dencorso Posted January 11, 2019 Share Posted January 11, 2019 Since no "POSReady-type" spoof is needed, for all purposes, the OS remains 7 (Ultimate x86 or x64 in my machines, BTW). So the question is will MS stop producing signature updates in 2020 (when, say, 7 still shall have about 40% usage share)? I doubt it. It'd be the equivalent of shooting a bazooka on their own foot. They may be raving mad, but not that mad, IMO. YMMV. 1 Link to comment Share on other sites More sharing options...
jaclaz Posted January 11, 2019 Share Posted January 11, 2019 5 hours ago, dencorso said: I doubt it. It'd be the equivalent of shooting a bazooka on their own foot. Naah, no bazooka, they will use a laser-guided Destructo-Beam, which is one of the best possible uses of .NET: http://www.toodarkpark.org/computers/humor/shoot-self-in-foot.html jaclaz Link to comment Share on other sites More sharing options...
Vistapocalypse Posted January 12, 2019 Share Posted January 12, 2019 On 1/11/2019 at 7:51 AM, dencorso said: So the question is will MS stop producing signature updates in 2020 (when, say, 7 still shall have about 40% usage share)? I doubt it. It'd be the equivalent of shooting a bazooka on their own foot. They may be raving mad, but not that mad, IMO. If Microsoft announces a grace period for MSE users on Windows 7, as they once did for Windows XP (https://support.microsoft.com/en-us/help/15344/microsoft-antimalware-support-for-windows-xp) but not for Vista, that would of course be useful information to anyone hoping to use MSE 4.4 on Vista or XP for more than one year. Otherwise, I would still assume that MSE definition updates will end on January 14, 2020. Meanwhile, MSE users on the supposedly unsinkable Windows 7 should expect to see the amber warnings that were originally the topic of this thread beginning in October - unless they downgrade to MSE 4.4 to avoid that indignity. Link to comment Share on other sites More sharing options...
dencorso Posted January 12, 2019 Share Posted January 12, 2019 Look: between 7 and 10 MS should have about 80% of the total usage share. Leaving something under 50% of that total on no antivirus, considering they'd be actively endangering the remaining 10 machines, just to try and force a couple more percent to move over to 10 is suicidal, and MS fully knows that. Of course they are bound to announce a grace period once again. They may be raving mad, but not complete fools. 1 Link to comment Share on other sites More sharing options...
Vistapocalypse Posted July 16, 2019 Share Posted July 16, 2019 (edited) I have recently installed MSE 4.4.304.0 on Vista 6.0.6002 (i.e. no SHA-2 support) for testing. Thus far it appears that automatic definition updates ain't gonna happen, even after manually installing initial definition updates. I wonder if @WinClient5270 or anyone else running build 6003 with SHA-2 support is having more success with MSE definition updates now? (If anyone running build 6002 is getting automatic definition updates, then I need to troubleshoot.) This MSE version is nevertheless still usable at this time (unlike more recent versions featuring the EOL kill switch), if you don't mind bookmarking the definitions download page for daily visits. Edit: The news is even worse: MSE 4.4 with engine version 1.1.16100.4 flunks every Features Check at AMTSO!? Granted, MSE has no anti-phishing and never was as good as Malwarebytes against PUPs, but before Vista's EOL I used MSE 4.10.209.0 and it was able to pass AMTSO's drive-by downloads test. MSE 4.4's real-time protection only detects the EICAR test file when I click on it after downloading. IE9's SmartScreen Filter is actually more effective at preventing the download of the test file. Comodo and even legacy versions of Avast/AVG are looking much more attractive to me now. Edited July 17, 2019 by Vistapocalypse 1 Link to comment Share on other sites More sharing options...
crazyal12 Posted July 17, 2019 Share Posted July 17, 2019 On 7/16/2019 at 10:09 PM, Vistapocalypse said: I have recently installed MSE 4.4.304.0 on Vista 6.0.6002 (i.e. no SHA-2 support) for testing. Thus far it appears that automatic definition updates ain't gonna happen, even after manually installing initial definition updates. I wonder if @WinClient5270 or anyone else running build 6003 with SHA-2 support is having more success with MSE definition updates now? (If anyone running build 6002 is getting automatic definition updates, then I need to troubleshoot.) This MSE version is nevertheless still usable at this time (unlike more recent versions featuring the EOL kill switch), if you don't mind bookmarking the definitions download page for daily visits. Edit: The news is even worse: MSE 4.4 with engine version 1.1.16100.4 flunks every Features Check at AMTSO!? Granted, MSE has no anti-phishing and never was as good as Malwarebytes against PUPs, but before Vista's EOL I used MSE 4.10.209.0 and it was able to pass AMTSO's drive-by downloads test. MSE 4.4's real-time protection only detects the EICAR test file when I click on it after downloading. IE9's SmartScreen Filter is actually more effective at preventing the download of the test file. Comodo and even legacy versions of Avast/AVG are looking much more attractive to me now. How did you manage to get MSE to update? Mine is now stuck at this and manually clicking update doesn't find anything. I'm using Vista 32 bit, I even tried going here https://www.microsoft.com/en-us/wdsi/definitions and downloading manually for Microsoft Security Essentials. But when I run it nothing really happens, a bit of disk activity then nothing. Link to comment Share on other sites More sharing options...
