X
XP Guy
Apparently, Microsoft dropped support for POS Ready 2009 with version 2
of Security Essentials. MSE is only supported on XP 32-bit, and
vista/w7 32 and 64-bit. It is not supported on any other platforms.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Apparently, Microsoft dropped support for POS Ready 2009 with version 2
of Security Essentials. MSE is only supported on XP 32-bit, and
vista/w7 32 and 64-bit. It is not supported on any other platforms.
C
casey.o
There isn't anything to download: if you read what he said, there are
only four registry keys to be created/altered, but if you don't want to
do that, he made it as a .reg file: you copy the bits _of his post_
between the === lines into NotePad, then save the result as a .reg file,
then run it. (On your head be it though!) [Use his original post - or,
if you take the text from this one, remove all the ">>"s.]
[]
Ok, I now understand. It's using the already installed copy of XP. Just
modified to get the updates. I hope that also updates Security
Essentials. I'm sick of that thing nagging me that XP is expired.
C
casey.o
Apparently, Microsoft dropped support for POS Ready 2009 with version 2
of Security Essentials. MSE is only supported on XP 32-bit, and
vista/w7 32 and 64-bit. It is not supported on any other platforms.
That's too bad. Security Essentials (SE) seemed to be one of the best
AV programs available, at least of the free ones. I suppose I may as
well just uninstall it then. I guess I'll have to buy Kaspersky then.
I'm not impressed with any of the free ones. In fact AVG claims to run
on Windows 2000 SP4. That's what I have on one computer, yet it wont
install. I guess when it comes to something as important as AV
software, one cant be cheap. However I wont touch anything made by
Symantec. I always figured that MS would make the best AV, since they
know the OS best.
K
Ken Springer
That's too bad. Security Essentials (SE) seemed to be one of the best
AV programs available, at least of the free ones. I suppose I may as
well just uninstall it then. I guess I'll have to buy Kaspersky then.
I'm not impressed with any of the free ones. In fact AVG claims to run
on Windows 2000 SP4. That's what I have on one computer, yet it wont
install. I guess when it comes to something as important as AV
software, one cant be cheap. However I wont touch anything made by
Symantec. I always figured that MS would make the best AV, since they
know the OS best.
Have you tried Avast at all? Been using it for years, since I gave up
on Norton. Not a problem anywhere.
--
Ken
Mac OS X 10.8.5
Firefox 25.0
Thunderbird 24.3.0
"My brain is like lightning, a quick flash
and it's gone!"
M
Mayayana
| I'm saving this message for reference. This sounds useful.
Just remember two things:
1) XP is no longer supported. Microsoft has no reason to make
sure patches for XPE work on XP, and they have made no such
commitment. They do have a motive to break XP. Unsupported
means that if it breaks it's your fault.
2) It's unlikely there will be many, if any, relevant patches
anyway. Something like support for new hardware would be
useful, but security patches? No one should be using IE8
anyway, so patches there are irrelevant. What else is there?
This months patches are a good example. Someone who
has been posting this hack in another group posted them.
One is for IE and 2 are for "privilege elevation" bugs. In other
words, they are bugs that allow someone logged on as a
restricted user to get full admin rights. I don't know anyone
who doesn't have all users set up as Admins on XP. Unless
you normally run in the restricted "lackey mode" of a common
user, and you have XP installed with an NTFS file system, then
privilege elevation is irrelevant.
So you could be risking your system for doubtful benefit.
On top of all that, if you use the hack you need to pick
and choose between updates. Some may not be relevant to
XP. Some, like WGA, might invalidate your hacked install.
Just remember two things:
1) XP is no longer supported. Microsoft has no reason to make
sure patches for XPE work on XP, and they have made no such
commitment. They do have a motive to break XP. Unsupported
means that if it breaks it's your fault.
2) It's unlikely there will be many, if any, relevant patches
anyway. Something like support for new hardware would be
useful, but security patches? No one should be using IE8
anyway, so patches there are irrelevant. What else is there?
This months patches are a good example. Someone who
has been posting this hack in another group posted them.
One is for IE and 2 are for "privilege elevation" bugs. In other
words, they are bugs that allow someone logged on as a
restricted user to get full admin rights. I don't know anyone
who doesn't have all users set up as Admins on XP. Unless
you normally run in the restricted "lackey mode" of a common
user, and you have XP installed with an NTFS file system, then
privilege elevation is irrelevant.
