An XP registry hack was posted here to extend the updates on XP ,
The hack modified the registry to list the product version as XP embedded.


I tried it on my old XP machine which I don't use anymore and the first
time I tried to update XP the hack worked.

Now a week or so later I checked to see if more updates were available
and I got the "non genuine Windows" notification.


So to all those out there....DO NOT USE THE HACK!


I was able to get rid of the message by deleting the WGA keys but still
no updates are available so the hack is useless.


BTW: The modified keys are undeletable and System Restore will not work
so I will need to use a remote registry editor to get rid of those
unwanted keys.


For me this is not a big deal as I'm a computer experimenter and look at
this as fun...however most of you out there are not going to like this.

On Friday, May 30, 2014 7:45:21 AM UTC-5, philo* wrote:
An XP registry hack was posted here to extend the updates on XP ,

The hack modified the registry to list the product version as XP embedded..





I tried it on my old XP machine which I don't use anymore and the first

time I tried to update XP the hack worked.



Now a week or so later I checked to see if more updates were available

and I got the "non genuine Windows" notification.

I'm experimenting also...I chose only to update XP and not Windows embedded.. I will see how it goes...thnx!

On 05/30/2014 08:03 AM, BenDarrenBach wrote:
On Friday, May 30, 2014 7:45:21 AM UTC-5, philo wrote:
An XP registry hack was posted here to extend the updates on XP ,

The hack modified the registry to list the product version as XP embedded.





I tried it on my old XP machine which I don't use anymore and the first

time I tried to update XP the hack worked.



Now a week or so later I checked to see if more updates were available

and I got the "non genuine Windows" notification.

I'm experimenting also...I chose only to update XP and not Windows embedded. I will see how it goes...thnx!




Good for experimenters only

philo wrote:

An XP registry hack was posted here to extend the updates on XP ,
The hack modified the registry to list the product version as XP
embedded.

The hack does not cause XP itself to think it is POS2009. If you apply
the hack and right-click on My Computer and select properties, the
system will still report the OS as Window XP, SP3. Not POS2009.

The hack makes the WindowsUpdate mechanism think your system is
POS2009. Everything else on the system, all other software, and even
the OS itself, does not look at those registry entries.

I tried it on my old XP machine which I don't use anymore and the
first time I tried to update XP the hack worked.

Now a week or so later I checked to see if more updates were
available and I got the "non genuine Windows" notification.

Was version of XP does that "old machine" have?

Is it SP2 or SP3?

Was any hardware changed on it such that it failed the hardware hash?
Did you, say, remove, replace or simply unplug the CD rom drive? Did
you change or clone a hard drive or video card, or add or remove or
otherwise change the amount of installed RAM? Did you change the
ethernet card (or disable the on-board ethernet adapter?).

Did you change or update any hardware drivers? It is a known fact that
updating some drivers, especially video-card drivers, will change the
hardware hash reported to the validation routine. If too many hardware
items come back with different hashes, then Windows will automaticially
put itself into a "non-validated" state and will remain there for (I
think) about a month before other things start to happen. The remedy is
to let the validation routine do an on-line check with Microsoft, where
it will re-validate itself.

There is a program called "xpinfo.exe" which will tell you which
hardware items are passing and failing the validation hash. If the
system does not have 5 positive "hash votes" (out of something like 10
or 13 possible votes) then then your XP installation will consider
itself to be "non-genuine" until you allow it to perform an on-line
validation check.

Also note that bios updates of the motherboard and other hardware
devices like CD-rom firmware will also likely cause a loss of a positive
hardware-hash vote.

So to all those out there....DO NOT USE THE HACK!

There are ABSOLUTELY NO OTHER REPORTS of other systems experiencing WGA
failures because of using the POS2009 hack.

What also could have happened is that when you were performing the
WindowsUpdate check, you chose "Automatic" instead of "Custom", and by
choosing automatic you did not pick and choose which updates were being
downloaded, and you downloaded one of those WGA validation checks and
your system failed the check (which happens many times, even on legit
systems).

I always tell people who manually update XP to never download the WGA
"Genuine Validation" update, and to de-select it from the update list so
the system will never download it even when they switch to automatic
instead of custom update.

On Friday, May 30, 2014 8:45:21 AM UTC-4, philo* wrote:
An XP registry hack was posted here to extend the updates on XP ,

The hack modified the registry to list the product version as XP embedded..





I tried it on my old XP machine which I don't use anymore and the first

time I tried to update XP the hack worked.



Now a week or so later I checked to see if more updates were available

and I got the "non genuine Windows" notification.





So to all those out there....DO NOT USE THE HACK!





I was able to get rid of the message by deleting the WGA keys but still

no updates are available so the hack is useless.





BTW: The modified keys are undeletable and System Restore will not work

so I will need to use a remote registry editor to get rid of those

unwanted keys.





For me this is not a big deal as I'm a computer experimenter and look at

this as fun...however most of you out there are not going to like this.

Ahh, I live for moments like this, ie to see Homelessguy exposed
as the village idiot. And it didn't take long. I would have thought
it could be some future update, 6 months or a year from now that would
probably screw it, but it only took less than a week!

With a hack like that, you've created a time bomb. You don't know when
and if the next update is going to screw the whole thing. And as others
have pointed out, not sure that there was ever much upside. Most of the
security holes have been shaken out of XP long ago. And many of those
were related to Internet Explorer. You can't run the last two versions
on XP anyway and I doubt MSFT is going to issue IE updates in the future
for an EOL IE through updates for their embedded products.