Vistapocalypse Posted July 18, 2019 Share Posted July 18, 2019 6 hours ago, crazyal12 said: How did you manage to get MSE to update? Mine is now stuck at this and manually clicking update doesn't find anything. I'm using Vista 32 bit, I even tried going here https://www.microsoft.com/en-us/wdsi/definitions and downloading manually for Microsoft Security Essentials. But when I run it nothing really happens, a bit of disk activity then nothing. Welcome back to MSFN crazyal12. (I had never even heard of MSFN the last time you posted.) No, the Update tab in the UI doesn't accomplish anything for me either. Are you running Vista 6.0.6002, or have you "upgraded" to build 6003 by installing recent Server 2008 updates? Downloading manually seems to be the only way to update MSE 4.4 definitions now. Your link should be fine AFAIK, but I have actually been using this page. I always save the file, then right-click and run as administrator. The instructions say "a file extraction dialog box appears" but I haven't seen it. My only other tip is don't hurry to delete file mpam-fe because "disk activity" may take a few minutes. I have updated definitions once more since my previous post: When I first saw your post, I thought you really must be crazy to ask a question about MSE 4.4 after reading my previous post exposing its current shortcomings. However I visited AMTSO again before replying, and MSE performed much better tonight - presumably because of the new definition version, or else some sort of glitch that resolved itself: 1 Link to comment Share on other sites More sharing options...
dencorso Posted July 18, 2019 Share Posted July 18, 2019 14 hours ago, Vistapocalypse said: Downloading manually seems to be the only way to update MSE 4.4 definitions now. Well, I think it can be, at least, automated. Please feel free to try the attached batch file (= script = .cmd) and report the results. I think the bach should be run as the administrator (but since I'm not a Vista user, I may be wrong). Moreover, it'll only run correctly if there is a GNU wget.exe in the executable path (it's a stand-alone file, just dropping it into %windir% ought to be enough). I do recommend GNU Wget v. 1.11.4, but any later version will do fine, too. If this works OK, we can then proceed to making it silent and using the task scheduler to run it periodically. Of course, anyone who follows this advice, does so on his own, and knowing fully well that the standard disclaimer applies: I guarantee nothing whatsoever about it, nor about the use one makes of it. So, by deciding to apply it you fully accept that anything you do is of *YOUR* SOLE RESPONSIBILITY... Hence, if after using this batch file your pc morphs into a purple mushroom and explodes, causing a 10-day worldwide blackout in the process, you know you can't blame me for it! You have been warned. MSEUPD_Vista.7z 1 Link to comment Share on other sites More sharing options...
Vistapocalypse Posted July 20, 2019 Share Posted July 20, 2019 On 7/18/2019 at 2:42 PM, dencorso said: Well, I think it can be, at least, automated. Please feel free to try the attached batch file I know how dedicated you and heinoganda were to keeping MSE working on XP, and appreciate that an XP enthusiast would devote time and effort on behalf of the handful of Vista users who might be interested (and I was your 1 download thus far). However, the intermittent real-time protection issue is a much bigger concern to me than the inconvenience of manually downloading definitions. I installed another definition update, visited AMTSO and found that real-time protection was not working (i.e. download of file eicar not prevented). I restarted the system, and real-time protection was working for some time afterwards, but later stopped working again. There is no indication of trouble in MSE's UI or in Control Panel > Security Center: all green. You just gotta find out the hard way whether or not it's really working. This issue does not affect scanning: Once file eicar has been downloaded, scanning will reliably remove it. However I want dependable real-time protection, and therefore will not be installing Wget at this time. As I said in my Tuesday July 16 post above (as edited), "Comodo and even legacy versions of Avast/AVG are looking much more attractive to me now." Thanks anyway dencorso. 1 Link to comment Share on other sites More sharing options...