So you could be risking your system for doubtful benefit.
On top of all that, if you use the hack you need to pick
and choose between updates. Some may not be relevant to
XP. Some, like WGA, might invalidate your hacked install.
S
Stan Weiss
I am writing this on a computer with W2K and AVG. and it still updates
the definitions. But it is not the later versions. You need to find
version 9, download and install it.
Stan
the definitions. But it is not the later versions. You need to find
version 9, download and install it.
Stan
C
casey.o
I am writing this on a computer with W2K and AVG. and it still updates
the definitions. But it is not the later versions. You need to find
version 9, download and install it.
That's no problem.
http://www.oldapps.com/avast_antivirus.php
oldapps.com has all of the old stuff, and it's not one of those annoying
sites that tries to trick you into downloading something else. I pretty
much download everything from that site now, except for drivers.
But I have to wait till I go to a WIFI site to download it, and then I
have to wonder how many hours (or days) it will take to download the
definition files on dialup.
C
casey.o
Have you tried Avast at all? Been using it for years, since I gave up
on Norton. Not a problem anywhere.
I did use it many years ago, for Win98, but then it stopped updating. I
recall it tended to slow my system down, but I changed the settings so
it was not running all the time. This is years ago, I think I got it to
work so I had to manually run it, but that's ok.....
I only downloaded AVG because they have a 4meg version, and on dialup
that's doable. But their claim to run on Win2000 SP4, is not true. It
quit installing halfway thru, saying some file wont work on this version
of windows..... (It *IS* SP4).
Why do almost all AV programs have names that begin with "AV". It's
confusing.....
AVAST
AVG
AVIRA
J
J. P. Gilliver (John)
In message <[email protected]>,
What XP Guy says above, I read as meaning MSE doesn't support POS; I was
under the impression that, for plain XP SP3 (i. e. that _hasn't_ been
hacked to look like POS), MSE _is_ still being updated, or at least its
definition files are. But I might be misinterpreting what XP Guy said.
As I've said, Avira works for me.
That's too bad. Security Essentials (SE) seemed to be one of the best
AV programs available, at least of the free ones. I suppose I may as
well just uninstall it then. I guess I'll have to buy Kaspersky then.
What XP Guy says above, I read as meaning MSE doesn't support POS; I was
under the impression that, for plain XP SP3 (i. e. that _hasn't_ been
hacked to look like POS), MSE _is_ still being updated, or at least its
definition files are. But I might be misinterpreting what XP Guy said.
I'm not impressed with any of the free ones. In fact AVG claims to run
As I've said, Avira works for me.
Many folk think that.on Windows 2000 SP4. That's what I have on one computer, yet it wont
install. I guess when it comes to something as important as AV
software, one cant be cheap. However I wont touch anything made by
Symantec. I always figured that MS would make the best AV, since they
know the OS best.
J
J. P. Gilliver (John)
In message <[email protected]>,
Because they're AV programs?Why do almost all AV programs have names that begin with "AV". It's
confusing.....
AVAST
AVG
AVIRA
J
J. P. Gilliver (John)
In message <[email protected]>, Mayayana
According to someone here in the IEradicator debates (which I thought
was you), everyone's using parts of IE anyway, whether they like it or
not, even if they use another browser for actual browsing - so doesn't
that make patches for it totally relevant?
[]useful, but security patches? No one should be using IE8
anyway, so patches there are irrelevant. What else is there?
According to someone here in the IEradicator debates (which I thought
was you), everyone's using parts of IE anyway, whether they like it or
not, even if they use another browser for actual browsing - so doesn't
that make patches for it totally relevant?
X
XP Guy
Mayayana said:... but security patches? No one should be using IE8 anyway, so
patches there are irrelevant.
Why should no one be using IE8?
IE8 is currently just as vulnerable to exploits as IE9, 10 or 11 if you
apply POS2009 IE updates to your XP system.
X
XP Guy
J. P. Gilliver (John) said:What XP Guy says above, I read as meaning MSE doesn't support POS;
From what I've read, MS dropped support for MSE for POS2009 when version
2 of MSE came out. Supposedly, if you can still find the installer for
version 1 of MSE, it will work with POS2009 but will always show the
exclamation point icon because it wants to upgrade to version 2.
So for those with XP that use the POS2009 registry hack and who want to
keep using MSE, one experiment to try is to install version 1 of MSE and
see if it will receive MSE definition updates (but don't update it to
version 2).
