1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to get security updates for Windows XP until April 2019

Discussion in 'Windows - General discussion' started by ireland, May 26, 2014.

  1. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    i do not know if this works



    How to get security updates for Windows XP until April 2019

    By Martin Brinkmann on May 24, 2014 in Windows - Last Update: May 24, 2014 20

    Microsoft's official support for the Windows XP operating system ended more than a month ago. While some companies and organizations are still receiving updates for the operating system, end users do not.

    These companies pay Microsoft for that, usually because they were not able or willed to migrate computer's running Windows XP to another operating system before the extended support phase for the system ended.

    There is another exception to the end of support rule: Windows Embedded Industry, formerly known as Windows Embedded POSReady, operating systems continue to receive updates.

    What makes this interesting is the fact that Windows Embedded POSReady 2009 is based on Windows XP Service Pack 3, and that the security updates released for that system are identical with the ones that Microsoft would have released for XP systems.

    The extended support for Windows Embedded POSReady 2009 systems ends on April 9th, 2019 which means that you can use the trick to get another five years of security patches for XP.

    What you cannot do is go ahead and install those updates as you will get a version mismatch error when you try to do so. There is however a trick that you can use to bypass those checks so that you can install those updates on your version of Windows XP.Note: The trick works only for 32-bit versions of Windows XP SP3 and not 64-bit versions. While POSReady systems are very similar to Windows XP systems, it is recommended to back up the system before you make any changes as differences between the systems may result in issues after installing updates designed for it.

    All you need to do is add the following to the Windows XP Registry:

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
    "Installed"=dword:00000001

    I have uploaded a Registry file for you that you can use for that purpose. You can download it here: xp-security-updates.zip (1426 downloads)

    If you prefer to create one on your own do the following:

    Create a new plain text document.

    Paste the contents displayed above into it.

    Save the new document as xp.reg.

    Double-click the Registry file afterwards to add the contents to the Registry.

    Alternatively, open the Registry Editor manually: tap on Windows-r, type regedit and hit enter. Navigate to the key listed above and create a new Dword with the value listed there as well. (via Desk Modder and Sebijk)

    Both source sites are in German. If you open the Sebijk site, you will also find instructions on how to get this to work on 64-bit Windows XP systems. It involves running a batch file that replaces original update files with temporary ones that bypass the restrictions set in place.Closing Words

    If you are running Windows XP and do not want to switch to a new system or cannot, then you may want to try this trick to install security patches designed for the POSReady 2009 operating system on your PC.

    I recommend highly that you create a backup before you update the system as there is no guarantee that all updates will work properly on XP PCs. While POSReady 2009 uses the same core, some things are different after all.

    Nevertheless, this is better than not installing any security updates.


    http://www.ghacks.net/2014/05/24/get-security-updates-windows-xp-april-2019/
     
  2. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Microsoft warns against registry hack that allows Windows XP updates
    Vlad Dudau
    6 hours ago 37 Comments Hot!

    submit to reddit

    Yesterday news came out that a registry hack would allow Windows XP users to still receive critical security updates, despite the OS being no longer supported. Now Microsoft is publicly warning folks against using this method to update their machines.

    The registry hack would allow XP users to mask the fact their machines were using an unsupported OS. Microsoft’s update servers would register the machines as using Windows Embedded POS Ready 2009, a version supported until 2019. Users would then be able to download certain updates; however it’s not clear which updates would actually work or fix anything as the operating systems differ from one another.

    On this note Microsoft has released a statement to ZDnet warning users to not use this hack. The company says this will likely do more harm than good.

    The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.

    It’s pretty obvious why Microsoft released this statement. After all, it’s not like they’d urge users to go on hacking their machines and misleading the company’s update servers. Then again, they do have a point in that these updates aren’t tested against XP which can create problems, and may not even offer any protection to those systems that employ it.

    Windows XP, which is now well over twelve years old, stopped receiving updates over a month ago, though some institutions are paying Microsoft a lot of money to continue pushing out limited availability updates. For everyone else however, the best course of action would be upgrading to Windows 7 or 8.

