POSReady 2009 updates ported to Windows XP SP3 (was: Good News - May13th Updates for Windows XP)

[XP Guy]

The original untouched updates are available only to customers who
run POSReady 2009 (Windows XP Embedded). If you're not running that
operating system, you will not see those updates.

POS - Point Of Sale (ie - cash registers, bank teller consoles, etc)

http://www.msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/

But before you get too excited, read post #20 (and beyond) in that
thread.

This might not be ready for prime time - yet.

I told you that there would be a way for these XP updates to be modded
and leaked to the web. Every PatchTuesday this is going to happen.

=================

The latest Patch tuesday updates have been easily ported to a Windows XP
virtual system - fully updated until April 2014.

The constraints are entirely artificial. Porting is easy as 1-2-3:

1. Modify update.inf file and remove the

condition=CompositeOp,OrOp,Prereq.XPInstallEmbedded.Section line from
the Prerequisite section.

2. Use a patched update.exe version 6.3.13.0 or later to accept the
modified update.inf file.

3. Compress to SFX EXE file. Delta compression optional.

I have already uploaded the files at RyanVM.net...

So Windows XP can have semi-official support until 2019! :w00t:

The update is applicable to Windows XP x64 SP2 if you remove the:

Condition=AndOp,Prereq.XPAMDInstallBlock.Section

line from the [Prerequisite] section and patch the update.exe file to
accept the modified update.inf. Instructions can be found here:

http://www.ryanvm.net/forum/viewtopic.php?p=115464#115464

The shlwapi.dll file is not an exclusive Server 2003 x64 component. In
addition there are registry keys in the INF file specific for XP
Professional x64:

[ProductInstall.ProfessionalFiles]
AddReg=Product.Add.Reg.Professional

[Save.Reg.For.Uninstall]

HKLM,SOFTWARE\Microsoft\Updates\Windows XP Version
2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%

[Product.Add.Reg.Professional]
HKLM,SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Hotfix\%SP_SHORT_TITLE%,"Comments",0,%SP_TITLE_XP%
HKLM,SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Hotfix\%SP_SHORT_TITLE%,"Fix
Description",0,%SP_TITLE_XP%

HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"RegistryLocation",0,"HKLM\SOFTWARE\Microsoft\Updates\Windows
XP Version 2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%"

HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"ParentDisplayName",0,"%PARENT_DISPLAY_NAME_XP%"
HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"DisplayName",0,"%SP_TITLE_XP%"
HKLM,SOFTWARE\Microsoft\Updates\Windows XP Version
2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%,"Description",,%SP_TITLE_XP%

and the relevant strings.

All these observations indicate that the update is applicable to XP x64
without any issues (It's not proved completely - that would require an
analysis of the patch itself, something rather difficult and not
required in this scenario).

One final note: Because these updates have been deployed on a relatively
limited number of machines (XP support has officially ended and most
users ignore the existance of these updates) testing any of them in VM
before deploying to real hardware is strongly recommended.

-----------------

With reference to this:
http://www.microsoft.com/en-us/download/details.aspx?id=42774

which is related to this kb:
http://support.microsoft.com/kb/2932079

This update resolves a vulnerability in the Microsoft .NET Framework
that could allow elevation of privilege if an unauthenticated attacker
sends specially crafted data to an affected workstation or server that
has the .NET Framework Remoting feature enabled.

it is IMHO not a patch for a vulnerability, it is a patch for generic
stupidity.

-----------------

First of all, thank you *very much* harkaz, this is beyond cool! Heading
home from work yesterday I was almost a bit giddy seeing these
semi-official patches and thinking of all the future ones that
could/will be coming our way through 2019!

Let the idiots on neowin storm off in a huff! Tell them to come back in
2019.

For myself, I only get 1 patch out of the deal (I don't have IE or any
version of "dontnet" installed). Hmm, I didn't think about POS not
having IE6. Looks like we won't get any IE 6 patches unless somebody
ports them from 2003.

Jaclaz, I agree it's a patch for general stupidity-let's hope MS
doesn;'t start patching for that, as we'll all need petabyte sized
drives.

