Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Recommended Posts

So i previously made a post titled, "modernize ie6," After coming to a decision to upgrade to ie8, I realized it was a lot better, although not perfect at all, but usable. I kind of just got bored with ie6. So the point of my new project, is modernizing not ie6, but ie8. If you don't know, there's a lot of sites that depend on tls 1.1 or 1.2, while ie8 in XP doesn't support either. For example, Wikipedia. Even that (a mostly text based site) wont load. "This page cannot be displayed" Im sure you all have seen that error at some point in time. So heres a few goals:

-tls 1.1 and 1.2 support (SOLVED)

-html5 support (if thats even possible)

-ecc support

-acid3 support

-better speed (really slow on some sites compared to Firefox or anything else, if thats even possible to fix)

- other miscellaneous things you think would be helpful

So feel free to reply if you know of anything. Thanks! DISCLAIMER: please don't say stuff like, "lol why r u using ie8?" or "just use another browser" or maybe even "ie8 is dangerous because its not supported by Microsoft, use Firefox!" Because you see that ruins the point of my experiment, I already have other browsers, I just want to see what I can do with ie8.

ie8 lives on!.PNG

Edited by apreese16
  • Upvote 1

Share this post


Link to post
Share on other sites

As for TLS 1.1/1.2, there seems to be an update for POSReady 2009 here that adds TLS 1.1/1.2 support to that OS. I can't say for sure whether it works in XP or not as I don't use XP.

I know to get the option for TLS 1.1/1.2 in Windows Vista, you have to tinker with the registry a bit after installing KB4019276 for Windows Server 2008, as there's no official TLS 1.1/1.2 update for Vista either. There's a tutorial thread on it here if you want to have a look, as the process may be similar or the same for XP. 

Good luck!

Share this post


Link to post
Share on other sites
On 7/26/2017 at 8:40 PM, VistaLover said:

Fortunately, a recent MS update (intended for the WS2008SP2 OS) can be applied on Vista SP2 that will implement TLS 1.1/1.2 support on Vista's IE9, too! :); I have spoken about this important update here.

1. Install then KB4019276

2. Reboot the Vista machine

3. After restart, launch the Registry Editor (regedit), preferably as Administrator.

4. Navigate to


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1

5. Delete the "OSVersion"="3.6.1.0.0" subkey; BTW, I don't know which WinOS that string refers to (Win6.1=Win7)

6. Navigate to


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2

7. Again, delete the "OSVersion"="3.6.1.0.0" subkey. Exit Registry Editor.

8. Launch IE9; Tools -> Internet Options -> Advanced tab -> Scroll all the way down to "Security":

IE9_VistaSP2_AdvancedOptions.thumb.jpg.8c032ea1ae8ed0c374cdc35e8a5b2bd8.jpg

Prior to KB4019276 and registry manipulations, only "Use TLS 1.0" had been available on Vista; you should have already unchecked the older "Use SSL 2.0/3.0" options, to avoid being targeted by "POODLE" attacks; uncheck "Use TLS 1.0" (optionally also "Use TLS 1.1") and check "Use TLS 1.2".

9. Click Apply, OK, then exit IE9.

10. Upon restarting IE9, you'll find you can now visit all those sites that previously would not load due to unsupported TLS protocols:

IE9-TLS12-Success.jpg.f9dde9e4589a16e5acd5e540fc767407.jpg

10. You can verify further that indeed 1.2 is being used during server-client negotiations via specialised sites or via IE9's native GUI:

IE9_TLS-1.2_VistaSP2_1.jpg.1672c01eb838da5f57e76da87bb5be2b.jpg

IE9_TLS-1.2_VistaSP2_2.jpg.115d319bc6a8eb69f2102fbd0f411e33.jpg

I honestly hope you'll find my post to be of value; enjoy your more secure (than ever before?) Vista OS! :wub:

7 hours ago, WinClient5270 said:

As for TLS 1.1/1.2, there seems to be an update for POSReady 2009 here that adds TLS 1.1/1.2 support to that OS. I can't say for sure whether it works in XP or not as I don't use XP.

I know to get the option for TLS 1.1/1.2 in Windows Vista, you have to tinker with the registry a bit after installing KB4019276 for Windows Server 2008, as there's no official TLS 1.1/1.2 update for Vista either. There's a tutorial thread on it here if you want to have a look, as the process may be similar or the same for XP. 

Good luck!

Way to go, @WinClient5270!!! :yes:

It sure does seem work for IE8 on XP SP3 (with the POSReady 2009 trick)!  :yes::w00t:
I mean, at least the Advanced Settings tick boxes for TLS 1.1 and 1.2 do appear as advertised.
Let's, however, test this some more, before commemorating, just to stay on the safe side.
In case it turns out to really work, I'll split your previous post and this one into a new topic and pin it.

 

 

 

 

 

 

  • Upvote 2

Share this post


Link to post
Share on other sites

@dencorso Ive heard about that trick before, so how exactly does it work? Ive seen videos of people using notepad to make xp home get the posready2009 updates. Ive also heard it could screw up my computer. Anyway thanks for commenting!

Edited by apreese16

Share this post


Link to post
Share on other sites
2 hours ago, dencorso said:

Way to go, @WinClient5270!!! :yes:

It sure does seem work for IE8 on XP SP3 (with the POSReady 2009 trick)!  :yes::w00t:
I mean, at least the Advanced Settings tick boxes for TLS 1.1 and 1.2 do appear as advertised.
Let's, however, test this some more, before commemorating, just to stay on the safe side.
In case it turns out to really work, I'll split your previous post and this one into a new topic and pin it.

Glad I was able to help! :) But @VistaLover deserves most of the credit, since he found out how to get it working on Vista in the first place. 