On 05/30/2014 09:58 AM, trader_4 wrote:


Ahh, I live for moments like this, ie to see Homelessguy exposed
as the village idiot. And it didn't take long. I would have thought
it could be some future update, 6 months or a year from now that would
probably screw it, but it only took less than a week!

With a hack like that, you've created a time bomb. You don't know when
and if the next update is going to screw the whole thing. And as others
have pointed out, not sure that there was ever much upside. Most of the
security holes have been shaken out of XP long ago. And many of those
were related to Internet Explorer. You can't run the last two versions
on XP anyway and I doubt MSFT is going to issue IE updates in the future
for an EOL IE through updates for their embedded products.



In all fairness, the version of Windows I had may not have been
genuine...and I am sure many out there are in the same boat...
but at any rate I wanted to issue the caution.


That said...to those using XP I don't know if Windows updates do all
that much anyway as far as offering protection.


More importantly is

1) Common sense

2) Keeping AV and malware checkers updated and schedule scans

3) Using a browser other than IE such as Firefox or Chrome
and keeping the browsers updated

philo wrote:
On 05/30/2014 09:58 AM, trader_4 wrote:


Ahh, I live for moments like this, ie to see Homelessguy
exposed
as the village idiot. And it didn't take long. I would
have thought
it could be some future update, 6 months or a year from
now that
would probably screw it, but it only took less than a
week!

With a hack like that, you've created a time bomb. You
don't know
when and if the next update is going to screw the whole
thing. And
as others have pointed out, not sure that there was ever
much
upside. Most of the security holes have been shaken out
of XP long
ago. And many of those were related to Internet
Explorer. You
can't run the last two versions on XP anyway and I doubt
MSFT is
going to issue IE updates in the future for an EOL IE
through
updates for their embedded products.


In all fairness, the version of Windows I had may not have
been
genuine...and I am sure many out there are in the same
boat...
but at any rate I wanted to issue the caution.


That said...to those using XP I don't know if Windows
updates do all
that much anyway as far as offering protection.


More importantly is

1) Common sense

Common sense would tell you not to trust anything that a
troll posts, especially a registry hack.
I can't believe how many actually trusted this idiot



2) Keeping AV and malware checkers updated and schedule
scans

3) Using a browser other than IE such as Firefox or Chrome
and keeping the browsers updated

On Friday, May 30, 2014 11:39:02 AM UTC-5, ChairMan wrote:

Common sense would tell you not to trust anything that a

troll posts, especially a registry hack.

I can't believe how many actually trusted this idiot

It can be found in other places...we don't have to trust HomeBoy!

http://forums.mydigitallife.info/thr...ates-till-2019

On Fri, 30 May 2014 07:45:21 -0500, philo* wrote
in

For me this is not a big deal as I'm a computer experimenter and look at
this as fun...however most of you out there are not going to like this.

Thank you very much for the follow-up reporting.
--
Web based forums are like subscribing to 10 different newspapers
and having to visit 10 different news stands to pickup each one.
Email list-server groups and USENET are like having all of those
newspapers delivered to your door every morning.

On 05/30/2014 01:38 PM, CRNG wrote:
On Fri, 30 May 2014 07:45:21 -0500, philo wrote
in

For me this is not a big deal as I'm a computer experimenter and look at
this as fun...however most of you out there are not going to like this.

Thank you very much for the follow-up reporting.




Sure thing.

On 5/30/2014 10:58 AM, trader_4 wrote:
On Friday, May 30, 2014 8:45:21 AM UTC-4, philo wrote:
An XP registry hack was posted here to extend the updates on XP ,

The hack modified the registry to list the product version as XP embedded.





I tried it on my old XP machine which I don't use anymore and the first

time I tried to update XP the hack worked.



Now a week or so later I checked to see if more updates were available

and I got the "non genuine Windows" notification.





So to all those out there....DO NOT USE THE HACK!





I was able to get rid of the message by deleting the WGA keys but still

no updates are available so the hack is useless.





BTW: The modified keys are undeletable and System Restore will not work

so I will need to use a remote registry editor to get rid of those

unwanted keys.





For me this is not a big deal as I'm a computer experimenter and look at

this as fun...however most of you out there are not going to like this.

Ahh, I live for moments like this, ie to see Homelessguy exposed
as the village idiot. And it didn't take long. I would have thought
it could be some future update, 6 months or a year from now that would
probably screw it, but it only took less than a week!

With a hack like that, you've created a time bomb. You don't know when
and if the next update is going to screw the whole thing. And as others
have pointed out, not sure that there was ever much upside. Most of the
security holes have been shaken out of XP long ago. And many of those
were related to Internet Explorer. You can't run the last two versions
on XP anyway and I doubt MSFT is going to issue IE updates in the future
for an EOL IE through updates for their embedded products.


The latest version of IE is 11. IE 8 is the last version that would run
under Win XP. Just sayin'.

trader_4 wrote:

Ahh, I live for moments like this, ie to see Homelessguy exposed
as the village idiot. And it didn't take long. I would have
thought it could be some future update, 6 months or a year from
now that would probably screw it, but it only took less than a week!

Take your foot out of your mouth and look for more evidence that philo
was correct. Here's a news flash: He wasn't.