    Source: ZDNet via: The Guardian | Image via ZDNet
    www.neowin.net/news/microsoft-warns-against-registry-hack-that-allows-windows-xp-updates
     
  3. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,690
    Likes Received:
    35
    Trophy Points:
    78
    I am happy to see you upgraded this, ireland. This erroneous statement should read: It is better to play 'Russian Roulette' than get a poke in the eye with a sharp stick!

    Hacks don't work for business applications; there is too much riding on having a continually workable system. I have a lot of empathy and sympathy for those IT Directors out there that cannot convince their Corporate Overseers to upgrade to win7. I personally fought with Corporate for 2 years and could not get them to upgrade. I was finally able to convince them to allow me to install ‘Faronics Deepfreeze’ which has had Zero problems since installation.

    For those that are running a home computer without a server and wish to play, then backup everything and apply this Hack to see if it will keep you going on XP. But, don’t be surprised if it folds on you..

    XP is dead, let it (R)est (I)n (P)eace [​IMG]
     
  4. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    Unofficial XP update has Microsoft up in arms
    Microsoft isn't amused by new hack that tricks Microsoft Update into applying XP security patches


    Windows XP users are discovering that their now-unsupported operating system can receive updates from Microsoft by making a few simple changes to the Registry -- albeit updates intended for different versions of Windows.

    Predictably enough, Microsoft isn't thrilled and is warning people away from the hack, even as some sources say it allows users to continue obtaining free security updates for Windows XP.

    The hack in question, as reported by Larry Seltzer at ZDNet, involves altering Windows XP's Registry to make it appear to Windows Update as if it were a copy of Windows Embedded POSReady 2009 (WEPOS). The latter is described by Microsoft as an OS that "combines the power and familiarity of Windows XP Professional with a smaller footprint and specific features for point of service (POS) computers."

    In other words, it bears enough under-the-hood similarities to Windows XP to nab its updates -- at least in theory.

    Jerome Segura, senior security researcher for Malwarebytes (makers of a security suite that continues to protect Windows XP), noted that one of the big draws for such a hack is its simplicity. "It only takes adding one registry key, and all of a sudden, Windows updates thinks you are running an XP subversion." But he noted, "Users that apply the hack will see patches that are not going to be released for the XP mainstream version, such as an important security update for IE8."

    Segura believes if Microsoft doesn't explicitly block this work-around, "we may also run into a parallel and unofficial stream of fixes for XP, developed by enthusiasts, much like in the mobile space with, for example, jailbroken iPhones running Cydia."

    When trying out the hack, Segura was able to obtain a security update for the Microsoft .Net Framework 2.0 SP2 (KB2932079), which could in theory be applied by hand to an XP system. But two others were OS-level updates specifically written for WEPOS, including a fix for IE8 running on that platform.

    When ZDNet ran news of the hack and confirmed that it worked, Microsoft contacted ZDNet and issued the following statement:

    The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP. The best way for Windows XP customers to protect their systems is to upgrade to a more modern operating system, like Windows 7 or Windows 8.1.

    Microsoft's been pounding the upgrade-from-XP drum for some time now, but to little effect. NetMarketShare reports that as of May 2014, 26 percent of desktop users are still on Windows XP, with XP having lost only single percentage points of market share over the last three months. By that measure, it'll take at least two years for the existing base of XP users to phase out completely. In the meantime, XP users are as likely to keep engineering their own work-arounds as they are to turn to third parties for protection or aid.

    This article, "Unofficial XP update has Microsoft up in arms," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.
    Tags: Microsoft Windows, Patch Management, Windows Security, Windows XP


    http://www.infoworld.com/t/microsof...arms-243183?source=rss_infoworld_top_stories_
     
    Last edited: May 28, 2014
  5. ireland

    ireland Active member

    Joined:
    Nov 28, 2002
    Messages:
    3,720
    Likes Received:
    13
    Trophy Points:
    68
    update-enabling Windows XP registry hack is great news for XP die-hards
    Though Microsoft warns that fixes intended for embedded systems could break things.

    Although Microsoft has officially stopped providing free security patches for Windows XP, millions of people haven't got the message and are still running the ancient operating system. As a result of this, there's widespread interest in figuring out ways to get patches, and last week, a registry change started circulating that appeared to reinstate Windows XP's security updates.

