A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

How do I update WinXP based on the new update today from Microsoft?



 
 
Thread Tools Display Modes
  #16  
Old May 14th 17, 10:52 PM posted to microsoft.public.windowsxp.general
Shadow
external usenet poster
 
Posts: 1,638
Default How do I update WinXP based on the new update today from Microsoft?

On Sun, 14 May 2017 21:42:40 +0000 (UTC), Jonas S Schneider
wrote:

On Sun, 14 May 2017 22:08:48 +0100, Ian Jackson
wrote:

Is it not on its Windows Updates?


The normal Windows Updates hasn't been working for several days - well
before the present problem. [Try checking for updates.]
--


The link previously provided (thanks!) finally worked, so I updated the exe
and installed it and it rebooted my system.

Now I'm just wondering how I figure out that it's "really" installed.


If you didn't monitor the install, you'll just have to "trust
M$"

It didn't change my "subversion" of WinXP which is 2002 SP3.

Shouldn't patching Winxp change something in a subversion number somewhere?


No, you are confusing a service pack with a patch. The last
official service pack was SP3 from 2008, or thereabouts. There have
been hundreds of patches since. They might change versions of system
files (dlls, exes etc), but not what you call the "subversion" number.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Ads
  #17  
Old May 15th 17, 12:33 AM posted to microsoft.public.windowsxp.general
Nil[_5_]
external usenet poster
 
Posts: 1,731
Default How do I update WinXP based on the new update today from Microsoft?

On 14 May 2017, Paul wrote in
microsoft.public.windowsxp.general:

Actually, no, I didn't waste the time on it. I could
not use the WinXP as a client, to reach a file share
on Win10, so I removed the patch soon after install.

After the patch, Win10 can still reach WinXP, but WinXP
cannot reach Win10. I got NTLMSSP "status_needs_more_processing"
and WinXP claimed "service not started" when it tried to reach
the Win10 machine.


That didn't happen to me. My XP and Win10 computers network together
just like they did before I installed the patch.

When all patched, the Win10 end still claims to be
supporting SMBv1 and SMBv2.


How can you tell?
  #18  
Old May 15th 17, 01:18 AM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

Nil wrote:
On 14 May 2017, Paul wrote in
microsoft.public.windowsxp.general:

Actually, no, I didn't waste the time on it. I could
not use the WinXP as a client, to reach a file share
on Win10, so I removed the patch soon after install.

After the patch, Win10 can still reach WinXP, but WinXP
cannot reach Win10. I got NTLMSSP "status_needs_more_processing"
and WinXP claimed "service not started" when it tried to reach
the Win10 machine.


That didn't happen to me. My XP and Win10 computers network together
just like they did before I installed the patch.

When all patched, the Win10 end still claims to be
supporting SMBv1 and SMBv2.


How can you tell?


Powershell (Win10 at least):

get-smbclientconfiguration ---- doesn't list any protocols

get-smbserverconfiguration ---- has SMBv1 and SMBv2 booleans
but no setting for SMBv3

I was checking for root cause, using Wireshark.
I don't know the fields in the packets well enough
to debug this.

So at least now I know it isn't the patch.

Paul
  #19  
Old May 15th 17, 01:21 AM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

Jonas S Schneider wrote:
On Sun, 14 May 2017 22:08:48 +0100, Ian Jackson
wrote:

Is it not on its Windows Updates?


The normal Windows Updates hasn't been working for several days - well
before the present problem. [Try checking for updates.]
--


The link previously provided (thanks!) finally worked, so I updated the exe
and installed it and it rebooted my system.

Now I'm just wondering how I figure out that it's "really" installed.

It didn't change my "subversion" of WinXP which is 2002 SP3.
Shouldn't patching Winxp change something in a subversion number somewhere?


In the Add/Remove control panel, is a tick box
for Windows Update successful entries.

All your KB entries should be listed.