An XP validation failure after using this hack has not been reported
anywhere where these registry keys were first discovered and tested.

With a hack like that, you've created a time bomb.

Anyone using this registry trick should turn off automatic updates and
perform manual updating - if only to avoid downloading the only thing
that Macro$haft could use to torpedo this XP update scheme: WGA updates
(Windoze Genuine disAdvantage). Something for which has yet to happen.

You don't know when and if the next update is going to screw the
whole thing.

Micro$haft would never do anything in terms of messing with this update
scheme to trip up XP systems if it means anything more than a zero
percent chance of also screwing up any of the POS2009 systems out
there. It's far too important to all stakeholders that Meekro$oft not
try to be clever and screw with XP users if there is any chance of also
messing up any of the systems running POS2009.

and I doubt MSFT is going to issue IE updates in the future
for an EOL IE through updates for their embedded products.

And now it's time to take your other foot out of your mouth, because of
the three updates that are available for XP systems using this registry
hack:

KB2926765 / MS14-027
Vulnerability in Windows Shell Handler Could Allow Privilege Elevation

KB2931365 / MS14-026
Vulnerability in .NET Framework Could Allow Elevation of Privilege

KB2953522 / MS14-029
Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11


It's as clear as day that one of them is for not just IE8, but IE 6 and
7 as well, which completely trashes your belief that MS isn't / wasn't
going to be updating and patching those versions of IE.

There will certainly be more XP, IE and .net vulnerabilities to be
discovered and your claim that XP users are better off to NOT try this
way to update their systems will leave no doubt in anyone's mind that
you are the real village idiot here.

On Friday, May 30, 2014 10:06:56 PM UTC-4, o m e H o m e G u y wrote:
trader_4 wrote:



Ahh, I live for moments like this, ie to see Homelessguy exposed

as the village idiot. And it didn't take long. I would have

thought it could be some future update, 6 months or a year from

now that would probably screw it, but it only took less than a week!



Take your foot out of your mouth and look for more evidence that philo

was correct. Here's a news flash: He wasn't.



An XP validation failure after using this hack has not been reported

anywhere where these registry keys were first discovered and tested.



With a hack like that, you've created a time bomb.



Anyone using this registry trick should turn off automatic updates and

perform manual updating -

Now the instructions are changing.....




if only to avoid downloading the only thing

that Macro$haft could use to torpedo this XP update scheme: WGA updates

(Windoze Genuine disAdvantage). Something for which has yet to happen.



You don't know when and if the next update is going to screw the

whole thing.



Micro$haft would never do anything in terms of messing with this update

scheme to trip up XP systems if it means anything more than a zero

percent chance of also screwing up any of the POS2009 systems out

there. It's far too important to all stakeholders that Meekro$oft not

try to be clever and screw with XP users if there is any chance of also

messing up any of the systems running POS2009.



MSFT has no obligation to the handful of people like you
who for some bizarre reason, think that it's a good idea to
apply future updates for embedded XP to XP Home, Pro etc. MSFT has
stated that support for XP is over, that they will not issue future
updates. Any future updates are for embedded XP and are only
tested and verified to work with it. MSFT can't stop people from
doing foolish things. If your system gets "messed up", it's *your*
doing, not MSFTs. And I'm sure MSFT won't care about the .00000001%
of their customers in that group with you. It's like taking some
electronic system component
for a Ford Mustang and shoving it in Taurus, because you *think* it's
compatible, then expecting Ford to protect you from your own dumb
actions so that it can't damage your car. "Why Ford would never
screw around with the Taurus's out there..... Surely this Mustang
electronic part will work...." Good grief.




and I doubt MSFT is going to issue IE updates in the future

for an EOL IE through updates for their embedded products.



And now it's time to take your other foot out of your mouth, because of

the three updates that are available for XP systems using this registry

hack:



KB2926765 / MS14-027

Vulnerability in Windows Shell Handler Could Allow Privilege Elevation



KB2931365 / MS14-026

Vulnerability in .NET Framework Could Allow Elevation of Privilege



KB2953522 / MS14-029

Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11





It's as clear as day that one of them is for not just IE8, but IE 6 and

7 as well, which completely trashes your belief that MS isn't / wasn't

going to be updating and patching those versions of IE.



As others have pointed out to you as well, if you're running IE6, 7 etc,
you have bigger problems than security updates, a lot of websites will
no longer even work with it. And curiously, I don't
see XP Embedded on the list of systems those updates apply to either,
why is that?





There will certainly be more XP, IE and .net vulnerabilities to be

discovered and your claim that XP users are better off to NOT try this

way to update their systems will leave no doubt in anyone's mind that

you are the real village idiot here.

They can do whatever they like. So far, one person here has tried
it and reported what happened. People can reach their own conclusions.
As far as being the village idiot, you've demonstrated to just about
everyone's satisfaction with your loon OT posts, that you're a deranged
troll, totally lacking in reasoned judgement.

Instincts may tell you not to trust HB...but logic says otherwise. Many ppl with businesses use their PC for everything: surfing; bookkeeping; payroll and such...
M$ agreed to continue updating Windows embedded AND Windows XP for those folks (and I believe XP in China).
I'm also "testing" the installation...and so far, so good!

On Saturday, May 31, 2014 10:04:53 AM UTC-4, BenDarrenBach wrote:
Instincts may tell you not to trust HB...but logic says otherwise. Many ppl with businesses use their PC for everything: surfing; bookkeeping; payroll and such...

