Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


glnz

POSReady 2009 updates ported to Windows XP SP3 ENU

Recommended Posts

The other vulnerabilities aren't related to Remote Desktop. That one, we got the fix for! You can safely leave the Remote Desktop service enabled.

The other vulnerabilities also aren't terribly serious IMO. The risk is pretty small and XP is still reasonably safe to use.

But they're still worth being aware of.

Share this post


Link to post
Share on other sites

Ok, one question. I'm testing updates collection on VM, and I'm trying to compare it with what I will be offered via Windows Update.

The problem is, that I cannot download updates via Windows Update, page does not open. Is there any trick to do so, or should I install Microsoft Update first?

Share this post


Link to post
Share on other sites
Posted (edited)
3 hours ago, Mcinwwl said:

The problem is, that I cannot download updates via Windows Update, page does not open. Is there any trick to do so, or should I install Microsoft Update first?

- Install: SP3, IE8, Windows Update Agent. I use 7.4. Install Windows Update Agent 7.4.7600.226 which is the last one with manual installation. The 7.6.7600.256 has automatic installation but needs the previous agent already installed, so if there is no agent installed you have to start with 7.4. https://support.microsoft.com/en-us/help/946928/information-for-network-administrators-about-how-to-obtain-the-latest (Change en-us to your language as pl-pl?)

- Switch from Windows Update to Microsoft Update:
    - Activate Control Panel / automatic updates and it is important to wait about 5 minutes
    - http://www.update.microsoft.com/microsoftupdate
    - Install ActiveX until it says it has been installed.
    - Close IE8.
    - Turn off automatic updates.
    - Reboot. If it fails to repeat again expecting more.

Edited by wyxchari
  • Upvote 1

Share this post


Link to post
Share on other sites
2 hours ago, Mcinwwl said:

Is there any trick to do so, or should I install Microsoft Update first? 

You need to install IE7 or IE8 and WindowsUpdateAgent-7.6. Then IE can be removed, the search for updates should remain working.

Share this post


Link to post
Share on other sites
Posted (edited)

@Mcinwwl

If it does not work try the following, highlight and accept at AU Notify me but don't automatically download or install them. Wait a while until the yellow warning sign appears. Then WU / MU should work in IE too.

XPTEST21.jpg

Have a test where I have the WindowsUpdateAgent-7.6.7600.xxx installed, enabled in IE6 TLS1 and SSL2 / SSL3 disabled. First I got offered KB898461 and have this installed. After that, I was offered as follows

 

XPTEST1.jpgXPTEST2.jpgXPTEST3.jpgXPTEST4.jpgXPTEST5.jpgXPTEST6.jpgXPTEST7.jpgXPTEST8.jpgXPTEST9.jpgXPTEST10.jpgXPTEST11.jpgXPTEST12.jpg

I can gladly send you the WindowsUpdateAgent, which I use myself (installed in my updaterollup with the parameters /wuforce /quiet /norestart), version 7.6.7600.257 via PM.

Furthermore, the direct link to MU

http://update.microsoft.com/microsoftupdate

:)

Edited by heinoganda

Share this post


Link to post
Share on other sites
Posted (edited)
2 hours ago, heinoganda said:

If it does not work try the following, highlight and accept at AU Notify me but don't automatically download or install them. Wait a while until the yellow warning sign appears. Then WU / MU should work in IE too.

 

Have a test where I have the WindowsUpdateAgent-7.6.7600.xxx installed, enabled in IE6 TLS1 and SSL2 / SSL3 disabled. First I got offered KB898461 and have this installed. After that, I was offered as follows

Well it worked, thanks :)

and now I laugh hard:

obraz.png.c58ffa8d2e1b22779bb7917b54cd5d0e.png

And I tried to use it. Guess what blocked me.

originality.thumb.JPG.bc5042be8c867441135c2cd493bd7221.JPG

windows need to check if it's original. Hm. Let's click:

ohwell.JPG.875cda56e920ae27b0e7bcf765dfc3f9.JPG

Hopefully, as heinoganda suggested, doing it via Automatic updates works.

nowość means new

Edited by Mcinwwl

Share this post


Link to post
Share on other sites

Anyone noticed Microsoft Security Essentials stopped updating on 22th April on XP with PosReady 2009 mod?

Even manual updating doesn't work. Updates are downloaded but not installed.

Share this post


Link to post
Share on other sites

Yes, there's a whole thread about it here!
:lol:

Share this post


Link to post
Share on other sites
On 5/15/2019 at 5:02 PM, Mathwiz said:

Hmm - article mentions XP, Server 2003, Server 2008, Win 7, and Server 2008 R2 - what about Vista?

 

On 5/16/2019 at 3:16 PM, Mathwiz said:

Vista/Server 2008 can download and install KB4499180 to patch this vulnerability

I appreciate all the concern for Windows Vista on page 199 of this thread! You might be interested to know that Microsoft has just revised Customer guidance for CVE-2019-0708, which now advises those running Vista to install KB4499180 for Server 2008. The KB article has also been revised to include Windows Vista.

  • Like 2

Share this post


Link to post
Share on other sites

I forgot to ask if the final POSReady 2009 or KB4500331 updates broke compatibility with Avast 18.8? (The Windows 6.0 rollups for April and May reportedly do).

Share this post


Link to post
Share on other sites

Vistapocalypse - I have Avast AV Free 18.8.2356 and installed KB4500331 ten days ago.  No problems so far that I see.

 

But then again, I use duct tape.

  • Like 2

Share this post


Link to post
Share on other sites
Posted (edited)

I wanna tell you something that happened to me. I have a network populated by Windows XP machines, all patched and with Avast and they are all connected to internet and they use it on a daily basis for any sort of stuff. There are other machines in the network that are running other OS like Fedora Linux with Nod32 antivirus and Android with Avast as well. Last but not least, there are virtual machines with Win10, Win98 and other versions of Windows for testing purposes, but they are not accessible from the outside world. Recently we decided to setup a test bench in bare metal, running Windows Server 2019 and connect it to internet and the outside world. We've got an email from the ISP stating that one of our machines has probably been compromised as it has been used in an attack. Later on, we found out that the attacker managed to get access to the machine by using a vulnerability in the RDP protocol of Windows Server 2019. The machine had all the latest updates installed, but no antivirus or firewall other than the default Microsoft ones (it was a test bench after all). It's funny how someone who attacked a network full of Windows XP machines just ignored them, went straight to the one running Windows Server 2019 and managed to compromise it...

It surely makes you think...

Edited by FranceBB
  • Like 4
  • Upvote 1

Share this post


Link to post
Share on other sites
Posted (edited)
40 minutes ago, FranceBB said:

It's funny how someone who attacked a network full of Windows XP machines just ignored them, went straight to the one running Windows Server 2019 and managed to compromise it...

I have always thought that having the latest is never the best. The latest operating system (or now version of Windows 10) is the worst thing you can have for security. Computers must be updated but not to the latest version. For example, it is better to have Windows 1803 updated than 1809 updated. Microshit uses our computers as a test bench and the correct updates are passed on to companies after 4 months or more. The proof of this is in the Windows 10 itself, update options and selection of the download semi-annual channel.

Edited by wyxchari
  • Like 6

Share this post


Link to post
Share on other sites
On 5/28/2019 at 5:21 PM, wyxchari said:

I have always thought that having the latest is never the best.

1+:)

Share this post


Link to post
Share on other sites

OK. I've just sanitized this thread. Please do post all rampant paranoia posts on the proper thread, instead:

The posts that should already have been posted in the above thread were moved into it. Thanks for your cooperation.

  • Like 2
  • Upvote 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...