(Seriously though, the link to the bulletin 42774 that you posted; under
'System Requirements' it states that Windows XP is a "supported
operating system" along with Windows Server 2003. But the title at the
top of the page for 42774 just says Windows Server 2003.)

Rest assured the IE6 and the IE7 patches for POSReady 2009 also exist!
I'm sure harkaz'll release modded versions of them soon, too.

----------------

The patched update.exe seems to have done the trick. The update
installed and is actually listed in my list of updates as a "Windows XP"
update! I guess Microsoft isn't going to let anyone on XP x64 install it
the easy way unless they have paid support, though. I know there's a
risk to doing this, but this isn't a mission-critical machine, anyway.
Just a laptop I use when I'm away from the big iron, to go online and
stuff with. If it were, I'd just update it to 7. Guess I'll just keep
doing this once a month until July of next year. Thanks for the help!

There is also the older WEPOS/XPe which comes with IE6 and is supported
until I think 2016 and also uses the same patches.

 

[darkrats]

Good information. It's true, some might find it problematic installing these
updates. I had touble because I run a Symantec product on my system. But I
found a way around it, I think I've seen the patched updates now on 4 or 5
different forums. There are slight differences in some of the downloads, so
more than one person is working on them. Sad to say, I'm not one of those
talented people. Good to know about the updates anyway. As time goes by,
they will likely become better able to work with more system variations.
It's exciting to me, even though it's early in the game.

The original untouched updates are available only to customers who
run POSReady 2009 (Windows XP Embedded). If you're not running that
operating system, you will not see those updates.

POS - Point Of Sale (ie - cash registers, bank teller consoles, etc)

http://www.msfn.org/board/topic/171814-posready-2009-updates-ported-to-windows-xp-sp3-enu/

But before you get too excited, read post #20 (and beyond) in that
thread.

This might not be ready for prime time - yet.

I told you that there would be a way for these XP updates to be modded
and leaked to the web. Every PatchTuesday this is going to happen.

=================

The latest Patch tuesday updates have been easily ported to a Windows XP
virtual system - fully updated until April 2014.

The constraints are entirely artificial. Porting is easy as 1-2-3:

1. Modify update.inf file and remove the

condition=CompositeOp,OrOp,Prereq.XPInstallEmbedded.Section line from
the Prerequisite section.

2. Use a patched update.exe version 6.3.13.0 or later to accept the
modified update.inf file.

3. Compress to SFX EXE file. Delta compression optional.

I have already uploaded the files at RyanVM.net...

So Windows XP can have semi-official support until 2019! :w00t:

The update is applicable to Windows XP x64 SP2 if you remove the:

Condition=AndOp,Prereq.XPAMDInstallBlock.Section

line from the [Prerequisite] section and patch the update.exe file to
accept the modified update.inf. Instructions can be found here:

http://www.ryanvm.net/forum/viewtopic.php?p=115464#115464

The shlwapi.dll file is not an exclusive Server 2003 x64 component. In
addition there are registry keys in the INF file specific for XP
Professional x64:

[ProductInstall.ProfessionalFiles]
AddReg=Product.Add.Reg.Professional

[Save.Reg.For.Uninstall]

HKLM,SOFTWARE\Microsoft\Updates\Windows XP Version
2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%

[Product.Add.Reg.Professional]
HKLM,SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Hotfix\%SP_SHORT_TITLE%,"Comments",0,%SP_TITLE_XP%
HKLM,SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Hotfix\%SP_SHORT_TITLE%,"Fix
Description",0,%SP_TITLE_XP%

HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"RegistryLocation",0,"HKLM\SOFTWARE\Microsoft\Updates\Windows
XP Version 2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%"

HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"ParentDisplayName",0,"%PARENT_DISPLAY_NAME_XP%"
HKLM,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\%SP_SHORT_TITLE%,"DisplayName",0,"%SP_TITLE_XP%"
HKLM,SOFTWARE\Microsoft\Updates\Windows XP Version
2003\SP%SERVICE_PACK_NUMBER%\%SP_SHORT_TITLE%,"Description",,%SP_TITLE_XP%

and the relevant strings.