M$ agreed to continue updating Windows embedded AND Windows XP for those folks (and I believe XP in China).


That's a new claim and I believe it is false. The only thing I've seen is
that MSFT is continuing to update the "Embedded" version of XP which is
a specific product with a very different and specific installed base.
It is where Embedded XP has been integrated and used as part of
a specific dedicated product, eg cash register, ATM, etc. It's not the typical business computer running XP and being used for surfing, payroll, etc.

http://www.microsoft.com/en-us/windo...f-support.aspx

Note that it includes EOL for enterprise, small, medium businesses as well
as home users.

On Saturday, May 31, 2014 9:40:25 AM UTC-5, trader_4 wrote:

That's a new claim and I believe it is false. The only thing I've seen is

that MSFT is continuing to update the "Embedded" version of XP which is

a specific product with a very different and specific installed base.

http://www.extremetech.com/computing...ars-of-updates

Also Windows Update is specific as to "Update for Windows XP" and "Windows embedded".

The Village Idiot and Google-Groper trader_4 wrote:

MSFT has no obligation to the handful of people like you
who for some bizarre reason, think that it's a good idea to
apply future updates for embedded XP to XP Home, Pro etc.

The point I made went completely over your head.

Of course Micro$hit has no obligation to XP users.

The point was that MS is playing with fire if they try to screw with
their WindozeUpdate mechanism to try to trip-up XP systems using this
hack if there is any chance that it will also screw up some of the
POS2009 systems.

MSFT has stated that support for XP is over,

Why are you repeating old news?

And why do you fail to understand that POS2009 is simple XP-SP3 with a
different license agreement?

screw around with the Taurus's out there..... Surely this Mustang
electronic part will work...." Good grief.

Again you are showing that you are totally clueless when it comes to the
internal architecture of the similarities and differences in the
architecture within the NT-based Windows product family.

The MS marketing department has accomplished it's mission with you -
which is to create artificial differences in the same product by using
marketing and product-naming tricks and have you believe that "under the
hood" they are vastly different products.

And now it's time to take your other foot out of your mouth, because
of the three updates that are available for XP systems using this
registry hack:

KB2953522 / MS14-029
Security update for Internet Explorer versions 6, 7, 8, 9, 10,
and 11

It's as clear as day that one of them is for not just IE8, but
IE 6 and 7 as well, which completely trashes your belief that
MS isn't / wasn't going to be updating and patching those
versions of IE.

As others have pointed out to you as well, if you're running IE6,
7 etc, you have bigger problems than security updates, a lot of
websites will no longer even work with it.

That statement is a diversionary tactic by you. We were not discusing
the relative merits of the different versions if IE in terms of
web-compatibility.

So by trying to divert the discussion on that point, you admit that you
were wrong in claiming that MS was or would no longer be
updating/patching those old versions of IE.

And curiously, I don't see XP Embedded on the list of systems those
updates apply to either, why is that?

Maybe because you haven't looked he

http://support.microsoft.com/kb/894199

=======================
MS14-029: Security Update for Internet Explorer (KB2953522)

Locale: All

Deployment: Windows Update, Microsoft Update, Important/Automatic
Updates, WSUS, and Catalog
Classification: Security Updates

Security severity rating:

* Critical: Windows 8.1, Windows RT 8.1, Windows 8, Windows RT,
Windows Embedded Standard 7, Windows 7, Windows Vista, and
Windows XP Embedded

* Moderate: Windows Server 2012 R2, Windows Server 2012, Windows Server
2008 R2, Windows Server 2008, and Windows Server 2003

Supersedes:

* MS14-021 (KB2964358) on Windows 8.1, Windows RT 8.1, Windows Server
2012 R2, Windows 8, Windows RT, Windows Server 2012, Windows Embedded
Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008,
Windows Vista, Windows Server 2003, and Windows XP Embedded

Target platforms:

Windows 8.1, Windows RT* 8.1, Windows Server 2012 R2, Windows 8, Windows
RT*, Windows Server 2012, Windows Embedded Standard 7, Windows 7,
Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows
Server 2003, and Windows XP Embedded

Approximate file sizes:

* Internet Explorer 11 for Windows 8.1 update: ~ 15362KB
* Internet Explorer 11 for Windows 8.1/Windows Server 2012 R2 x64
update:
* Internet Explorer 11 for Windows RT 8.1 update: ~ 15592KB
* Internet Explorer 10 for Windows 8/Windows Server 2012 x64 update:
* Internet Explorer 10 for Windows 8 update: ~ 17367KB
* Internet Explorer 10 for Windows RT update: ~ 14407KB
* Internet Explorer 9 for Windows Embedded Standard 7/Windows 7/
Windows Server 2008 R2 x64 update: ~ 28926KB
* Internet Explorer Windows Embedded Standard 7/Windows 7/
Windows Server 2008 R2 for x64-based Systems update: ~ 38863KB
* Internet Explorer 10 for Windows Embedded Standard 7/Windows 7/
Windows Server 2008 R2 Service Pack 1 for x64-based Systems update:
* Internet Explorer 10 for Windows Embedded Standard 7/
Windows 7 Service Pack 1 update: ~ 20090KB
* Internet Explorer 8 for Windows Embedded Standard 7/Windows 7 update:
* Internet Explorer 9 for Windows Embedded Standard 7/Windows 7 update:
* Internet Explorer 11 for Windows Embedded Standard 7/Windows 7 update:
* Internet Explorer 8 for Windows Embedded Standard 7/Windows 7/
Windows Server 2008 R2 x64 update: ~ 17532KB
* Internet Explorer 8 for Windows Server 2008 R2 IA-64 update:
* Internet Explorer 7 for Windows Server 2008 IA-64 update:
* Internet Explorer 9 for Windows Server 2008/Windows Vista update:
* Internet Explorer 9 for Windows Server 2008/Windows Vista x64 update:
* Internet Explorer 8 for Windows Server 2008/Windows Vista update:
* Internet Explorer 7 for Windows Server 2008/Windows Vista x64 update:
* Internet Explorer 7 for Windows Server 2008/Windows Vista update:
* Internet Explorer 6 for Windows Server 2003 update:
* Internet Explorer 8 for Windows Server 2003 update:
* Internet Explorer 6 for Windows Server 2003 IA-64 update:
* Internet Explorer 6 for Windows Server 2003 x64 update:
* Internet Explorer 8 for WEPOS and POSReady 2009 update:
* Internet Explorer 6 for WEPOS and POSReady 2009 update:
* Internet Explorer 7 for WEPOS and POSReady 2009 update:

Description:

A security issue has been identified in a Microsoft software product
that could affect your system. You can help protect your system by
installing this update from Microsoft. For a complete listing of the
issues that are included in this update, see the associated Microsoft
Knowledge Base article. After you install this update, you may have to
restart your system.

http://support.microsoft.com/kb/2953522
================

Oh look - what is that?

Do I read IE6, 7 *and* 8 for POSready 2009?

Oh look - what does it say under "Target Platforms" ? Does it say
"Windows XP Embedded" ?

That's called a slam. That's how I slam you with the facts.

How does it feel?

Everyone has just seen me slam you.

They can do whatever they like. So far, one person here has tried
it and reported what happened.

And has express doubts himself about what his exact experience was.

As far as being the village idiot,

Yes, you have again proven to be just that - the village idiot.

Want to try again to debunk and inject FUD into the applicability of
these POS2009 updates to any generic Windows XP system?

| Instincts may tell you not to trust HB...but logic says otherwise.

It's not a matter of trust, faith, or logic. XP is no longer
supported. XPE is not the same thing. Microsoft has no
reason to make sure XPE patches are compatible with XP.
They do, on the other hand, have motivation to create
a situation of, "Woops! Well we did tell you not to use
the XPE patches."
Support and no support is a big difference. With support
they promise not to break compatibility. With no support
there's no promise of any kind. If they release an XPE
patch incompatible with XP and it destroys your install,
that's your problem.


| Many ppl with businesses use their PC for everything: surfing;
bookkeeping; payroll and such...
| M$ agreed to continue updating Windows embedded AND Windows XP for those
folks

They didn't "agree" to. They're selling support contracts,
starting at $250,000/year, at about $200/year per PC.
So yes, they're still making patches for XP. But those are
not the patches you're downloading with this hack. The fact
that there are people paying for support is all the more
reason for MS to break XP with XPE patches.

And as has been mentioned already in this thread:
What's the value in taking the risk? You shouldn't be
allowing IE online in the first place. How many other
patches are likely to be relevant? Just about any
vulnerability is likely to be coming through IE. A few
may also come through MS Office, which is a good
reason not to use that. But if you're not using MS
software online there's little to worry about. (I haven't
got an MS patch since SP3 and I'm not worried.)

*This month's patches are not even relevant.*

This month's patches are a good example, as
HomeGuy lists them. One is for IE. (Again, no one should
be using IE online. All the more so if you're running
Vista or earlier, because MS doesn't even have a
version of IE for those systems anymore. IE is not a
browser in the normal sense. It's best viewed as a
Windows component that is vulnerable if connected
online.)

The other 2 patches are for privilege elevation.
For the vast majority of people using XP there's no
such thing as privilege elevation. They're already running
without restrictions! So those patches are meaningless.

One patch deals with .Net remoting. There's
no reason to even install .Net if it's not needed by some
program. There's certainly no reason to let it run remotely.
That's as risky as installing Java and letting it run through
your browser. Even if you've done all that, all that's at risk
is privilege elevation, which is almost certainly meaningless
on your PC.

The other patch is for a bug that allows
someone who has already logged on locally to go from
lackey mode (common user restrictions) to Admin mode
by running particular code. All of the code that's running
on your XP machine right now is almost certainly in Admin
mode. Nobody runs XP in lackey mode. In fact, in many
cases there are no restrictions possible. My XP is installed
to FAT32 file system, as many copies of XP were. Only
an NTFS file system allows for user restrictions. IF you
have XP installed on NTFS, and IF you have kids who you've
set up with a restricted user account, then they *could*
bypass those restrictions if they can figure out how to
run the hack. Is that worth risking your system for?

On Saturday, May 31, 2014 10:04:30 AM UTC-5, Mayayana wrote:
| Instincts may tell you not to trust HB...but logic says otherwise.



It's not a matter of trust, faith, or logic. XP is no longer

supported. XPE is not the same thing. Microsoft has no

reason to make sure XPE patches are compatible with XP.

They do, on the other hand, have motivation to create

a situation of, "Woops! Well we did tell you not to use

the XPE patches."

