End of POSReady 2009 Patches: What to Do?

[NojusK]

26 minutes ago, Sampei.Nihira said:

Hi.

Internet Explorer is the biggest weakness in an unpatched OS.

It's a big weakness even in patched OS.

An example in the recent news:

 

https://thehackernews.com/2019/03/microsoft-edge-ie-zero-days.html

 

Better to take some extra precautions.

 

I seeLooks like time to lock  IE after april 9th

[Vistaboy]

Sometimes i've tried to disable IE. It was a mess, because other applications (i.e Excel sheets) that must interface with web-pages (data update) become unusable. So i've desisted and get aware that even if you don't use IE, you can delete/disable it from your S.O.

I'm really curious about Sampei.Nihira partial attempt can be resolutive of cited dysfunctions. 

[TuMaGoNx]

I thought Posready was equipped with FBWF/EWF for a reason... with junction.. App virtualizer.. and maybe disk image mounter..
why slowdown the OS with "malware" called heuristic antivirus/HIPS or wahtever?

Just kidding

[Sampei.Nihira]

On 3/30/2019 at 4:03 PM, Sampei.Nihira said:

My list of changes to be made after April 9 th:

1) I.E.8 (Script blocking) - F12 -> Disable -> script

2) I.E. 8 (Trick 1803) or OSA Rule for I.E.

3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates

4) services.msc -> Pc security center -> Stop the service -> Start type disabled

5) service.msc -> Automatic Updates -> Stop the service -> Start type disabled

 

Changes made.

[dencorso]

On 3/30/2019 at 12:03 PM, Sampei.Nihira said:

2) I.E. 8 (Trick 1803) or OSA Rule for I.E.

Well... what "Trick 1803" is supposed to mean?

[Sampei.Nihira]

8 hours ago, dencorso said:

Well... what "Trick 1803" is supposed to mean?

I explained it in the first post of this 3D.

There is also an image that shows that the download of the executable file is blocked.

[Vistaboy]

18 hours ago, Sampei.Nihira said:

3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates

oh no, doing so you'll never know if MS will give an update for POSReady2009 in next years as they did it in 2017 about Wannacry for XP after 3 years of EOS

Edited April 10, 2019 by Vistaboy

[sparty411]

2 minutes ago, Vistaboy said:

oh no, doing so you'll never know if MS will give an update for POSReady2009 in next years as they did it in 2017 about Wannacry for XP after 3 years of EOS

My thoughts exactly. I'll keep automatic updates turned on for now.

[Sampei.Nihira]

Disabling scripts in I.E.8 causes the problem highlighted in the example below with Outlook Express:

With Scripts enabled:

Edited April 10, 2019 by Sampei.Nihira

[Sampei.Nihira]

@sparty411

@Vistaboy

These news would also be reported here.

With 2 other services disabled (no longer useful) the OS should also be more responsive.

[Mathwiz]

I do find the PC security center pretty useless. Mostly it just (incorrectly) reports that Windows Firewall isn't turned on, or that I have no AV software enabled, for a few minutes during boot-up.

As for automatic updates, I still need them for Office 2010, but have long had mine set to "Notify me but don't automatically download or install them." Seems like a reasonable compromise: when the rare update appears, I get the yellow shield, then I click on it and see what's available. Then if I want it, I just download & install it via Microsoft Update; if not, I hide it and the yellow shield goes away.

[Dave-H]

Exactly what I do!

[dencorso]

On 3/30/2019 at 1:03 PM, someguy25 said:

3) Control panel -> Pc security center -> Automatic updates -> Disable automatic updates

That I have done before 1st connecting to the internet, at install time, 12 years ago (and on every subsequent new installation I did on my other machines from SP2 time onwards). Since then I always serached for updates manually, using the "Custom" option. That's how I prevented KB905474 (by hiding it) from installing. After that, on serarching again it offered KB892130, which I accepted.

[Sampei.Nihira]

Interesting Internet Explorer zero-day:

 

https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/

I wonder if the vulnerability can also affect I.E.8.

The default application to open MHT files in Windows XP is Internet explorer 8:

Pale Moon (and New Moon) requires an extension to be installed to read and write MHT files:

https://en.wikipedia.org/wiki/MHTML

For the moment I have not installed the extension for New Moon but I have changed the default program to open these types of files:

Edited April 12, 2019 by Sampei.Nihira

[Mathwiz]

Here's a link to the MAFF/MHTML add-on for FF 52: http://maf.mozdev.org/installation.html. Click "final version" to download and install. "Previous versions" link appears broken, but previous versions are available via the Classic Add-ons Archive (which is itself an add-on!)

Should work on all UXP and Moebius browsers (FF 52.x/PM/NM/Basilisk/Serpent). You can then set your FF-family browser as the default for opening .mht[ml] files as above.

If you use the IE Tab 2 extension, make sure to delete the rule that causes .mht[ml] files to open in an IE tab; otherwise they'll still be opened with IE and still be vulnerable to the exploit!

Edit: Alternatively, I believe Opera 12.18 will open .mht[ml] files. Not sure about later, Chromium-based versions of Opera.

Edited April 12, 2019 by Mathwiz