All these observations indicate that the update is applicable to XP x64
without any issues (It's not proved completely - that would require an
analysis of the patch itself, something rather difficult and not
required in this scenario).

One final note: Because these updates have been deployed on a relatively
limited number of machines (XP support has officially ended and most
users ignore the existance of these updates) testing any of them in VM
before deploying to real hardware is strongly recommended.

-----------------

With reference to this:
http://www.microsoft.com/en-us/download/details.aspx?id=42774

which is related to this kb:
http://support.microsoft.com/kb/2932079

This update resolves a vulnerability in the Microsoft .NET Framework
that could allow elevation of privilege if an unauthenticated attacker
sends specially crafted data to an affected workstation or server that
has the .NET Framework Remoting feature enabled.

it is IMHO not a patch for a vulnerability, it is a patch for generic
stupidity.

-----------------

First of all, thank you *very much* harkaz, this is beyond cool! Heading
home from work yesterday I was almost a bit giddy seeing these
semi-official patches and thinking of all the future ones that
could/will be coming our way through 2019!

Let the idiots on neowin storm off in a huff! Tell them to come back in
2019.

For myself, I only get 1 patch out of the deal (I don't have IE or any
version of "dontnet" installed). Hmm, I didn't think about POS not
having IE6. Looks like we won't get any IE 6 patches unless somebody
ports them from 2003.

Jaclaz, I agree it's a patch for general stupidity-let's hope MS
doesn;'t start patching for that, as we'll all need petabyte sized
drives.

(Seriously though, the link to the bulletin 42774 that you posted; under
'System Requirements' it states that Windows XP is a "supported
operating system" along with Windows Server 2003. But the title at the
top of the page for 42774 just says Windows Server 2003.)

Rest assured the IE6 and the IE7 patches for POSReady 2009 also exist!
I'm sure harkaz'll release modded versions of them soon, too.

----------------

The patched update.exe seems to have done the trick. The update
installed and is actually listed in my list of updates as a "Windows XP"
update! I guess Microsoft isn't going to let anyone on XP x64 install it
the easy way unless they have paid support, though. I know there's a
risk to doing this, but this isn't a mission-critical machine, anyway.
Just a laptop I use when I'm away from the big iron, to go online and
stuff with. If it were, I'd just update it to 7. Guess I'll just keep
doing this once a month until July of next year. Thanks for the help!

There is also the older WEPOS/XPe which comes with IE6 and is supported
until I think 2016 and also uses the same patches.

 

[XP Guy]

UPDATE [22/5/2014]:

A simple registry tweak is enough for WU to show the latest POSReady
updates on Windows XP. This method has been tested and works on any XP
build.

Add the following registry keys (INF Format):

HKLM,"System\CurrentControlSet\Control\WindowsEmbedded\ProductVersion","FeaturePackVersion",0x00000000,"SP3"

HKLM,"SYSTEM\WPA\WEPOS","Installed",0x10001,0

HKLM,"SYSTEM\WPA\WES","Installed",0x10001,0

HKLM,"SYSTEM\WPA\POSReady","Installed",0x10001,1

Or use notepad to copy the following and save as .reg file and run it:

==========
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WindowsEmbedded\ProductVersion]
"FeaturePackVersion"="SP3"

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WEPOS]
"Installed"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WES]
"Installed"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
===========

Restart your computer, and make sure WindozeUpdate service is running.
You will see there are updates for you to install! And your XP PC will
continue to recieve MS patches until the year 2019.

This is for 32-bit XP. There is a different method for 64-bit version
of XP (by spoofing Windows 2003 server).

This trick works because for the purposes of WindowsUpdate, it makes WU
think you're running POS2009 (Point Of Service 2009) which is basically
XP for cash registers and other "point-of-service" PC's. Microsoft
provides update support for POS2009 until 2019.

 

[DK]

UPDATE [22/5/2014]:

A simple registry tweak is enough for WU to show the latest POSReady
updates on Windows XP. This method has been tested and works on any XP
build.

I tested it today. I work just fine. "POSReady" updates show up
in WU and after they get installed, the uninstall displays them
as "Security update for Windows XP".