Try downloading it from here:
http://fs40.filehippo.com/8625/ece7abd2063c467d842520d1390701ea/mssefullinstall-x86fre-en-us-xp.exe
That is the direct download link for Security Essentials 1.0.2498 (XP).
Very hard to find working links for MSE version 1.x.
M
Mayayana
| >useful, but security patches? No one should be using IE8
| >anyway, so patches there are irrelevant. What else is there?
| []
| According to someone here in the IEradicator debates (which I thought
| was you), everyone's using parts of IE anyway, whether they like it or
| not, even if they use another browser for actual browsing - so doesn't
| that make patches for it totally relevant?
No, not really. The system uses IE browser windows
for various things: CHM help files, HTAs, 3rd-party
software.... So you can't take out the actual browser.
But that's not the same as using it online. There have
been 3 recent patches for IE that I'm aware of:
https://technet.microsoft.com/library/security/ms14-021
https://technet.microsoft.com/library/security/ms14-024
https://technet.microsoft.com/library/security/ms14-029
They're all for attacks that employ a webpage hack.
A lot of bugs involve "privilege elevation", which generally
doesn't apply to XP. Most other bugs involve online attacks.
If you don't use MS software online, those don't apply.
What's left? Mainly file corruption attacks. In other words,
you have to be attacked from somewhere. IE can't get attacked
just by sitting there. For instance, there could be a case
where you download a corrupt CHM. (There have been CHM
bugs in the past.) There could also be .DOC bugs, if you have
MS Office installed. There was even a bug in .EMF graphic files
a few years ago. Just about any file type that allows for script
or other executable functionality can have bugs. (CHM, PDF, SWF,
any PE file, HTML.) It's possible that there could be
something like a new CHM attack, but in general the patches
coming through are not going to matter for people who don't
use IE online. (One should avoid downloading CHM, PDF, or
DOC files from mysterious Chinese websites, in any case.
Whether you're fully patched or not, that's a risk.)
IE has been an unusable mess, security-wise, for years,
but that's as a browser used online. In Windows it's ubiquitous
and not particularly risky. I love IE. I use it for HTAs, for testing
webpages, and I have it set as my default browser so that I
can open HTML files locally without waiting for Firefox to load.
I just don't allow IE to go online. *Ever*.
I currently have IE6 installed. I see no reason to update it
or patch it. Microsoft breaks rendering compatibility in IE with
every version, so I design all of my webpages to work in what
they call "quirks mode". By leaving off the DOCTYPE tag in HTML
I can indicate to IE that it should use quirks mode rendering.
Every version of IE will then render a webpage as it renders in IE6.
That way I can just design one page for IE and one page for all
other browsers. And I can test it all on my machine with IE6 and
Firefox. So there's really no reason for me to risk the integrity of
the system by even installing IE8.
| >anyway, so patches there are irrelevant. What else is there?
| []
| According to someone here in the IEradicator debates (which I thought
| was you), everyone's using parts of IE anyway, whether they like it or
| not, even if they use another browser for actual browsing - so doesn't
| that make patches for it totally relevant?
No, not really. The system uses IE browser windows
for various things: CHM help files, HTAs, 3rd-party
software.... So you can't take out the actual browser.
But that's not the same as using it online. There have
been 3 recent patches for IE that I'm aware of:
https://technet.microsoft.com/library/security/ms14-021
https://technet.microsoft.com/library/security/ms14-024
https://technet.microsoft.com/library/security/ms14-029
They're all for attacks that employ a webpage hack.
A lot of bugs involve "privilege elevation", which generally
doesn't apply to XP. Most other bugs involve online attacks.
If you don't use MS software online, those don't apply.
What's left? Mainly file corruption attacks. In other words,
you have to be attacked from somewhere. IE can't get attacked
just by sitting there. For instance, there could be a case
where you download a corrupt CHM. (There have been CHM
bugs in the past.) There could also be .DOC bugs, if you have
MS Office installed. There was even a bug in .EMF graphic files
a few years ago. Just about any file type that allows for script
or other executable functionality can have bugs. (CHM, PDF, SWF,
any PE file, HTML.) It's possible that there could be
something like a new CHM attack, but in general the patches
coming through are not going to matter for people who don't
use IE online. (One should avoid downloading CHM, PDF, or
DOC files from mysterious Chinese websites, in any case.
Whether you're fully patched or not, that's a risk.)
