Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • What’s up with the “new” XP patch KB 982316?

    Posted on May 22nd, 2017 at 13:37 woody Comment on the AskWoody Lounge

    I don’t know what to make of it.

    I’m seeing reports all over the internet that Microsoft has released a new Windows XP patch, KB982316.

    Yes, Windows XP.

    There’s a download link that’s dated May 19, 2017 — last Friday.

    But there’s no Microsoft Update Catalog listing.

    The KB article says it was last reviewed on June 10, 2011:

    This update implements a defense-in-depth change that some customers may decide to deploy.. This update changes the Access Control Lists (ACLs) for the following registry entry:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Telephony

    By default, Network Service (NS) users explicitly have full permission to this registry entry. After you install this update, NS users will have Read-Only access to this registry entry. The update will apply the same ACLs to all subkeys of the registry entry.

    The KB article points to Security Advisory 2264072, Elevation of Privilege Using Windows Service Isolation Bypass, but that article’s dated Aug. 10, 2010. Version 1.0.

    Is this another supercedence screw-up? (We’ve seen many, lately.) Is it related to the Shadow Brokers trove?

    And, if it’s really a new patch – not some phantom resurrected erroneously — is Microsoft going to patch XP for NSA-derived exploits?

  • The original WannaCry does NOT infect Windows XP boxes

    Posted on May 19th, 2017 at 08:00 woody Comment on the AskWoody Lounge

    I’ve been saying that for a week now – sometimes fighting over it.

    I’m not saying the EternalBlue infection method doesn’t work on XP. (Sorry for the double negative.) What I am saying is that no Windows XP boxes were infected, in the wild, by the original WannaCry worm.

    I’m also saying that the original WannaCry worm is now a distant memory, with much nastier things to come, and you have to get yourself patched, no matter which version of Windows you’re using.

    There’s an interesting debate going on right now about infections on XP boxes that weren’t part of the first wave.

    UPDATE: The Scottish National Health Service reports that 1,500 computers came down with WannaCry. Independently, NHS says they still have 6,500 computers running XP. Somehow that’s getting reported in the press that 1,500 XP NHS computers were infected. The announcement from NHS is apparently correct. The poorly-spun media reports are clearly wrong.

    ANOTHER UPDATE: Catalin Cimpanu at BleepingComputer comes to the conclusion that we’ve known all along — WannaCry only infects Windows 7 and Server 2008 R2, which is basically the same thing as Windows 7.

    The Kaspersky graph shows a tiny, tiny number of Win10 machines infected. My guess is that’s either a false positive, or from people who were intentionally infecting Win7 machines running in a Virtual Machine on Win10.

    There’s a commenter (I know, I shouldn’t read the comments) who says:

    You want to know why Windows 10 was on the list?
    I blame Microsoft for still allowing people to opt-out of auto-updates. The mass do not always know what’s best for them, so it is our responsibility to firmly reject their demand when it’s harmful, and educate them why so.

    I could pull my hair out. Win10 wasn’t directly affected. Opting in or out of updates isn’t a problem – although if you opted out of Win7 auto updates and you didn’t check for two months, yep, you could’ve gotten stung. But Win10? Puh-lease.

  • Windows XP Service Pack 3

    Posted on September 11th, 2016 at 06:12 woody Comment on the AskWoody Lounge

    Just got this from DE:

    I have Windows XP Professional, 64 bit installed on my computer.  It has service pack 3.  I’ve looked and looked for SP-3, with disastrous results.  Usually the sites that profess that they have SP-3, only download their own programs.

    This is a new computer,  I don’t have the installation disk, so I have to be careful as to what I download.

    Heres the question Woody;  I’ve found a site that says that they do have a SP-3 for the 64 bit version of Windows XP.

    Do you think that it’s safe?  I’m also going on holidays and don’t plan to use it just yet.

    Like so many things attached to Windows XP these days, I wouldn’t touch it with a ten foot pole.

    I’m sure you’ve heard the nagging many times before, but once again, for emphasis: Unless you’re very, very adept at protecting your computer, XP is a disaster waiting to happen. Surfing the internet with an XP computer – using ANY browser – is like walking around with a “Kick me” sign on your back.

    Chrome is no longer supported on XP. Firefox is supported on XP SP3, as is Opera, but neither gets the kind of security scrutiny you need to stay safe. Really.

    Microsoft doesn’t distribute SP3 any more, and hasn’t for more than two years. It’s safe to assume that any version of XP you find on the web is laced with the nastiest malware you’ve ever seen. Even if you find a shiny CD with all the right holograms, sealed in a factory-fresh carton, signed and notarized by Bill Gates himself, there’s a very good chance it’s fake.

    The safest way to work with XP is to get rid of it. Upgrade to Win7, or switch to Linux, or turn the machine into a doorstop.

    Sorry, but friends don’t let friends use XP.

  • Microsoft cold-shoulders Server 2003 and XP users hit with Microsoft Update error 0x80248015

    Posted on November 25th, 2014 at 07:06 woody Comment on the AskWoody Lounge

    Looks like it’s an internal date error – but MS hasn’t said a thing. Argh.

    InfoWorld Tech Watch

  • Windows 8 usage declined in June while XP usage increased

    Posted on July 1st, 2014 at 09:33 woody Comment on the AskWoody Lounge

    … he says, shaking his head…

    InfoWorld Tech Watch.

  • One for the road: Microsoft patches Windows XP for SA 2963983

    Posted on May 1st, 2014 at 16:21 woody Comment on the AskWoody Lounge

    Yet another good sign that Redmond is listening.

    InfoWorld Tech Watch.

  • Microsoft tends to enterprise Windows users — but kicks consumers to the curb

    Posted on April 18th, 2014 at 19:25 woody Comment on the AskWoody Lounge

    There’s a whole lot going on in the world of Windows 8, right now.

    InfoWorld Tech Watch.

  • Only Microsoft knows the true Windows XP numbers — but isn’t telling

    Posted on March 12th, 2014 at 03:00 woody Comment on the AskWoody Lounge

    If Microsoft would just tell us one number, we’d have a much better handle on the problem coming

    InfoWorld Tech Watch