There are also folders on your C: drive, that correspond
to the installed patches.

Paul
  #20  
Old May 15th 17, 01:25 AM posted to microsoft.public.windowsxp.general
Boris[_4_]
external usenet poster
 
Posts: 529
Default How do I update WinXP based on the new update today from Microsoft?

Paul wrote in news
J. P. Gilliver (John) wrote:
In message , gram pappy
writes:

"Jonas S Schneider" wrote in message
news Reading the news, it seems Microsoft issued an update for WinXP
today.
http://www.latimes.com/world/la-fg-g...irus-20170513-

st
ory.html


But where do I get it and how?

Here you go down at the bottom of page.

Customer Guidance for WannaCrypt attacks - MSRC

gram


That wasn't a link.

Here is the update:
http://download.windowsupdate.com/d/.../02/windowsxp-

kb4
012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe


For some of the other OSes, it looks like since a patch
was released in March, there is a slimy trail of KBs
for the users. This superseded by that, superseded
by something else. Let's hope that kb4012598 provides
one-stop-shopping for a day or two... before they change it
all again.

Paul


I have or maintain personal computers running XP SP3 x86, Vista SP2 x64,
Win7 x64 and Win10 x64. I wonder why there are no patches for Vista
SP2, Win7, or Win10. Could it be that if one keeps autoupdates enabled,
those OSes are safe? Could it be that their version of SMB is safe?
I've tried to read all the info on all of this fiasco, but it's too
confusing. I have downloaded all of the patches for XP and Vista, but
don't know if I should install them.

I have no qustion, just a gripe about how difficult and time consuming
maintaining a pc this has become for the average home user
  #21  
Old May 15th 17, 02:10 AM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

Boris wrote:
Paul wrote in news
J. P. Gilliver (John) wrote:
In message , gram pappy
writes:
"Jonas S Schneider" wrote in message
news Reading the news, it seems Microsoft issued an update for WinXP
today.
http://www.latimes.com/world/la-fg-g...irus-20170513-

st
ory.html


But where do I get it and how?
Here you go down at the bottom of page.

Customer Guidance for WannaCrypt attacks - MSRC

gram
That wasn't a link.

Here is the update:
http://download.windowsupdate.com/d/.../02/windowsxp-

kb4
012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe

For some of the other OSes, it looks like since a patch
was released in March, there is a slimy trail of KBs
for the users. This superseded by that, superseded
by something else. Let's hope that kb4012598 provides
one-stop-shopping for a day or two... before they change it
all again.

Paul


I have or maintain personal computers running XP SP3 x86, Vista SP2 x64,
Win7 x64 and Win10 x64. I wonder why there are no patches for Vista
SP2, Win7, or Win10. Could it be that if one keeps autoupdates enabled,
those OSes are safe? Could it be that their version of SMB is safe?
I've tried to read all the info on all of this fiasco, but it's too
confusing. I have downloaded all of the patches for XP and Vista, but
don't know if I should install them.

I have no qustion, just a gripe about how difficult and time consuming
maintaining a pc this has become for the average home user


Work through the article here.

https://www.askwoody.com/2017/how-to...crywannacrypt/

Paul
  #22  
Old May 15th 17, 06:15 AM posted to microsoft.public.windowsxp.general
Nil[_5_]
external usenet poster
 
Posts: 1,731
Default How do I update WinXP based on the new update today from Microsoft?

On 14 May 2017, Paul wrote in
microsoft.public.windowsxp.general:

Powershell (Win10 at least):

get-smbclientconfiguration ---- doesn't list any protocols

get-smbserverconfiguration ---- has SMBv1 and SMBv2 booleans
but no setting for SMBv3


Those commands apparently aren't included in Powershell v1 for XP, but
in Windows 10 I get the same results as you. Thanks for the tip.
  #23  
Old May 15th 17, 08:16 AM posted to microsoft.public.windowsxp.general
J. P. Gilliver (John)[_4_]
external usenet poster
 
Posts: 2,679
Default How do I update WinXP based on the new update today from Microsoft?