VistaLover Posted July 23, 2019 Share Posted July 23, 2019 (edited) Very much like MSE 4.4.304.0 (manually) installed on Vista SP2, the native anti-spyware implementation, aka Windows Defender, ceased receiving definitions update via Windows Update itself sometime after the July 9th deadline; as posted here, the last def update (v1.297.531.0) I got through WU was on July 6th... Similarly, invoking a manual definitions update via the WD GUI: always results in So, currently, the ONLY way of updating WD def files on Vista SP2 is by manually downloading file mpas-fe.exe and then running it (probably "as administrator", but I wouldn't know differently, as I am already the unique admin of the machine!). The location for fetching the file is again https://www.microsoft.com/en-us/wdsi/definitions but in WD's case, it's the "Windows Defender in Windows 7 and Windows Vista" entries... Have you noticed the "Windows Vista" mention? Unlike Windows XP, M$ have still kept file mpengine.dll (inside file mpas-fe.exe) Vista compatible, so they kinda "silently" have continued to support Vista even past its Extended Support EoS, so I was genuinely taken aback (and then miffed) they broke automatic updates for Vista's WD... I have Vista SP2 Home Premium x86 (without the very recent ".6003" WS2008 updates) and hovering over the win32 link I see the following URI: https://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=925A3ACA-C353-458A-AC8D-A7E5EB378092 What's really weird is that clicking that link (during the last 2 weeks or so) has not always fetched the version claimed to be the latest in the page; e.g. the page may announce v1.299.301.0 as available, but downloading from the win32 link may get me an older version on disk (usually 3-6 "units" older, e.g. 1.299.296.0 etc.). To mitigate this, I have found the link in article https://www.askvg.com/how-to-update-windows-defender-offline-install-latest-virus-definition-files-manually/ to be very reliable in faultlessly fetching the version advertised as the most current : https://go.microsoft.com/fwlink/?linkid=70631 Alternatively, I would manually construct https://definitionupdates.microsoft.com/download/DefinitionUpdates/VersionedSignatures/AM/1.xxx.xxx.0/x86/mpas-fe.exe getting the "1.xxx.xxx.0" string from the downloads page... @dencorso: Many thanks indeed for your .cmd file ; however, be advised you only considered the x86 flavour of the definitions update file; it won't do for MSE 64-bit, the preferred default on Vista x64 installations... I also took the liberty of mimicking it for my own purposes, creating a WDUPD_Vista.cmd variant: @echo off ::pushd %temp% if not exist mpas-fe.exe start /min /wait wget -O mpas-fe.exe http://definitionupdates.microsoft.com/download/DefinitionUpdates/x86/mpas-fe.exe if exist mpas-fe.exe start /min /wait mpas-fe.exe del mpas-fe.exe ::popd I commented out your second line, because that way one doesn't have to place wget.exe in the %PATH% variable, just leave it be adjacent to the .cmd file, both in a user writable directory! Again, this is for the 32-bit architecture only... Thanks a bunch ! Edited July 23, 2019 by dencorso Added :: to the last line. 3 Link to comment Share on other sites More sharing options...
Vistapocalypse Posted July 23, 2019 Share Posted July 23, 2019 (edited) I wonder if users running build 6003 with SHA-2 support have the same problems getting definition updates for MSE 4.4.304.0 and Windows Defender as VistaLover and I? (I don't rule out "upgrading" sometime, but I wish to create an up-to-date image first. I use my Vista x86 PC mainly as a DVR these days and have a backlog of recorded TV, so step 1 is "watch more TV" so I can delete those big HD recordings that I don't want on my image.) Believers in Windows Defender should certainly like VistaLover's post above! Edited July 23, 2019 by Vistapocalypse Link to comment Share on other sites More sharing options...
dencorso Posted July 23, 2019 Share Posted July 23, 2019 I'm really glad to know you found my batch useful! 2 hours ago, VistaLover said: I commented out your second line, because that way one doesn't have to place wget.exe in the %PATH% variable, OK. That batch was offered as an example, to be tweaked as needed. However, if you commented out the "pushd %temp%" line, you ought to comment out the "popd" in the last line, too (to avoid a formal underflow, which isn't noticed because the batch ends there...). Then again, if wget.exe and WDUPD_Vista.cmd were put into the %windir% (for instance), then, by letting the 1st and last lines stand would just cause mpas-fe.exe to be executed in the %temp% folder, not in the %windir% folder. 1 Link to comment Share on other sites More sharing options...