The exact content of the *.inf file:
**********************************************************************
[Version]
Signature=$CHICAGO$

[DefaultInstall]
AddReg=Add.Settings

[Add.Settings]
HKLM,"System\CurrentControlSet\Control\WindowsEmbedded\ProductVersion","FeaturePackVersion",0x00000000,"SP3"
HKLM,"SYSTEM\WPA\WEPOS","Installed",0x10001,0
HKLM,"SYSTEM\WPA\WES","Installed",0x10001,0
HKLM,"SYSTEM\WPA\POSReady","Installed",0x10001,1
*********************************************************************

This probably will not last because MS will soon realize that there is
surprising number of cash registers connecting in from residential
addresses

DK

Add the following registry keys (INF Format):

HKLM,"System\CurrentControlSet\Control\WindowsEmbedded\ProductVersion","Feature
PackVersion",0x00000000,"SP3"

HKLM,"SYSTEM\WPA\WEPOS","Installed",0x10001,0

HKLM,"SYSTEM\WPA\WES","Installed",0x10001,0

HKLM,"SYSTEM\WPA\POSReady","Installed",0x10001,1

Or use notepad to copy the following and save as .reg file and run it:

==========
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WindowsEmbedded\ProductVer
sion]
"FeaturePackVersion"="SP3"

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WEPOS]
"Installed"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\WES]
"Installed"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001
===========

Restart your computer, and make sure WindozeUpdate service is running.
You will see there are updates for you to install! And your XP PC will
continue to recieve MS patches until the year 2019.

This is for 32-bit XP. There is a different method for 64-bit version
of XP (by spoofing Windows 2003 server).

This trick works because for the purposes of WindowsUpdate, it makes WU
think you're running POS2009 (Point Of Service 2009) which is basically
XP for cash registers and other "point-of-service" PC's. Microsoft
provides update support for POS2009 until 2019.

 

[Todd]

This probably will not last because MS will soon realize that there is
surprising number of cash registers connecting in from residential
addresses

DK

So M$ actually has the updates, but is withholding
them from the general public.

Oh well, that is what is bound to happen when
the same folks that own the roads also sells the
cars that run on it.

If Linux ever takes off, it will put an end to
this scurrilous behavior.

Now a regular business would just sell a subscription,
but ...

 

[Paul]

If Linux ever takes off, it will put an end to
this scurrilous behavior.

Actually, no it won't.

Linux is perfectly capable of
exactly the same scurrilous behavior.

That's why the package manager for my 7.04 copy
of Ubuntu, doesn't do anything. The servers are
turned off. I wanted to do a simple thing, like
get a copy of GCC for that distro, and compile
a package from source, and I couldn't even do that.
The disc doesn't have enough dev tools on it,
to bootstrap an environment in it.

*******

In Linux, there is a slight difference in
how distros distribute things.

In Gentoo, you do everything from source.
The distro is a "rolling" distro, meaning you never
have to reinstall the OS. The packages in the OS evolve,
you download updates, do another "build" of the World,
and you're up to date. This idea has rough edges,
and I've had to abandon Gentoo installations, when I
could no longer "move forward" or "move backward"
because something in the source tree broke. Basically,
to easily maintain Gentoo, you must to maintenance
regularly (weekly). Allowing too many changes to accumulate,
things could break and only an expert can get you
out of it. I left my distro for around nine months,
and when I tried to do maintenance, I was stuck.

In such an environment, if you downloaded all the source
(many gigabytes), you could basically do anything you
want with it. Since you have all the source, no one
can hold you hostage.

Other Linux setups (like Ubuntu), are binary distros.
They use a package manager, and you just download
pre-compiled code to the desktop. The lifecycle policy
on the Ubuntu web site, tells you how long the
servers will provide packages for that version of OS.
After that date, you can't get anything.

Since Gentoo is a source based distro, the source is
easy to get from a mirror site. With Ubuntu, they don't
exactly make all the source easy to get (they don't put
the source for all 15,000 Debian programs onto a giant
ISO for you).

With a binary distro, you're accepting the convenience
of pre-compiled binaries, with the understanding
of a strict lifecycle and cutoff date. Just like
WinXP had.