In message , Paul
writes:
[]
Work through the article here.

https://www.askwoody.com/2017/how-to...t-hit-by-wanna
crywannacrypt/

Paul


A bit disconcerting that the very first sentence says "WannaCrypt does
not infect XP machines – the problem appears entirely (or almost
entirely) on unpatched Win7 machines." ...
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

- often six furlongs ahead of the field, but on the wrong racecourse. - Colin
Dexter on (his creation the character) Morse; Radio Times 12-18 May 2012.
  #24  
Old May 15th 17, 11:25 AM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

J. P. Gilliver (John) wrote:
In message , Paul
writes:
[]
Work through the article here.

https://www.askwoody.com/2017/how-to...t-hit-by-wanna
crywannacrypt/

Paul


A bit disconcerting that the very first sentence says "WannaCrypt does
not infect XP machines – the problem appears entirely (or almost
entirely) on unpatched Win7 machines." ...


Yes, that's an implementation detail. Numerically, Windows 7 machines
are the highest runner, so the design focuses on those.

But that doesn't mean a script kiddie who gets the source code,
makes a few mods, can't use it on WinXP.

You're doing maintenance now, to prevent surprises later.

Paul
  #25  
Old May 15th 17, 03:42 PM posted to microsoft.public.windowsxp.general
Jonas S Schneider
external usenet poster
 
Posts: 36
Default How do I update WinXP based on the new update today from Microsoft?

On Mon, 15 May 2017 02:56:35 +0000, XP-SP3 wrote:

Look for the following:

C:\WINDOWS\$NtUninstallKB4012598$
C:\WINDOWS\$NtUninstallKB4012598$\spuninst

spuninst.txt:
COPY "C:\WINDOWS\$NtUninstallKB4012598$\xpsp4res.dl l" "c:\windows\system32\xpsp4res.dll"
COPY "C:\WINDOWS\$NtUninstallKB4012598$\srv.sys" "c:\windows\system32\dllcache\srv.sys"
COPY "C:\WINDOWS\$NtUninstallKB4012598$\srv.sys" "c:\windows\system32\drivers\srv.sys"

------------------------------------------------------
new version old version
xpsp4res.dll 5.1.2600.7208 5.1.2600.6477
11-FEB-2017 05-NOV-2013
Description: Service Pack 4 Messages

------------------------------------------------------
srv.sys 5.1.2600.7208 5.1.2600.6082
11-FEB-2017 17-FEB-2011
Description: Server driver


Yes. That's there! Thanks.
http://i.cubeupload.com/RXqSBJ.gif
  #26  
Old May 15th 17, 03:42 PM posted to microsoft.public.windowsxp.general
Jonas S Schneider
external usenet poster
 
Posts: 36
Default How do I update WinXP based on the new update today from Microsoft?

On Sun, 14 May 2017 20:21:06 -0400, Paul wrote:

In the Add/Remove control panel, is a tick box
for Windows Update successful entries.

All your KB entries should be listed.

There are also folders on your C: drive, that correspond
to the installed patches.


I was hoping that would work, but I must have followed the wrong rabbit
path.

I first hit:
Start Settings Control Panel Add or Remove Programs

That pops up the Add or Remove Programs dialog with a checkbox at top which
is already checked saying "Show updates", and four boxes at the left side:
a. Change or remove programs
b. Add new programs
c. Add/remove windows components
d. Set program access and defaults

Which one do I hit?
I hit "Add/remove Windows Components".
A Windows Components Wizard pops up.

OK. now what?
Nothing on the checked list says "Windows XP OS updates" or anything even
remotely resembling the OS updates. Therefore, I just hit "Next".
Up pops a "Completing the Windows Component Wizard", and then "Finish".

Well, that went nowhere.

