRUPT (4e)Typically caused by drivers passing bad memory descriptor lists (ie: callingMmUnlockPages twice with the same list, etc).  If a kernel debugger isavailable get the stack trace.Arguments:Arg1: 0000008f, The free or zeroed page listhead is corruptArg2: 0008679f, new pageArg3: 000763ff, old pageArg4: 00000000, 0Debugging Details:------------------BUGCHECK_STR:  0x4E_8fCUSTOMER_CRASH_COUNT:  1STACK_TEXT:  nt!KeBugCheckExnt!MmZeroPageThreadnt!Phase1Initializationnt!PspSystemThreadStartupnt!KiThreadStartupSTACK_COMMAND:  kbFOLLOWUP_IP: nt!MmZeroPageThread+13080528529 cc              int     3SYMBOL_STACK_INDEX:  1IMAGE_NAME:  memory_corruptionFAILURE_BUCKET_ID:  0x4E_8f_nt!MmZeroPageThread+130

Are the RAM timings fine?

When I had "PFN_LIST_CORRUPT", it was with a RAM overclock, I think it was with my Kingston PC2100 DDR SDRAM at about 145 Mhz, even when it seemed that I couldn't make it occur again.....

Edited by RJARRRPCGP

Share this post


Link to post
Share on other sites
Guest

Microsoft now starts lying. Up until last month they were good enough for XP now all of a sudden they are not?  :boring:

Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP. 

http://news.softpedia.com/news/Microsoft-Despite-Update-Hacks-Windows-XP-Is-Still-Insecure-443904.shtml

:whistle:

Edited by -X-

Share this post


Link to post
Share on other sites

Actually they are not lying (please read as "not lying more than usual").

 

It is most probably true that the updates

aren't intended for desktops computers running the full version of XP

 

 (which doesn't really mean that they won't work, only that they were not intended for it)

 

Also the following statement:

The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers," a company spokesperson said.

 

is very accurate :yes:.

 

These updates are actually intended for Windows Embedded and Windows Server 2003 customers.

They do not fully protect Windows XP customers (as well as they do not fully protect Embedded And Windows Server 2003 ones :whistle:).

 

Also here:

Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.

 

given the amount of issues that previous updates caused (when XP was supported), I have some doubts about those updtes havine EVER being tested (thoroughly) on Windows XP ;), and of course "significant" without any data is one of those words that can mean anything, you know like these (ALL considered by someone constituting a significant risk to health or safety, before being debunked):

http://www.hse.gov.uk/myth/myth-busting/index.htm

I like these ones ;), carrying a parasol at  a race:

http://www.hse.gov.uk/myth/myth-busting/2013/case204-racecourse-parasol.htm

and carrying new shoes without a box:

http://www.hse.gov.uk/myth/myth-busting/2014/case248-customers-buying-shoes.htm

are reknown as dangerous activities.

 

The best way for Windows XP customers to protect their systems is to upgrade to a more modern operating system, like Windows 7 or Windows 8.1."

 

 

Nothing to see here, people, move along. 

 

jaclaz

Share this post


Link to post
Share on other sites

Aw, gee... no mention of Vista :ph34r: at all.

Let me get this straight... An MS Security Bulletin is issued, naming the exact problem. A fix is issued that coincides with Server2k3/POSReady (and more than likely Vista/7/8 and Servers maybe). Being that both are "built upon XP" then they "won't work", so don't upgrade to Vista :ph34r: just jump directly to 7/8 (no upgrade path from XP, mind you :w00t: ). And how much would you be willing to bet that a hex compare of the "supported" prev->fixed would yield the exact same "patch" that (would have been) applied to XP. :huh:

Edited by submix8c

Share this post


Link to post
Share on other sites

Ohh so they don't test this Updates anyone for Windows XP? So everyone who bought the premium support for Windows XP got scammed by Microsoft. :D

Edited by Jeffery

Share this post


Link to post
Share on other sites

No! Don't misunderstand. These are "unofficial" that are being discussed.

Read these -

http://www.microsoft.com/en-us/microsoftservices/support.aspx

http://www.landesk.com/migrate/xp-support.html

The (apparently) "tested" ones are "custom" ones, which -may- (at least some/most of them, depending on what the "fix" is) be exactly the same as the Win2k3/POSReady ones. There -may- be other "fixes" that aren't made public. :unsure:

 

Too late for "the deal"...

http://www.techradar.com/us/news/software/operating-systems/microsoft-is-paying-windows-xp-users-50-to-jump-ship-to-newer-machines-1234115

:w00t:

 

edit - also notice the "custom" part of the filename for the XP fixes for KB2964358. ;)

Edited by submix8c

Share this post


Link to post
Share on other sites

For the record, in my understanding, this:

http://www.landesk.com/migrate/xp-support.html

 

Simple Patching for Windows XP Premium Support

The end of support for Windows XP has passed, and security updates are no longer available for XP users, forcing them into an ongoing “zero day” vulnerability.

Although Microsoft is offering an extension support to its customers, it is only for those who pay exorbitant fees for the premium support contract. However, even with the contract, the organizations are still responsible for deploying the custom patches into their environment.

There is an option

LANDESK is offering custom content support as a service to Microsoft customers to streamline the Windows XP patching and deployment process. This annual subscription from LANDESK will streamline the delivery for the patches privately released by Microsoft for Windows XP Professional and is offered as a single purchase for total coverage.

Upgrading to a new operating system can be tedious and costly. Regardless of the reason for your continued use of Windows XP, we are here to support you.

 

Translates to:

Since the good MS guys, notwithstanding the awful amount of money you have to give 'em to get the patches, also suck in delivering/deploying them,  you should really give us some more money to assist you in fixing what they are not good at.

:w00t::ph34r:

i.e. it is an added service, besides the need for paying MS for extended support...

 

 

jaclaz

Edited by jaclaz

Share this post


Link to post
Share on other sites

UPDATE: To automatically apply the patch to any update.exe file v6.3.13.0 or later (for any langugage) run these commands:

 

gsar -o -s:xE8:x02:xBA:x02:x00:x85:xC0:x75:x41 -r:E8:x02:xBA:x02:x00:x31:xC0:xEB:x41 update.exe pechecksum -c update.exe

 

 

 

Harkaz, I was just "archiving" this, but there's a tiny mistake here. There should be an "x" right after the " -r:", so:

"-r:E8"

should be

"-r:xE8".

 

We might need this one after all some day in the future ;)

 

Thanks once more for your work!

Share this post


Link to post
Share on other sites

OK. I've now fixed the original post for harkaz. Thanks for the heads up! :thumbup

Share this post


Link to post
Share on other sites

As for the "functionality issues" argument in M$ statement this may be true only with a very limited set of files. For example, an update containing kblchecker.dll (KB2686509) had been released seperately for normal XP and Embedded versions. I can't give you a complete list of such files, however, it's worth find the differences between these 2 KB2686509 updates -  we might be able to make more general observations.

 

If there are such updates in the future, the CAT signing method I have presented at RyanVM can be used to create the new update catalog files (after properly porting the patch from the Embedded-only update). As a reminder, the update catalog files are primarily used for SFC protection.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×