|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Reported problem with COM patch KB 4018556 for WinXP Embedded
Posted on Comment on the AskWoody LoungeThis topic contains 20 replies, has 10 voices, and was last updated by
satrow 4 months ago.
-
Just got this message, from Moldova: In our organization, we have many Windows XP desktops, that have been “moved” to Embedded, as to receive security..
UPDATE: Mea culpa! The original version of this post referenced KB 4018556 as a WannaCry patch. It isn’t. It’s a COM patch. I thought I had fixed all the mistaken pieces, but I missed some. Anyway, I think it’s all fixed now. I hope.
PATCHES PULLED: While this patch was originally issued for Windows XP Embedded, POSReady 2009 and Windows Server 2008, it looks like Microsoft has pulled all versions except the one for Server 2008. Thx to Bond, James Bond, and to DougCuk.
[See the full post at: Reported problem with COM patch KB 4018556 for WinXP Embedded]
-
anonymous-
-
-
The patch was offered to all versions of Windows.
http://www.catalog.update.microsoft.com/Search.aspx?q=4012598We are talking about KB4018556 here, not KB4012598, if I am not mistaken. Woody’s post mentioned KB4018556, so does the title.
KB4012598 was offered for XP, as you say. But KB4018556 was only offered for Windows XP Embedded, POSReady 2009 and Windows Server 2008. (And it seems that the version for XP Embedded has been pulled from the Catalog.)
http://www.catalog.update.microsoft.com/Search.aspx?q=kb4018556
This page has download links for the XP Embedded version of KB4018556:
http://www.msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/?page=90Hope for the best. Prepare for the worst.
-
This reply was modified 4 months, 1 week ago by
James Bond 007. Reason: Correction
-
This reply was modified 4 months, 1 week ago by
-
This reply was modified 4 months, 1 week ago by
-
This reply was modified 4 months, 1 week ago by
-
This reply was modified 4 months, 1 week ago by
-
-
-
-
Some title confusion, as 4018556 is referred on this board as both Wannacry and COM. Wannacry is 4012598, this is COM, released in May 2017 set of POSReady hack updates. I have it, but don’t have this error. Could be language-pack related, though, or anything else.
1 user thanked author for this post.
-
There has always been a possibility that using the XP POSReady/Embedded Registry hack might at some point cause a problem – when forcing those updates to install on a desktop version of XP. So far I think things have worked OK – but as suggested things like language pack issues may trip a problem on some systems.
The titled update is as stated above a new security update (Windows COM Elevation of Privilege Vulnerability in Windows Server 2008 – issued May 9, 2017) – and not the original WannaCry SMBv1 patch. There is also a key difference between how the two have been released:
KB4018556 – the new Windows COM Elevation patch
– the catalog only lists this update for Server 2008 (POS version pulled?)
– latest files are dated 14-April-2017KB4012598 – original WannaCry SMBv1 patch
– the catalog lists versions for all Windows variants from XP to Win8
– the XP POSReady version is NOT the same package as the Server 2008 version
– this patch has a digital signature of Feb 11, 2017There is no specific XP POSReady/Embedded version for the new COM update – only the related Server 2008 version which is normally a different larger update package. Obviously installing a patch tested against Server 2008 could potentially have unknown issues when installed on an XP Desktop system – even though the two systems are very similar.
-
This reply was modified 4 months, 1 week ago by
DougCuk. Reason: added new detail
1 user thanked author for this post.
-
This reply was modified 4 months, 1 week ago by
-
-
Very good question.
I think the main reason is inertia. People have something that works, and they’re scared to change it. That, combined with some hardware and software incompatibilities — and lots of situations where people just don’t care — makes XP hard to kill.
1 user thanked author for this post.
-
Is it so complicated for you guys and gals to move on from Windows XP?
What is the compelling reason to stay with XP?Some people actually want a compelling reason NOT to stay with what they know and what works for them.
There are valid, rational reasons for not riding the bleeding edge. There are things in later versions that some people don’t like. Bloating comes to mind (e.g., gigabytes to do what megabytes used to do, in turn what kilobytes used to do).
And not everyone likes the glitzy stuff (e.g., Aero). They may not know – nor be willing to spend the time to learn – the many, many, many geeky tweaks and tricks to get a newer system back into a usability state that’s equal to – or possibly better than – what they’ve already accomplished on their older OS.
I personally have two hardware systems running older OS versions – though none as old as XP. I have one system on Win 8.1 and one on 7 (which, to be fair, I don’t use interactively). Why have I not brought all up to the latest? Because they do just what I need, and the latest (so far) doesn’t do it better.
In the case of Win 8.1, it’s my primary choice for my main workstation because of its stability, and so far Win 10 does nothing in particular better that’s incentivizing me to move. Don’t get me wrong, I’ve been able to tweak a Windows 10 system to be pretty much as useful, and it’s not lost on me that it’s current, but it’s also a moving target, and I really don’t need an OS that’s so mutable. I like it when my OS “just works” for weeks and months and years at a time.
So please don’t be too critical of those who find an older, simpler OS to their liking. They might actually KNOW what the later OSs look like and do and have good reasons for working the way they are right now.
Oh, and please don’t pull out the “the old OS is insecure” argument… XP wouldn’t still have 10% of the world’s users if it were a crumbling nightmare, and last I looked Windows 10 isn’t devoid of exploits. It might even be a bigger target for malware writers than XP now.
-Noel
-
anonymous -
-
anonymousNoel – Ars Techinica has just reported that the WannaCry ransomware hit mostly Win 7 and hardly at all XP !!! See THIS ARS TECHNICA LINK .
Viva XP forever !!!Edit to remove HTML
1 user thanked author for this post.
-
-
-
anonymous -
In a different forum (MSFN), a few folks think this problem with KB 4018556 in XP Embedded (XP continuing to get updates with the POS Ready 2009 hack) might be in the Russian version only (or, who knows, maybe only in the Moldovan version).
On the other hand, MS has pulled it from XP Embedded, so maybe it’s not limited to Russian version only.
Anyway, it’s just a thought. Anyone who finds out for sure, please let us know.
Спасибо, и повеселились в Молдове.
PS – I’ve kept XP updated on one of my machines because: all of my emails are there in Outlook Express going back to 1942, no later version of Windows has OE, and it’s just too danged hard to move all of them to a different email app in Win 7 or later. And updating XP is fun.
Edit Please follow the –Lounge Rules– no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.
Support AskWoody
Shop on Amazon by clicking on our affiliate link.
Buy anything, AskWoody gets a small bounty.
No charge to you, of course.
Perfect gift for frustrated Win-ers
Order
from Amazon