IE has been an unusable mess, security-wise, for years,
but that's as a browser used online. In Windows it's ubiquitous
and not particularly risky. I love IE. I use it for HTAs, for testing
webpages, and I have it set as my default browser so that I
can open HTML files locally without waiting for Firefox to load.
I just don't allow IE to go online. *Ever*.
I currently have IE6 installed. I see no reason to update it
or patch it. Microsoft breaks rendering compatibility in IE with
every version, so I design all of my webpages to work in what
they call "quirks mode". By leaving off the DOCTYPE tag in HTML
I can indicate to IE that it should use quirks mode rendering.
Every version of IE will then render a webpage as it renders in IE6.
That way I can just design one page for IE and one page for all
other browsers. And I can test it all on my machine with IE6 and
Firefox. So there's really no reason for me to risk the integrity of
the system by even installing IE8.
M
Mayayana
| > ... but security patches? No one should be using IE8 anyway, so
| > patches there are irrelevant.
|
| Why should no one be using IE8?
|
| IE8 is currently just as vulnerable to exploits as IE9, 10 or 11 if you
| apply POS2009 IE updates to your XP system.
You're using IE8 online and justifying it based the using
the XPE hack? I could see that, maybe, if there's a particular
website that requires IE, but otherwise I can't see the sense
of it.
* Windows integration:
IE has not been suitable for online use since IE4, when they
baked it into Windows. It's too deeply tied in to be safe for
use online. It was designed to be that way, at a time when
browser functionality was important and no one thought about
security. ActiveX controls were a brilliant invention that helped
defeat Netscape. IE was great for making highly functional
webpage software for use on corporate intranets. It still is
great for that, which is a big part of why it's not safe online.
* Security settings:
While Firefox security settings have been getting harder to
control, IE is an astonishing mess, with thousands of settings,
many of them virtually secret, and many of which can secretly
override the security settings you choose, should you be brave
enough to try to adjust IE security in the first place. Most people
never would. Again, that's by design. It's another expression
of the fact that IE is made for corporate intranet use, to be
controlled by corporate IT people. *Microsoft never intended
for the end-user to have control over the browser.*
* Obsolete:
IE as a browser is obsolete. Since the latest version is
only supported in Win7/8 it's essentially become reduced
to being a niche browser. Even if you get patches for IE8,
it only supports web standards from sometime before 2010.
Why would anyone choose to keep using a discontinued
browser that can no longer keep up?
| > patches there are irrelevant.
|
| Why should no one be using IE8?
|
| IE8 is currently just as vulnerable to exploits as IE9, 10 or 11 if you
| apply POS2009 IE updates to your XP system.
You're using IE8 online and justifying it based the using
the XPE hack? I could see that, maybe, if there's a particular
website that requires IE, but otherwise I can't see the sense
of it.
* Windows integration:
IE has not been suitable for online use since IE4, when they
baked it into Windows. It's too deeply tied in to be safe for
use online. It was designed to be that way, at a time when
browser functionality was important and no one thought about
security. ActiveX controls were a brilliant invention that helped
defeat Netscape. IE was great for making highly functional
webpage software for use on corporate intranets. It still is
great for that, which is a big part of why it's not safe online.
* Security settings:
While Firefox security settings have been getting harder to
control, IE is an astonishing mess, with thousands of settings,
many of them virtually secret, and many of which can secretly
override the security settings you choose, should you be brave
enough to try to adjust IE security in the first place. Most people
never would. Again, that's by design. It's another expression
of the fact that IE is made for corporate intranet use, to be
controlled by corporate IT people. *Microsoft never intended
for the end-user to have control over the browser.*
* Obsolete:
IE as a browser is obsolete. Since the latest version is
only supported in Win7/8 it's essentially become reduced
to being a niche browser. Even if you get patches for IE8,
it only supports web standards from sometime before 2010.
Why would anyone choose to keep using a discontinued
browser that can no longer keep up?
X
XP Guy
Mayayana said:| IE8 is currently just as vulnerable to exploits as IE9, 10 or
| 11 if you apply POS2009 IE updates to your XP system.
You're using IE8 online and justifying it based the using
the XPE hack?
There's no "justification" involved.
MS is patching IE8 just as well and just as completely as IE9, 10 and
11.
But in order to get those IE8 patches on an system running XP, you need
to perform the POS2009 registry hack.
