Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Reported problem with COM patch KB 4018556 for WinXP Embedded

    Home Forums AskWoody blog Reported problem with COM patch KB 4018556 for WinXP Embedded

    This topic contains 20 replies, has 10 voices, and was last updated by  satrow 6 months ago.

    • Author
      Posts
    • #116435 Reply

      woody
      Da Boss

      Just got this message, from Moldova: In our organization, we have many Windows XP desktops, that have been “moved” to Embedded, as to receive security..

      UPDATE: Mea culpa! The original version of this post referenced KB 4018556 as a WannaCry patch. It isn’t. It’s a COM patch. I thought I had fixed all the mistaken pieces, but I missed some. Anyway, I think it’s all fixed now. I hope.

      PATCHES PULLED: While this patch was originally issued for Windows XP Embedded, POSReady 2009 and Windows Server 2008, it looks like Microsoft has pulled all versions except the one for Server 2008. Thx to Bond, James Bond, and to DougCuk.

      [See the full post at: Reported problem with COM patch KB 4018556 for WinXP Embedded]

      • This topic was modified 6 months ago by  woody.
      • This topic was modified 6 months ago by  woody.
      • This topic was modified 6 months ago by  woody.
      • This topic was modified 6 months ago by  woody.
      • This topic was modified 6 months ago by  woody.
    • #116472 Reply

      anonymous

      This only affects XP Embbebed, or regular SP3 as well?

    • #116587 Reply

      nospamboz
      AskWoody Lounger

      Some title confusion, as 4018556 is referred on this board as both Wannacry and COM. Wannacry is 4012598, this is COM, released in May 2017 set of POSReady hack updates. I have it, but don’t have this error. Could be language-pack related, though, or anything else.

      1 user thanked author for this post.
    • #116612 Reply

      DougCuk
      AskWoody Lounger

      There has always been a possibility that using the XP POSReady/Embedded Registry hack might at some point cause a problem – when forcing those updates to install on a desktop version of XP. So far I think things have worked OK – but as suggested things like language pack issues may trip a problem on some systems.

      The titled update is as stated above a new security update (Windows COM Elevation of Privilege Vulnerability in Windows Server 2008 – issued May 9, 2017) – and not the original WannaCry SMBv1 patch. There is also a key difference between how the two have been released:

      KB4018556  – the new Windows COM Elevation patch
      – the catalog only lists this update for Server 2008 (POS version pulled?)
      – latest files are dated 14-April-2017

      KB4012598  – original WannaCry SMBv1 patch
      – the catalog lists versions for all Windows variants from XP to Win8
      – the XP POSReady version is NOT the same package as the Server 2008 version
      – this patch has a digital signature of Feb 11, 2017

      There is no specific XP POSReady/Embedded version for the new COM update – only the related Server 2008 version which is normally a different larger update package. Obviously installing a patch tested against Server 2008 could potentially have unknown issues when installed on an XP Desktop system – even though the two systems are very similar.

      • This reply was modified 6 months ago by  DougCuk. Reason: added new detail
      1 user thanked author for this post.
    • #116622 Reply

      ch100
      AskWoody MVP

      Is it so complicated for you guys and gals to move on from Windows XP?
      What is the compelling reason to stay with XP?

      • #116631 Reply

        woody
        Da Boss

        Very good question.

        I think the main reason is inertia. People have something that works, and they’re scared to change it. That, combined with some hardware and software incompatibilities — and lots of situations where people just don’t care — makes XP hard to kill.

        1 user thanked author for this post.
      • #116651 Reply

        Noel Carboni
        AskWoody MVP

        Is it so complicated for you guys and gals to move on from Windows XP?
        What is the compelling reason to stay with XP?

        Some people actually want a compelling reason NOT to stay with what they know and what works for them.

        There are valid, rational reasons for not riding the bleeding edge. There are things in later versions that some people don’t like. Bloating comes to mind (e.g., gigabytes to do what megabytes used to do, in turn what kilobytes used to do).

        And not everyone likes the glitzy stuff (e.g., Aero). They may not know – nor be willing to spend the time to learn – the many, many, many geeky tweaks and tricks to get a newer system back into a usability state that’s equal to – or possibly better than – what they’ve already accomplished on their older OS.

        I personally have two hardware systems running older OS versions – though none as old as XP. I have one system on Win 8.1 and one on 7 (which, to be fair, I don’t use interactively). Why have I not brought all up to the latest? Because they do just what I need, and the latest (so far) doesn’t do it better.

        In the case of Win 8.1, it’s my primary choice for my main workstation because of its stability, and so far Win 10 does nothing in particular better that’s incentivizing me to move. Don’t get me wrong, I’ve been able to tweak a Windows 10 system to be pretty much as useful, and it’s not lost on me that it’s current, but it’s also a moving target, and I really don’t need an OS that’s so mutable. I like it when my OS “just works” for weeks and months and years at a time.

