Jump to content

[Request] Spectre/Meltdown Patches For Windows XP SP3

legacyfan

By legacyfan
in Windows XP

 Share

Recommended Posts

legacyfan

legacyfan

Posted
Posted (edited)

has anyone seen this update? I'm working on collecting updates for xp and these 2 are the few updates that are harder to find ive searched the catalog plus several more places and can't seem to find them anywhere if anyone could help me find this or knows where to download this it would br much appreciated

Edited by legacyfan
Link to comment
Share on other sites

legacyfan

legacyfan

Posted
  • Author
Posted (edited)
16 minutes ago, George King said:

Use WU Dump if needed. Btw, what KBs are you searching for?

I have almost all XP Updates for all languages except one request only, which was never found on internet.

I'm looking for the unofficial spectre/meltdown Patches for posready2009 (its the only way to install the patch on xp)

Edited by legacyfan
1
Link to comment
Share on other sites
  • legacyfan changed the title to [Request] Spectre/Meltdown Patches For Windows XP SP3
Country Cat

Country Cat

Posted
Posted (edited)

I think I saw a user named "mockingbird" on another forum asked about a Spectre/Meltdown patch for POSReady2009 back in 2018, but I don't know if they ever found one. I'm sorry; I wish I could be of more help. Good luck on your search, and I'll be sure to let you know if I manage to find more info.

Edit: Question was updated to be more general, KB4056615 seems to be the one you are searching for.

Edited by Country Cat
Question was updated
1
Link to comment
Share on other sites
AstroSkipper

AstroSkipper

Posted
Posted (edited)
19 hours ago, legacyfan said:

has anyone seen this update? I'm working on collecting updates for xp and these 2 are the few updates that are harder to find ive searched the catalog plus several more places and can't seem to find them anywhere if anyone could help me find this or knows where to download this it would br much appreciated

You did not provide any detailed information what you are looking for. What about KB numbers? I assume you are looking for these two updates: KB4056615 and KB4056941. Use the Windows Update Catalog! I found them, but the German language versions, though. Logically! I am located in Germany. You will be offered the English ones in your country. :)

Edited by AstroSkipper
Update of content
1
Link to comment
Share on other sites
AstroSkipper

AstroSkipper

Posted
Posted
6 minutes ago, legacyfan said:

thanks @AstroSkipper for the information and the download links

You're welcome! As @Vistapocalypse already said, this matter was already discussed in the thread "POSReady 2009 updates ported to Windows XP SP3 ENU". All Spectre and Meltdown vulnerabilities depend massively on the CPU architecture of the computer that is to be protected. I would recommend reading the comments there and getting more information on the internet. :)

1
Link to comment
Share on other sites
George King

George King

Posted
Posted
On 4/1/2023 at 1:32 PM, AstroSkipper said:

You did not provide any detailed information what you are looking for. What about KB numbers? I assume you are looking for these two updates: KB4056615 and KB4056941. Use the Windows Update Catalog! I found them, but the German language versions, though. Logically! I am located in Germany. You will be offered the English ones in your country. :)

@legacyfan KB4056615 is replaced by KB4463103 

4
Link to comment
Share on other sites
  • 4 weeks later...
Zorba the Geek

Zorba the Geek

Posted
Posted (edited)
On 4/1/2023 at 7:24 PM, AstroSkipper said:

All Spectre and Meltdown vulnerabilities depend massively on the CPU architecture of the computer that is to be protected.

I did some research and discovered that there have been no Spectre and Meltdown kernel patches released for Core2Duo CPUs, so I was out of luck.  As for the the POSReady 2009 updates mentioned here I am not convinced that they are intended to resolve the Spectre and Meltdown vulnerabilities.

KB4056615 is covered by CVE-2018-0748 whose summary is as follows:

Quote

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly enforces permissions.

KB4056615 has been replaced by KB4463103 which is covered by CVE-2018-8411 whose summary is as follows:

Quote

An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.

The security update addresses the vulnerability by correcting how NTFS checks access.

and is also covered by CVE-2018-8330 whose summary is as follows:

Quote

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.

I have KB4463103 included as an update on my system and tests for Spectre and Meltdown mitigation showed that there was nothing.  I am completely unprotected.

Edited by Zorba the Geek
2
Link to comment
Share on other sites
AstroSkipper

AstroSkipper

Posted
Posted
2 hours ago, Zorba the Geek said:

I did some research and discovered that there have been no Spectre and Meltdown kernel patches released for Core2Duo CPUs, so I was out of luck.  As for the the POSReady 2009 updates mentioned here I am not convinced that they are intended to resolve the Spectre and Meltdown vulnerabilities.

KB4056615 is covered by CVE-2018-0748 whose summary is as follows:

KB4056615 has been replaced by KB4463103 which is covered by CVE-2018-8411 whose summary is as follows:

and is also covered by CVE-2018-8330 whose summary is as follows:

I have KB4463103 included as an update on my system and tests for Spectre and Meltdown mitigation showed that there was nothing.  I am completely unprotected.

Well, unfortunately, you can't always be lucky. In any case, a well-researched, detailed investigation of the Spectre and Meltdown vulnerabilities. :thumbup

1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...