While POS2009 may have WinXP-like updates, it will
only have been tested on whatever constitutes POS2009
equipment and configurations. You could download one
of those updates, and discover it bricks some subsystem
on your WinXP. You don't have the assurance of as
broad a test plan. And certainly, someone manning the
phone line at Microsoft, for Windows Update, will tell
you to piss off, if you approach them with a POS2009
bug when it is applied to WinXP Desktop.

Paul

 

[Todd]

Actually, no it won't.

I am afraid you are right. Vista would have
done the trick, but people just suffered.
Folks are just suffering with Frankenstein
(W8) too. No one wants to be "different".
Getting a Windows user off of Windows is like
trying to get q drug addict off of crack cocaine.

Linux is perfectly capable of
exactly the same scurrilous behavior.

That is just wishful thinking on the part of
folks that like M$.

You can not run as an administrator and a user at the
same time. M$ makes it too easy.

You would never believe the crap on Windows I stop when I
take a user's administrator rights away.

Also, if you have time, take a look at this (SE Linux):
http://en.wikipedia.org/wiki/Security-Enhanced_Linux
Just try and hack that!

-T

 

[Paul]

Just try and hack that!

Never under-estimate the impact a user can have.

I could pop up a window that looks like
the Package Manager, get you to type in
the root password when prompted, then use
that password to do what I wanted. Phishing
is good enough.

When it comes to hacking things, it doesn't
have to be elegant. It just has to work.

Paul

 

[Todd]

Never under-estimate the impact a user can have.

You have a point there. The bad guys are looking
for "low hanging fruit". The user will never
cease to provide them with bushels and bushels.

I doubt that many of the bad guys will bother trying
to hack a system much any more. Just to easy to
trick the user. Just look at all the junkware the
users fall for!

I have clean off buckets of junkware from a computer and
had the same kind of crap (not necessarily the same ones)
back on their computer in a week. Yikes! The solution
is to take away their administrator's rights, like is
done on OSx and Linux. There is definitely a personality
involved with junkware.

I could pop up a window that looks like
the Package Manager, get you to type in
the root password when prompted, then use
that password to do what I wanted.

And when they call me to ask what their
root password is, I will shut them down.
Uses have the damnedest time remembering their
passwords (especially their wireless ones).

But, you do have a point. So far they haven't
employed this method with OSx and Linux yet.

Phishing
is good enough.

When it comes to hacking things, it doesn't
have to be elegant. It just has to work.

Paul

Here is a nice article from Security Focus on Linux
vs Windows and viruses.

http://www.securityfocus.com/columnists/188

Love the tag line:
To mess up a Linux box, you need to work at it;
to mess up your Windows box, you just need to
work on it.

-T

 

[Mr. Man-wai Chang]

This might not be ready for prime time - yet.
I told you that there would be a way for these XP updates to be modded
and leaked to the web. Every PatchTuesday this is going to happen.

Good job in my opinion...

--
@~@ Remain silent. Nothing from soldiers and magicians is real!
/ v \ Simplicity is Beauty! May the Force and farces be with you!
/( _ )\ (Fedora 19 i686) Linux 3.14.4-100.fc19.i686
^ ^ 19:24:03 up 1 day 4:22 0 users load average: 0.00 0.01 0.05
ä¸å€Ÿè²¸! ä¸è©é¨™! ä¸æ´äº¤! ä¸æ‰“交! ä¸æ‰“劫! ä¸è‡ªæ®º! è«‹è€ƒæ…®ç¶œæ´ (CSSA):
http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa

 

[XP Guy]

So M$ actually has the updates, but is withholding
them from the general public.

In the psychopathic mind of Macro$haft, Windows XP-SP3 and POSReady 2009
are two completely different products, and hence they are not
withholding anything from XP-SP3.

In the rational and practical mind of the rest of us, POSReady 2009 and
XP-SP3 are the same operating system - but with different license
agreements (which naturally is of no consequence or concern to us).