Support and no support is a big difference. With support

they promise not to break compatibility. With no support

there's no promise of any kind. If they release an XPE

patch incompatible with XP and it destroys your install,

that's your problem.





| Many ppl with businesses use their PC for everything: surfing;

bookkeeping; payroll and such...

| M$ agreed to continue updating Windows embedded AND Windows XP for those

folks



They didn't "agree" to. They're selling support contracts,

starting at $250,000/year, at about $200/year per PC.

So yes, they're still making patches for XP. But those are

not the patches you're downloading with this hack. The fact

that there are people paying for support is all the more

reason for MS to break XP with XPE patches.



And as has been mentioned already in this thread:

What's the value in taking the risk? You shouldn't be

allowing IE online in the first place. How many other

patches are likely to be relevant? Just about any

vulnerability is likely to be coming through IE. A few

may also come through MS Office, which is a good

reason not to use that. But if you're not using MS

software online there's little to worry about. (I haven't

got an MS patch since SP3 and I'm not worried.)



*This month's patches are not even relevant.*



This month's patches are a good example, as

HomeGuy lists them. One is for IE. (Again, no one should

be using IE online. All the more so if you're running

Vista or earlier, because MS doesn't even have a

version of IE for those systems anymore. IE is not a

browser in the normal sense. It's best viewed as a

Windows component that is vulnerable if connected

online.)



The other 2 patches are for privilege elevation.

For the vast majority of people using XP there's no

such thing as privilege elevation. They're already running

without restrictions! So those patches are meaningless.



One patch deals with .Net remoting. There's

no reason to even install .Net if it's not needed by some

program. There's certainly no reason to let it run remotely.

That's as risky as installing Java and letting it run through

your browser. Even if you've done all that, all that's at risk

is privilege elevation, which is almost certainly meaningless

on your PC.



The other patch is for a bug that allows

someone who has already logged on locally to go from

lackey mode (common user restrictions) to Admin mode

by running particular code. All of the code that's running

on your XP machine right now is almost certainly in Admin

mode. Nobody runs XP in lackey mode. In fact, in many

cases there are no restrictions possible. My XP is installed

to FAT32 file system, as many copies of XP were. Only

an NTFS file system allows for user restrictions. IF you

have XP installed on NTFS, and IF you have kids who you've

set up with a restricted user account, then they *could*

bypass those restrictions if they can figure out how to

run the hack. Is that worth risking your system for?

Some other rhetoric: http://betanews.com/2014/05/26/how-t...xp-until-2019/

| Some other rhetoric:
http://betanews.com/2014/05/26/how-t...xp-until-2019/

You keep posting more links to the same hack.
Is that the reason you think the hack is a good
idea -- because it's mentioned a lot online?

On Saturday, May 31, 2014 10:35:59 AM UTC-5, Mayayana wrote:
| Some other rhetoric:

http://betanews.com/2014/05/26/how-t...xp-until-2019/



You keep posting more links to the same hack.

Is that the reason you think the hack is a good

idea -- because it's mentioned a lot online?

Possible because it seems to work...so far... And remember I'm not the OP!

On Saturday, May 31, 2014 11:02:16 AM UTC-4, o m e H o m e G u y wrote:
The Village Idiot and Google-Groper trader_4 wrote:



MSFT has no obligation to the handful of people like you

who for some bizarre reason, think that it's a good idea to

apply future updates for embedded XP to XP Home, Pro etc.



The point I made went completely over your head.



Of course Micro$hit has no obligation to XP users.



The point was that MS is playing with fire if they try to screw with

their WindozeUpdate mechanism to try to trip-up XP systems using this

hack if there is any chance that it will also screw up some of the

POS2009 systems.



No, the point went completely over your head. I never
said that MSFT would deliberately screw with anything. They
don't have to. They have clearly stated that they are not
issuing updates for XP for home and business. And they have
specifically warned against using the Embedded XP hack, stating
that they are not testing, validating, what those updates will
or won't do when you install them on a product that they
are not intended for. THAT is the issue. Might they put something
into a future update to make sure it won't install on a system
that you're not legally entitled to install it on and for which
it's not intended? Perhaps. So, yeah add that to your list of
potential problems.




MSFT has stated that support for XP is over,



Why are you repeating old news?



And why do you fail to understand that POS2009 is simple XP-SP3 with a

different license agreement?


Show us where MSFT has said that. And why do you fail to understand
that applying software updates that you have no license for is
illegal?






screw around with the Taurus's out there..... Surely this Mustang

electronic part will work...." Good grief.



Again you are showing that you are totally clueless when it comes to the

internal architecture of the similarities and differences in the

architecture within the NT-based Windows product family.



You're demonstrating that you're making wild assumptions about
what effect an update for one product will have on another
and have no experience in the real world with what it takes to
validate a product. Everyone reading this knows you have no way
of knowing what those updates will or won't do. You don't have
the source code, don't know what specific differences there are
and you haven't validated a damn thing. That's with regard to what's
out right now, let alone what's coming in the next 3 years.



As others have pointed out to you as well, if you're running IE6,

7 etc, you have bigger problems than security updates, a lot of

websites will no longer even work with it.



That statement is a diversionary tactic by you. We were not discusing

the relative merits of the different versions if IE in terms of

web-compatibility.