Trying again at the Add or Remove Programs box, I hit (a) Change or Remove
Programs. All it says under Windows XP - Software Updates is:
Hotfix for Windows XP (KB954550-v5)
Security Update for Windows XP (KB4012598)
Windows XP Service Pack 3

Does that mean that the *only* updates I've ever had since SP3 were those
two?
  #27  
Old May 15th 17, 04:56 PM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

Jonas S Schneider wrote:
On Sun, 14 May 2017 20:21:06 -0400, Paul wrote:

In the Add/Remove control panel, is a tick box
for Windows Update successful entries.

All your KB entries should be listed.

There are also folders on your C: drive, that correspond
to the installed patches.


I was hoping that would work, but I must have followed the wrong rabbit
path.

I first hit:
Start Settings Control Panel Add or Remove Programs

That pops up the Add or Remove Programs dialog with a checkbox at top which
is already checked saying "Show updates", and four boxes at the left side:
a. Change or remove programs
b. Add new programs
c. Add/remove windows components
d. Set program access and defaults

Which one do I hit?
I hit "Add/remove Windows Components". A Windows Components Wizard pops up.

OK. now what? Nothing on the checked list says "Windows XP OS updates"
or anything even
remotely resembling the OS updates. Therefore, I just hit "Next". Up
pops a "Completing the Windows Component Wizard", and then "Finish".

Well, that went nowhere.

Trying again at the Add or Remove Programs box, I hit (a) Change or Remove
Programs. All it says under Windows XP - Software Updates is:
Hotfix for Windows XP (KB954550-v5)
Security Update for Windows XP (KB4012598)
Windows XP Service Pack 3

Does that mean that the *only* updates I've ever had since SP3 were those
two?


Naively, yes.

However, you should look for 4012598 in the file system,
and spot where the folders are located. See how many KB
folders are present *next* to that folder

There is one install mechanism, that does not leave a log
of the installation. KB4012598 is the one you just installed,
which is track-able. However, older patches can be CAB files,
and there is a method available to install those, with no
trace they were installed.

To review your security status, use MBSA 2.3 download
and let it scan the PC. It will tell you what patches
are missing. MBSA 2.3 does not list "optional" Windows Update
patches and is not a replacement for Windows Update. However,
it can function as a tool to review the security status
of the machine, and that's what it is for. It can also
report unpatched copies of Microsoft Office (even patches
for Office Viewer freebies, will be listed). You can have
as many as fifteen patches missing, to patch and protect
the free Office Viewer programs. This tool will help you find
them.

http://s12.postimg.org/4df2ka8bh/mbsa.gif

Paul
  #28  
Old May 16th 17, 12:15 AM posted to microsoft.public.windowsxp.general
Jonas S Schneider
external usenet poster
 
Posts: 36
Default How do I update WinXP based on the new update today from Microsoft?

On Mon, 15 May 2017 11:56:46 -0400, Paul wrote:

To review your security status, use MBSA 2.3 download
and let it scan the PC. It will tell you what patches
are missing.


Thanks for the pointer to MBSA, which is new to me.
I've had WinXP for a decade and I'm *still* adding software!

Microsoft Baseline Security Analyzer 2.3 (for IT Professionals)
https://www.microsoft.com/en-us/down...n.aspx?id=7558
MBSASetup-x86-EN.msi (1.6MB)

It installed easily into a folder of my choosing but it errored instantly
upon running it as shown below.
https://s29.postimg.org/fz22jc48n/mbsa1.gif

I clicked "Scan a computer" and took all the defaults.

It found a few things such as "Computer has an older version of the client
and security database demands a newer version.[sic] Current version is
blank and minimum required version is blank.[sic]
https://s23.postimg.org/53xsvkuff/mbsa2.gif

I'm not sure why the blanks though.
But it told me absolutely nothing useful. Unfortunately.

Why does this always happen to me?
Did I do something wrong?