    In spite of the end of public support, Microsoft is still developing security updates for Windows XP. There are two main demographics that benefit from these fixes. The first are the governments and large corporations that are paying Microsoft large sums of money to gain continued access to hotfixes.

    The second are users of Microsoft's various embedded versions of Windows XP. These versions of the operating system are designed for things like ATMs and industrial machinery. The core parts of these operating systems are identical to those from regular, non-embedded Windows XP, and as such, patches that apply to these operating systems will tend to also work on regular Windows.

    The registry change works by adding a couple of entries that would normally only be found on one of these embedded versions of Windows XP, specifically Windows Embedded POSReady 2009. POSReady is designed for point-of-service systems such as ATMs, cash registers, and self-service checkouts, but it can do much more than just run POS software; it contains most parts of Windows XP Service Pack 3, and as such, it can serve as a source of Windows XP Service Pack 3-compatible software fixes.

    Windows Update sees the registry entries created by the hack and determines that the modified systems are eligible for the POSReady 2009 patches.

    Another somewhat more complicated hack reinstates patches on 64-bit Windows XP. 64-bit Windows XP is, more or less, a rebranded version of Windows Server 2003, and Windows Server 2003 remains supported until July 14, 2015. Normally, the updates for Windows Server 2003 block installation on 64-bit Windows XP; the hack involves changing the update temporarily, so that the version check is removed, then quickly reverting the modification, so that the update's own integrity check isn't defeated.

    This process is more onerous, and each patch must be downloaded and modified individually.

    Microsoft, needless to say, is discouraging users from using these techniques, saying that "The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP."

    With POSReady 2009 being built on top of Windows XP Service Pack 3, the lack of testing is unlikely to be a concern to many. A machine with these registry changes is probably going to be more secure than one without, as it should receive at least some security updates that it otherwise wouldn't.

    POSReady 2009 incorporates most parts of Windows XP, so we'd tend to expect most future Windows XP updates to become available this way. For example, the hotfix KB2953522, for Internet Explorer 6 through 11, released on this month's Patch Tuesday, isn't available for Windows XP (though it is available for Windows Server 2003 and newer). Switch to POSReady 2009 and the update becomes available.

    While POSReady 2009 does include almost all parts of Windows XP, there are portions that may be missing or optional. As a trivial example, POSReady doesn't include either Solitaire or Minesweeper. These components may contain security flaws, and their absence from POSReady means that they're unlikely to receive patches even when using this registry trick.

    Longer term, we'd expect other limitations of this technique to become apparent. Although POSReady 2009 is supported until 2019, other versions of XP Embedded have shorter lifetimes. For example, POSReady's predecessor, Windows Embedded for Point of Service, is only supported until April 2016. This may be significant because POSReady 2009 comes with, for example, Internet Explorer 7 and Windows Media Player 11 baked in. As such, we wouldn't expect that systems pretending to be POSReady 2009 will receive Internet Explorer 6 updates after 2016. That won't be a problem for the immediate future, but it might be problematic for anyone who thinks that this trick will give them another five years of Windows XP updates.

    Moreover, if this technique spreads and continues to draw Microsoft's disapproval, the company could almost certainly make the version checking more stringent, such that it can't be faked out with a mere registry entry.

    We wouldn't recommend running Windows XP in this day and age. Quite aside from the patch issue, it lacks the kind of systemic exploit mitigations found in modern operating systems, meaning it's never going to be as robust and solid as its more modern alternatives.

    But if you must run Windows XP for some kind of compatibility reason, this registry hack seems like the best way to run it. There's little point worrying about using an unsupported configuration when the entire operating system is unsupported, and even if the patches really haven't been tested on Windows XP proper, the fact that they've been tested on the Windows XP-based POSReady 2009 should preclude any serious incompatibilities.

    And even if the patches don't work, what's the worst that can happen? Nothing a bad patch will do is any worse than what malware will do.


    arstechnica.com/information-technology/2014/05/update-enabling-windows-xp-registry-hack-is-great-news-for-xp-die-hards/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29


    I INSTALLED THE PATCH ON MY XP AND INSTALLED THE WIN-UPDATES
    XP-SYSTEM WORKS GREAT
     

Share This Page