It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack to
update an OS with Internet Explorer updates for versions of IE that
won't even work anymore. Who is even using IE6? The last 3 versions
of IE won't run on XP period. If you care about browser security on
XP, just install an alternate up to date browser. Good grief.





Do I read IE6, 7 *and* 8 for POSready 2009?



Oh look - what does it say under "Target Platforms" ? Does it say

"Windows XP Embedded" ?



As has been pointed out to you a dozen times now, if you're using
IE6 you have bigger problems than security updates.






Want to try again to debunk and inject FUD into the applicability of

these POS2009 updates to any generic Windows XP system?


Sure, you have no qualifications whatever to determine how future
updates intended for Embedded XP will affect XP Home. Microsoft has
specifically advised against doing it.

You whole position here is like the nutty lady that was arguing
about airplane fires. Her faulty logic was that because a basic
handout about fires doesn't specifically say that inhaling smoke
particulates is harmful and can cause injury, then it means that
inhaling them is merely an "inconvenience".

Your faulty logic is that because Embedded XP has a lot in common
with XP Home, that it's perfectly fine and legal to trick XP Home into
applying future updates intended only for Embedded XP and that
it will work with no possible problems. It's even worse than the
nutty lady, because in this case Microsoft has specifically advised
against it. And somehow you then try to morph that into nothing
bad will happen because MSFT doesn't want to screw with their
customers. Really? The .0000000000001% that would do what you're
proposing, possibly screwing themselves after MSFT told them not to,
and you're sure MSFT is not only going to give a damn, but take
steps to make sure it won't happen?

One user has already tried it and reported what happened. If
others want to use it, that's fine. But I sure wouldn't do it
based on the recommendation of the resident troll who's main
purpose here isn't contributing to the group, but making one stupid
OT post after another. And you want to talk about "divisive"?
Give us a break.

On Saturday, May 31, 2014 10:56:12 AM UTC-4, BenDarrenBach wrote:
On Saturday, May 31, 2014 9:40:25 AM UTC-5, trader_4 wrote:



That's a new claim and I believe it is false. The only thing I've seen is



that MSFT is continuing to update the "Embedded" version of XP which is



a specific product with a very different and specific installed base.



http://www.extremetech.com/computing...ars-of-updates



Also Windows Update is specific as to "Update for Windows XP" and "Windows embedded".

What exactly is your point? You posted:

"Instincts may tell you not to trust HB...but logic says otherwise. Many ppl with businesses use their PC for everything: surfing; bookkeeping; payroll and such...
M$ agreed to continue updating Windows embedded AND Windows XP for those folks (and I believe XP in China)."


The link you just provided is just a link to the hack, which is old
news. What you posted and I replied to was your above claim, that MSFT was continuing to update WIN XP for business PC's. That isn't true. They are
not updating XP for PCs, only for products that contain the Embedded XP
OS. If you buy a PC for your business, it never came with Embedded XP
to begin with. If you bought a cash register system, an ATM, etc
then it might have Embedded XP.

On Saturday, May 31, 2014 10:57:47 AM UTC-5, trader_4 wrote:
Everyone reading this knows you have no way

of knowing what those updates will or won't do.

....or ANY Window update for that matter! ;^)

BenDarrenBach wrote:
On Saturday, May 31, 2014 10:35:59 AM UTC-5, Mayayana
wrote:
Some other rhetoric:

http://betanews.com/2014/05/26/how-t...xp-until-2019/



You keep posting more links to the same hack.

Is that the reason you think the hack is a good

idea -- because it's mentioned a lot online?

Possible because it seems to work...so far... And remember
I'm not
the OP!

from your own cite
In short, you use the updates at your own risk.
But just because these POSReady updates will probably work
with your Windows XP machine doesn't mean you should do it.
Yes, Microsoft has a vested interest in getting you to
upgrade to Windows 7 or 8 - but, to be fair, unless you have
a really important reason for sticking with XP, it really
does make sense to upgrade to Windows 7.

If you do use the hack, don't assume that your XP machine
will be safe from exploits. There's also every chance that,
one day, one of the updates will make your system unbootable

On 05/30/2014 11:02 AM, philo wrote:

[snip]

That said...to those using XP I don't know if Windows updates do all
that much anyway as far as offering protection.


More importantly is

1) Common sense

2) Keeping AV and malware checkers updated and schedule scans

3) Using a browser other than IE such as Firefox or Chrome
and keeping the browsers updated

These are really good things, XP or not.

However, I would put 3 ahead of 2, and make it include your email/news
program (and maybe media player too).

--
Mark Lloyd
http://notstupid.us

"The real oppressor, enslaver, and corrupter of the people is the
Bible." [_Some Mistakes of Moses_, Ingersoll's Works, Vol. 2 p. 43]

On 05/30/2014 06:13 PM, Ron wrote:

[snip]

The latest version of IE is 11. IE 8 is the last version that would run
under Win XP. Just sayin'.

and IE9 is the last version that will run on Win Vista. The current
version of Firefox will run on XP.

--
Mark Lloyd
http://notstupid.us

"The real oppressor, enslaver, and corrupter of the people is the
Bible." [_Some Mistakes of Moses_, Ingersoll's Works, Vol. 2 p. 43]

On 05/31/2014 04:10 PM, Mark Lloyd wrote:
On 05/30/2014 11:02 AM, philo wrote:

[snip]

That said...to those using XP I don't know if Windows updates do all
that much anyway as far as offering protection.