crazyal12 Posted July 23, 2019 Share Posted July 23, 2019 On 7/18/2019 at 5:32 AM, Vistapocalypse said: Welcome back to MSFN crazyal12. (I had never even heard of MSFN the last time you posted.) No, the Update tab in the UI doesn't accomplish anything for me either. Are you running Vista 6.0.6002, or have you "upgraded" to build 6003 by installing recent Server 2008 updates? Downloading manually seems to be the only way to update MSE 4.4 definitions now. Your link should be fine AFAIK, but I have actually been using this page. I always save the file, then right-click and run as administrator. The instructions say "a file extraction dialog box appears" but I haven't seen it. My only other tip is don't hurry to delete file mpam-fe because "disk activity" may take a few minutes. I have updated definitions once more since my previous post: When I first saw your post, I thought you really must be crazy to ask a question about MSE 4.4 after reading my previous post exposing its current shortcomings. However I visited AMTSO again before replying, and MSE performed much better tonight - presumably because of the new definition version, or else some sort of glitch that resolved itself: Thanks, that alternate link worked! On 7/18/2019 at 8:42 PM, dencorso said: Well, I think it can be, at least, automated. Please feel free to try the attached batch file (= script = .cmd) and report the results. I think the bach should be run as the administrator (but since I'm not a Vista user, I may be wrong). Moreover, it'll only run correctly if there is a GNU wget.exe in the executable path (it's a stand-alone file, just dropping it into %windir% ought to be enough). I do recommend GNU Wget v. 1.11.4, but any later version will do fine, too. If this works OK, we can then proceed to making it silent and using the task scheduler to run it periodically. Of course, anyone who follows this advice, does so on his own, and knowing fully well that the standard disclaimer applies: I guarantee nothing whatsoever about it, nor about the use one makes of it. So, by deciding to apply it you fully accept that anything you do is of *YOUR* SOLE RESPONSIBILITY... Hence, if after using this batch file your pc morphs into a purple mushroom and explodes, causing a 10-day worldwide blackout in the process, you know you can't blame me for it! You have been warned. MSEUPD_Vista.7z 385.33 kB · 2 downloads I'm not real good with this sort of thing, how do I use these files? When I double click the .cmd file it tells me it can't find wget. Link to comment Share on other sites More sharing options...
VistaLover Posted July 24, 2019 Share Posted July 24, 2019 (edited) 15 hours ago, crazyal12 said: how do I use these files? ... But @dencorso did provide usage hints: 15 hours ago, crazyal12 said: Please feel free to try the attached batch file (= script = .cmd) and report the results. I think the batch should be run as the administrator (but since I'm not a Vista user, I may be wrong). Moreover, it'll only run correctly if there is a GNU wget.exe in the executable path (it's a stand-alone file, just dropping it into %windir% ought to be enough). When you unpack the attachment, you'll find a wget.exe binary; the way the batch file is written, wget.exe needs to be in your %PATH% (... environment variable, read more in Wikipedia ); if you don't want to manually add it to %PATH%, you can place that binary inside a directory already in %PATH%: @dencorso's suggestion was %windir% = %SYSTEMROOT% which should default to "C:\Windows", if your OS is indeed installed in the C drive... 15 hours ago, crazyal12 said: When I double click the .cmd file it tells me it can't find wget. The second line of the .cmd file changes your working directory to your %TEMP% folder ("Temporary Files" folder, should default to "C:\Users\<YourUserName>\AppData\Local\Temp"), where, of course, there's no wget.exe to be found : pushd %temp% This is why it is imperative you place wget.exe in a directory Windows already has in %PATH%, so it would know where to invoke it from... 15 hours ago, crazyal12 said: I'm not real good with this sort of thing Apologies for possibly sounding a bit harsh (... rest assured I mean well), but, unless you have some sort of learning disabilities (which if true, I profusely apologise for), almost everything new one wants to learn about is already there in the web, accessible with a bit of searching... Hope I've helped! Edited July 24, 2019 by VistaLover Link to comment Share on other sites More sharing options...
Vistapocalypse Posted July 24, 2019 Share Posted July 24, 2019 (edited) 2 hours ago, crazyal12 said: I'm not real good with this sort of thing, how do I use these files? When I double click the .cmd file it tells me it can't find wget. Have you even tested your real-time protection at AMTSO? I am now using a third-party antivirus because there is more to online security than getting pretty green colors in your 6-year-old MSE client. On 7/19/2019 at 8:40 PM, Vistapocalypse said: ...the intermittent real-time protection issue is a much bigger concern to me than the inconvenience of manually downloading definitions. I installed another definition update, visited AMTSO and found that real-time protection was not working (i.e. download of file eicar not prevented). I restarted the system, and real-time protection was working for some time afterwards, but later stopped working again. There is no indication of trouble in MSE's UI or in Control Panel > Security Center: all green. You just gotta find out the hard way whether or not it's really working. This issue does not affect scanning: Once file eicar has been downloaded, scanning will reliably remove it. However I want dependable real-time protection, and therefore will not be installing Wget at this time. As I said in my Tuesday July 16 post above (as edited), "Comodo and even legacy versions of Avast/AVG are looking much more attractive to me now." Edited July 24, 2019 by Vistapocalypse Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now