If you want to make a blanket statement that nobody should be running IE
(even if they have Windoze 7 or 8, even if they are running IE9, 10 or
11) then fine, you can do that. But I don't see where you have a reason
to single out IE8 specifically.
* Windows integration:
IE has not been suitable for online use since IE4, when they
baked it into Windows. It's too deeply tied in to be safe for
use online.
Hey, I agree that integrating IE with Windoze was done purely for
anticompetitive reasons by Macro$haft, with OS stability and security
issues taking a back seat. But it's my understanding that using other
browsers doesn't fully take you off the hook in terms of your system
still being vulnerable at some deeper level because of the underlying IE
infrastructure of Windoze.
Keeping XP updated (including the IE8 components) by using the POS2009
registry trick can only make XP systems more secure in the future vs not
doing it.
K
Ken Blake, MVP
Why do almost all AV programs have names that begin with "AV". It's
confusing.....
AVAST
AVG
AVIRA
Almost all? Not even close!
There are only three, as far as I know, and they are the three you've
named. Go to
http://en.wikipedia.org/wiki/Comparison_of_antivirus_software and you
will see that there are at least 54 others whose names do *not* begin
with "AV," which obviously stands for "Antivirus."
M
Mayayana
| If you want to make a blanket statement that nobody should be running IE
| (even if they have Windoze 7 or 8, even if they are running IE9, 10 or
| 11) then fine, you can do that. But I don't see where you have a reason
| to single out IE8 specifically.
|
I'm not singling out IE8. I wouldn't use any of them online.
But this is an XP group. IE8 is the latest version that can
be installed on XP. In addition to all the general IE problems
I listed, IE8 rendering is 5+ years behind the times and will
never be updated. In that sense it's even worse than IE9+.
Since you don't need to use IE8 it's hard to see why you
would. But it's up to you. Good luck.
| (even if they have Windoze 7 or 8, even if they are running IE9, 10 or
| 11) then fine, you can do that. But I don't see where you have a reason
| to single out IE8 specifically.
|
I'm not singling out IE8. I wouldn't use any of them online.
But this is an XP group. IE8 is the latest version that can
be installed on XP. In addition to all the general IE problems
I listed, IE8 rendering is 5+ years behind the times and will
never be updated. In that sense it's even worse than IE9+.
Since you don't need to use IE8 it's hard to see why you
would. But it's up to you. Good luck.
Z
Zo
XP Guy wrote on 5/31/2014 :
Hey Guy,
just curious - what is the difference between your recommended fix and
the one suggested in this article from betanews?
http://betanews.com/2014/05/26/how-...e-security-updates-for-windows-xp-until-2019/
or Tiny URL= http://tinyurl.com/kxqk2th
I'm saving this message for reference. This sounds useful. But I
question whether one can activate this as a private individual.
You did not post a URL to download it.
Download what?
There is nothing to download.
Just do the following:
Use notepad to copy the following and save as .reg file and run it:
==========
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WindowsEmbedded\ProductVersion]
"FeaturePackVersion"="SP3"
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WEPOS]
"Installed"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WES]
"Installed"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
===========
Restart your computer, and make sure WindozeUpdate service is running.
You will see there are updates for you to install! And your XP PC will
continue to recieve MS patches until the year 2019.
Hey Guy,
just curious - what is the difference between your recommended fix and
the one suggested in this article from betanews?
http://betanews.com/2014/05/26/how-...e-security-updates-for-windows-xp-until-2019/
or Tiny URL= http://tinyurl.com/kxqk2th
X
XP Guy
Zo said:Hey Guy,
just curious - what is the difference between your recommended fix
and the one suggested in this article from betanews?
http://betanews.com/2014/05/26/how-...e-security-updates-for-windows-xp-until-2019/
or Tiny URL= http://tinyurl.com/kxqk2th
The difference is that the betanews article only gives this key:
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
as the olny key to add to your XP system so that it will download
POSReady 2009 updates. Adding that key, and setting it's value to 1, is
necessary for this method to work.
The method I posted includes that key, as well as these additional keys:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WindowsEmbedded\ProductVersion]
"FeaturePackVersion"="SP3"
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WEPOS]
"Installed"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WES]
"Installed"=dword:00000000
The addition of those 3 keys has been found to suppress "Key Not Found"
errors in the Windows Update log files during update sessions.
There is some discussion of the possibly that having the WEPOS or WES
keys set to 1 might also work by itself.