More importantly is

1) Common sense

2) Keeping AV and malware checkers updated and schedule scans

3) Using a browser other than IE such as Firefox or Chrome
and keeping the browsers updated

These are really good things, XP or not.

However, I would put 3 ahead of 2, and make it include your email/news
program (and maybe media player too).


I agree. Anti-virus programs are, IMHO, much over-rated. They're good
at checking for old news, but it's more important to start with a
platform that's not particularly prone to attack (i.e. one other than
Windows).

On 05/31/2014 10:57 AM, trader_4 wrote:

[snip]

It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack to
update an OS with Internet Explorer updates for versions of IE that
won't even work anymore. Who is even using IE6?

When I check the logs for my website, there are usually a few users with
XP/IE6.

I'd use Firefox (the newest version does work on XP).

[snip]

--
Mark Lloyd
http://notstupid.us

"The real oppressor, enslaver, and corrupter of the people is the
Bible." [_Some Mistakes of Moses_, Ingersoll's Works, Vol. 2 p. 43]

On 5/31/2014 5:15 PM, Mark Lloyd wrote:
On 05/30/2014 06:13 PM, Ron wrote:

[snip]

The latest version of IE is 11. IE 8 is the last version that would run
under Win XP. Just sayin'.

and IE9 is the last version that will run on Win Vista.

And?



The current
version of Firefox will run on XP.


So will Chrome, Opera, SeaMonkey, etc. There are also a number of
"lightweight" browsers that will run on XP.

On 5/31/2014 6:12 PM, Mark Lloyd wrote:
On 05/31/2014 10:57 AM, trader_4 wrote:

[snip]

It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack to
update an OS with Internet Explorer updates for versions of IE that
won't even work anymore. Who is even using IE6?

When I check the logs for my website, there are usually a few users with
XP/IE6.

I'd use Firefox (the newest version does work on XP).

[snip]


Chrome is lighter on resources and faster.

Ron wrote:
On 5/31/2014 6:12 PM, Mark Lloyd wrote:
On 05/31/2014 10:57 AM, trader_4 wrote:

[snip]

It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack to
update an OS with Internet Explorer updates for versions of IE that
won't even work anymore. Who is even using IE6?

When I check the logs for my website, there are usually a few users
with XP/IE6.

I'd use Firefox (the newest version does work on XP).

[snip]


Chrome is lighter on resources and faster.

And reports way too much info on your browsing habits to Giggle . Screw that
, I'll stick with Firefox .

--
Snag

On 5/31/2014 10:52 PM, Terry Coombs wrote:
Ron wrote:
On 5/31/2014 6:12 PM, Mark Lloyd wrote:
On 05/31/2014 10:57 AM, trader_4 wrote:

[snip]

It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack to
update an OS with Internet Explorer updates for versions of IE that
won't even work anymore. Who is even using IE6?

When I check the logs for my website, there are usually a few users
with XP/IE6.

I'd use Firefox (the newest version does work on XP).

[snip]


Chrome is lighter on resources and faster.

And reports way too much info on your browsing habits to Giggle . Screw that
, I'll stick with Firefox .


Reports to who? What do you have to hid?

Ron wrote:
On 5/31/2014 10:52 PM, Terry Coombs wrote:
Ron wrote:
On 5/31/2014 6:12 PM, Mark Lloyd wrote:
On 05/31/2014 10:57 AM, trader_4 wrote:

[snip]

It;s been brought up before in the thread you started, by posters
other than me. It's perfectly valid. A huge part of security
vulerability is browser related. Yet you want to present a hack
to update an OS with Internet Explorer updates for versions of IE
that won't even work anymore. Who is even using IE6?

When I check the logs for my website, there are usually a few users
with XP/IE6.

I'd use Firefox (the newest version does work on XP).

[snip]


Chrome is lighter on resources and faster.

And reports way too much info on your browsing habits to Giggle .
Screw that , I'll stick with Firefox .


Reports to who? What do you have to hid?

Reports to GOOGLE , and while I have nothing I particularly need to hide ,
it's nobody's damn business what I do , where I go , and what I look at on
the internet . Didn't you ever wonder how those web pages you visit tailor
those ads just for you ? How did they know you drive a yugo and wear size 48
waist jeans ? It's because they track your browsing habits , web pages , and
for all I know they track your keystrokes .
As I said , I value my privacy and what I do is none of their business . I
go as far as using a program that blocks most of the ads on web pages too .
I also change the channel when commercials come on TV ...
--
Snag

On 06/01/2014 07:56 AM, Terry Coombs wrote:
How did they know you drive a yugo and wear size 48
waist jeans ?

Ahhhhhhh, I get it now. You're ****ed because Google knows your pant size and they are now sending you ads for the Manzierre?

John Greer wrote:
On 06/01/2014 07:56 AM, Terry Coombs wrote:
How did they know you drive a yugo and wear size 48
waist jeans ?

Ahhhhhhh, I get it now. You're ****ed because Google knows your pant
size and they are now sending you ads for the Manzierre?

Oh you're really really funny .

--
Snag

On 05/31/2014 10:47 PM, Ron wrote:

[snip]

Chrome is lighter on resources and faster.

And reports way too much info on your browsing habits to Giggle .
Screw that
, I'll stick with Firefox .


Reports to who? What do you have to hid?

Often "what you have to hide" is irrelevant. It's what they make up and
gets used against you.