  #29  
Old May 16th 17, 10:55 AM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default How do I update WinXP based on the new update today from Microsoft?

pamela wrote:
On 02:10 15 May 2017, Paul wrote:

Boris wrote:
Paul wrote in
news
J. P. Gilliver (John) wrote:
In message , gram pappy
writes:
"Jonas S Schneider" wrote in
message news
Reading the news, it seems Microsoft issued an update for
WinXP today.
http://www.latimes.com/world/la-fg-global-computer-
virus-20170513-story.html


But where do I get it and how?
Here you go down at the bottom of page.

Customer Guidance for WannaCrypt attacks - MSRC
gram
That wasn't a link.

Here is the update:
http://download.windowsupdate.com/d/.../secu/2017/02/
windowsxp-kb4012598-x86-custom-enu_
eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe

For some of the other OSes, it looks like since a patch
was released in March, there is a slimy trail of KBs
for the users. This superseded by that, superseded
by something else. Let's hope that kb4012598 provides
one-stop-shopping for a day or two... before they change it
all again.

Paul
I have or maintain personal computers running XP SP3 x86, Vista
SP2 x64, Win7 x64 and Win10 x64. I wonder why there are no
patches for Vista SP2, Win7, or Win10. Could it be that if one
keeps autoupdates enabled, those OSes are safe? Could it be
that their version of SMB is safe? I've tried to read all the
info on all of this fiasco, but it's too confusing. I have
downloaded all of the patches for XP and Vista, but don't know
if I should install them.

I have no qustion, just a gripe about how difficult and time
consuming maintaining a pc this has become for the average home
user

Work through the article here.

https://www.askwoody.com/2017/how-to...-you-wont-get-
hit-by-wannacrywannacrypt/

Paul


Do you know what the MS patch KB4012598 (MS17-010) actually does? I
believe it fixes some SMB vulnarabilities exploitd by WannaCry.

I read some articles explaining how to protect against these SMB
vulnerabilities by adding some registry entries to the LanmanServer
parameters or alternatively by using the group Policies editor.

Is this what KB4012598 (MS17-010) does or is it patching some
vulnarable executables?


I'm not an IT guy, but at a guess, the Regedit changes are
for emergencies, to shut if off. Another way to disable it,
is to disable the associated service, so nothing answers at
port 445.

The patch should do better than that, and deal with the
actual vulnerable code. The patch didn't work out the
way I planned on my WinXP machine, but someone else reported
no loss of functionality on his WinXP machine. So I would
conclude from that, that my machine needs work. And the
patch is safe.

The purpose of the patch, is to prevent contagion. It
gets into your computer room, when you click on an
attachment on some email. In other words, the first
stage of the attack, typically uses another vector.
The reason you're installing this patch, is so all
the computers in the room, don't get that red
"Ransom note" on their screen at the same time.

Even with the SMBv1 port patched, a ransomware that
gets into one machine (via an executed email attachment),
it can examine your list of file sharing mounts, and
mount those volumes and encrypt them. That means
even before this exploit was available, about
half the disk drives in your computer room
could have been compromised anyway.

What the new vector does, is ensure the perps do
a much more thorough job. There might be no
running computers left in your room at all
after they're done. They'll all have the red
ransom note.

So first they have to get in... Then the fun begins.

This patch is not a cure-all for Adobe Flash
exploits, browser redirects, email attachments
and a wealth of other original infection points.
But it does help prevent all the computers
from being compromised via contagion, by the
same event. You might have a computer left,
to dial out with and look for help.

Generally, in 2017, there is no way to decrypt the files.
(There was one ransomware, where the "good guys"
got control of a C&C server with the encryption
keys on it, and some people actually got their
files back as a result. The bad guys have not
repeated their past mistakes, in that regard, and
in 2017, the only way you'll get your files back
with any guarantee, is with backups you made in
advance of the event.)

Paul
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 04:31 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.