If you're having trouble getting TLS 1.1/1.2 working in XP, there may be some additional registry tweaks that you have to do to get it working. Microsoft lists some here that may be necessary (scroll down to "More information" section). If it still doesn't work, there may be other prerequisites (additional IE8 or POSReady updates) that need to be installed before it will work. Although Microsoft says there are no prerequisites needed for POSReady 2009 (on the page that I just linked), that may not hold true for Windows XP. 

Since we were able to get TLS 1.1/1.2 in Windows Vista with IE9 via the Server 2008 update, I won't be surprised if it can also be made to work in XP, since POSReady is essentially the same OS (just as Vista and Server 2008 are nearly identical).

Share this post


Link to post
Share on other sites

Lack of TLS 1.2 support in IE8 is one small problem. Missing Elliptic-curve cryptography support on OS/IE level is a much bigger and still unsolvable problem.;) If You really need a solution You can ask @heinoganda for help through PM.

Share this post


Link to post
Share on other sites
30 minutes ago, Bersaglio said:

Lack of TLS 1.2 support in IE8 is one small problem. Missing Elliptic-curve cryptography support on OS/IE level is a much bigger and still unsolvable problem.;) If You really need a solution You can ask @heinoganda for help through PM.

Thanks! Ill look into it! Also has been added to my list of goals

Edited by apreese16

Share this post


Link to post
Share on other sites
2 hours ago, Bersaglio said:

Lack of TLS 1.2 support in IE8 is one small problem. Missing Elliptic-curve cryptography support on OS/IE level is a much bigger and still unsolvable problem.;) If You really need a solution You can ask @heinoganda for help through PM.

I did not know that; that's unfortunate. Does this mean that TLS 1.1/1.2 (in IE) relies on ECC to work? 

If that is the case, since Vista introduced ECC, I guess this means that TLS 1.1/1.2 is Vista/IE7+ for now, unless someone manages to backport ECC to XP (if that's even possible). 

Edited by WinClient5270

Share this post


Link to post
Share on other sites

So now I have an even bigger problem. After adding the posready updates hack to the registry, I cant get ie 8 to finish checking for updates in windows update. It will just keep scanning. I have tried restarting my computer and 15 minutes later its still checking for updates. Did the hack screw up my system?? Someone help!

Share this post


Link to post
Share on other sites
15 minutes ago, apreese16 said:

So now I have an even bigger problem. After adding the posready updates hack to the registry, I cant get ie 8 to finish checking for updates in windows update. It will just keep scanning. I have tried restarting my computer and 15 minutes later its still checking for updates. Did the hack screw up my system?? Someone help!

Do you have Microsoft Update installed?

Try installing the updates listed in this post: 

 

Share this post


Link to post
Share on other sites
8 minutes ago, WinClient5270 said:

Do you have Microsoft Update installed?

Try installing the updates listed in this post: 

 

Yes because before i added the hack windows update was working fine, its now been 30 minutes

Share this post


Link to post
Share on other sites

Sorry, I am of limited help since I don't use nor do I have access to Windows XP at the moment. Although if it has only been 30 minutes, you may have to give it more time as I recall XP taking even longer than that to find updates sometimes back when I used the OS.

This thread has a few solutions that may work for you; I would read the replies there. Since the suggestions didn't work for them, the OP ultimately ended up reinstalling the Unofficial SP4 which fixed the problem they were having, but if you don't have that update installed to begin with then I guess that solution is out of the question.

45 minutes ago, apreese16 said:

Worst case, how do i remove the registry items added to the registry for the hack?

Looking at heinoganda's reply here, try setting the DWORD "Installed" value to 0, which would be safer than deleting things if it works. If that doesn't work then I would simply delete the entire "POSReady" key by right-clicking on the key and choosing "Delete" (WARNING: BE VERY CAREFUL WHEN DELETING REGISTRY KEYS! Make sure you have the correct one selected before deleting anything!)

Good luck!

Edited by WinClient5270

Share this post


Link to post
Share on other sites
22 hours ago, apreese16 said:

Yes because before i added the hack windows update was working fine, its now been 30 minutes

(Sorry if there's a clarity issue here, Its growing on me that there likely is...sorry...) I think he might mean did you install the updates listed on the page he linked to.

Specifically these updates have been released after the end of Vinilla XP support.

Quote

IE8 on POSReady 2009
* KB4052978 Cumulative security update (2017-12)
 
IE8 on XP SP3
* KB4018271 Cumulative security update (2017-06)
 
Office Compatibility Pack SP3
* KB3213641 Security update for OGL (2017-09)
* KB3213644 Security update for Powerpoint (2017-09)
* KB4011201 Security update for MSO (2018-01)
* KB4011605 Security update for Excel (2018-01)
* KB4011607 Security update for Word (2018-01)

Find Them Here:

http://www.catalog.update.microsoft.com/Home.aspx

The Office ones are only needed if you use the Compatibility Pack to open DOCX files on Office versions older than 2007 

ALSO: You might need MSI v4.5:

https://www.microsoft.com/en-us/download/details.aspx?id=8483

Edited by i430VX

Share this post


Link to post
Share on other sites

@apreese16

Disable automatic updates and reboot. Now MSI 4.5 (KB942288-v3) should be installed, then manuel the latest update of IE8 (KB4052978). Make sure that TLS 1.0 is active in Internet Explorer 8. Now the search should work with Windows Update in Internet Explorer 8. If you have the Microsoft Office Compatibility Pack or Office 2007-2010 installed, Microsoft Update may resolve this problem again. In this scenario, you must manually install the latest updates for these products from October 2016 or go back to Windows Update.

Note: You can not just enter the POSReady entry in the registry, a detailed manual has been to the "POSReady 2009 updates ported to Windows XP SP3 ENU" published!

:)

Edited by heinoganda

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×