        So please don’t be too critical of those who find an older, simpler OS to their liking. They might actually KNOW what the later OSs look like and do and have good reasons for working the way they are right now.

        Oh, and please don’t pull out the “the old OS is insecure” argument… XP wouldn’t still have 10% of the world’s users if it were a crumbling nightmare, and last I looked Windows 10 isn’t devoid of exploits. It might even be a bigger target for malware writers than XP now.

        -Noel

        4 users thanked author for this post.
        • #116662 Reply

          anonymous

          ? says:

          thank you Mr. Carboni!

          scattered about i have 2 win 98se, 1 win me, 4 or 5 win xp, pro and no, 4 win 7 and

          hum, no 8 or 8.1 or winx.

          i occasionally run them all to keep learning, and to keep my skills viable and because i enjoy toying around with windows. i was on askvg last night learning or relearning lots of forgotten tips and tricks for my own personal computing enjoyment. i know, some people and their kids.

          i do appreciate you and your insight and attitude.

          ps the winx pushers pushed me into linux and i have on live usb, 2 ubuntu 14,04 lts and i’m writing to you on ubuntu 16.04.2 lts. when i have had my fill of this session i will shut down and everything will all be but a faint memory!

          thank you and mr. woody and  pkcano especially as well as all the contributors for making this a place for all to come and drink of the waters of acceptance and knowledge.

        • #116706 Reply

          ch100
          AskWoody MVP

          Thank you Noel. I was not suggesting an upgrade to any of the other specific supported operating systems, 7, 8.1 or 10 in context. So it was not about bleeding age, but about the support (indirect, via updates and not direct agreement) and security. There are hacks available to tell WU that the system is embedded, but as few users reported here and elsewhere, this may cause issues with the officially released patches like the current one. If the malware built based on the supposedly NSA leaked code continues to affect the internet for a while longer, there may be new official patches for XP released to the wider public, although as it appears now, those chances are slim. Related, there are a few businesses which use Windows 2003 for legacy applications or difficult to migrate File Servers and do not have the funding to pay custom support, so this issue would affect businesses too.
          I don’t like Aero either and when I use Windows 7 I always select the Basic Theme. With later OS it is a bit more difficult as Desktop Composition which is useful comes with Aero like features, although full Aero has been discontinued. There are built-in settings which make the OS faster if the graphics features are not required or desired, although some of them require admin user access, which should not be an issue for home users. This is something which has been known from XP or Windows 2000.
          If you notice, I was not asking why not moving from Windows XP to Windows 10, but moving away only from Windows XP and your answer like any other answers following are useful in the context.

          • #116710 Reply

            woody
            Da Boss

            (… and I still miss Aero… 🙂 )

            2 users thanked author for this post.
        • #117238 Reply

          anonymous

          Noel – Ars Techinica has just reported that the WannaCry ransomware hit mostly Win 7 and hardly at all XP !!!  See THIS ARS TECHNICA LINK .
          Viva XP forever !!!

          Edit to remove HTML

          1 user thanked author for this post.
    • #116623 Reply

      anonymous

      What vulnerability does this patch fix?

    • #117002 Reply

      glnz
      AskWoody Lounger

      In a different forum (MSFN), a few folks think this problem with KB 4018556 in XP Embedded (XP continuing to get updates with the POS Ready 2009 hack) might be in the Russian version only (or, who knows, maybe only in the Moldovan version).

      On the other hand, MS has pulled it from XP Embedded, so maybe it’s not limited to Russian version only.

      Anyway, it’s just a thought.  Anyone who finds out for sure, please let us know.

      Спасибо, и повеселились в Молдове.

      PS – I’ve kept XP updated on one of my machines because:  all of my emails are there in Outlook Express going back to 1942, no later version of Windows has OE, and it’s just too danged hard to move all of them to a different email app in Win 7 or later.  And updating XP is fun.

      Edit Please follow the –Lounge Rules– no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

      • This reply was modified 6 months ago by  glnz.
      • This reply was modified 6 months ago by  glnz.
      • This reply was modified 6 months ago by  PKCano.
      • #117037 Reply

        ch100
        AskWoody MVP

        There is no ‘Moldovan’ version.
        It is either Romanian (which is the official language in Moldova in a dialect form) or Russian which is a widely accepted alternative.

      • #117043 Reply

        ch100
        AskWoody MVP

        all of my emails are there in Outlook Express going back to 1942

        @glnz
        You can’t be serious. Check the year please 🙂

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Reported problem with COM patch KB 4018556 for WinXP Embedded

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.