By the way, if you had done it today (and selected "Custom" instead of
"Express" installation), this is what you'd see:

3 Critical updates:

================

Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Server
2003
KB2932079 - MS14-026
http://support.microsoft.com/kb/2932079
Download size: 1.1 MB , less than 1 minute

A security issue has been identified in a Microsoft software product
that could affect your system. You can help protect your system by
installing this update from Microsoft. For a complete listing of the
issues that are included in this update, see the associated Microsoft
Knowledge Base article. After you install this update, you may have to
restart your system. Details...

==============

Security Update for WEPOS and POSReady 2009
KB2926765 - MS14-027
http://support.microsoft.com/kb/2926765
Typical download size: 275 KB , less than 1 minute

A security issue has been identified in a Microsoft software product
that could affect your system. You can help protect your system by
installing this update from Microsoft. For a complete listing of the
issues that are included in this update, see the associated Microsoft
Knowledge Base article. After you install this update, you may have to
restart your system. Details...

==================

Security Update for Internet Explorer 8 for WEPOS and POSReady 2009
KB2953522 - MS14-029
AKA Security update for Internet Explorer versions 6, 7, 8, 9, 10, and
11: May 13, 2014
http://support.microsoft.com/kb/2953522
Download size: 3.2 MB , less than 1 minute

A security issue has been identified in a Microsoft software product
that could affect your system. You can help protect your system by
installing this update from Microsoft. For a complete listing of the
issues that are included in this update, see the associated Microsoft
Knowledge Base article. After you install this update, you may have to
restart your system. Details...

===================

Now you go ahead and read those microsoft links. And if you really want
to be so frighted about the state of your XP system less than a month
after "official" end-of-support, you'll read these:

http://www.pcworld.com/article/2154...ttackers-a-roadmap-to-xp-vulnerabilities.html

http://www.zdnet.com/microsoft-patches-office-sharepoint-and-windows-leaves-xp-behind-7000029405/

As you read them and notice the MS14-what-ever numbers they mention, go
and glance at what updates you could be installing right now if you
follow my instructions. Those are the same updates being offered to
Win-7 and various other platforms - but not for XP.

Yes, I updated an XP-SP3 system with those 3 critical updates.

And then I selected a bunch of suggested updates (there were about a
dozen of them). One of those was a root certificate update (dated Nov
2013) that for some reason Micro$haft wasn't offering to me before.

One day, maybe soon, you'll realize that yes, POSReady 2009 is XP-SP3
with a different license agreement, and you'll be dying to get those
updates on your systems. So you can thank me now, or thank me later.

And no, Micro$haft will do nothing to prohibit this in the future. The
millions of various POS systems around the world are too important to
**** with by trying to make some change that will prevent this hack from
working on "real" XP systems.

Mark my words. Hear me now and believe me later.

In the mean time you can all shout "We're not worthy!".

 

[Jon Danniken]

You can not run as an administrator and a user at the
same time. M$ makes it too easy.

Sure you can, just give your user administrative rights, or just log in
as root; it's not the best idea, but you can do it.

Jon

 

[Todd]

Sure you can, just give your user administrative rights, or just log in
as root; it's not the best idea, but you can do it.

Jon

Hi Jon,

You actually have to know how to do that. Out of the
box, you don't get those rights. You have to work at
it. And "why". Everyone just leaves it at the default.
And the installer harasses you for proper passwords.

Not with Windows. You get those rights right out
of the box. You can even have blank passwords without
being harassed. M$ makes it too easy.

With Linux, you have to work at it. With Windows,
all you have to do in work on it.

There is no excuse for how sloppy M$ is with security.

-T

 

[Todd]

So M$ actually has the updates, but is withholding
them from the general public.

Oh well, that is what is bound to happen when
the same folks that own the roads also sells the
cars that run on it.

If Linux ever takes off, it will put an end to
this scurrilous behavior.

Now a regular business would just sell a subscription,
but ...

M$ noticed!

http://www.infoworld.com/t/microsoft-windows/unofficial-xp-update-has-microsoft-in-arms-243183

 

[casey.o]

This trick works because for the purposes of WindowsUpdate, it makes WU
think you're running POS2009 (Point Of Service 2009) which is basically

And I always thought POS meant "Piece of Shit"