Microsoft Warns Against XP Hack for Updates

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
The "fixes" won't address all XP flaws and leaves users wide open.
A new hack that tricks Microsoft update servers into sending security patches to outdated XP machines is a dangerous path to go down, the Redmond giant is warning.

Microsoft discontinued support for the 13-year-old Windows XP back in April, leaving millions of machines open to zero-days that will never be fixed. Despite months of warnings about an oncoming hacker apocalypse for XP users and ongoing, high-profile articles in news outlets like this one, users are persisting in sticking with XP as an operating system, either out of budget constraints or a fear of change.

The “hack” is a small change within Windows XP registry that makes it look like Windows versions that are still supported until 2019. The folks at BetaNews figured it out and detailed how to accomplish it.

There’s only one issue: the updates that Microsoft will be pushing out won’t be addressing any flaws that are specific to XP itself.

“The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers,” Microsoft said in a statement released to ZDnet. “Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.”

Explaining the issue in more detail, Jerome Segura, senior security researcher for Malwarebytes told Infosecurity that users are getting more than they bargained for – in a bad way.

“This hack is remarkably simple because it only takes adding one registry key and then, all of a sudden, Windows Updates thinks you are running an XP subversion,” he said. “Users that apply the hack will see patches that are not going to be released for the XP mainstream version, such as an important security update for IE8. While it may be tempting to use this hack, users should bear in mind that Microsoft did not intend for those upcoming updates to be applied on regular XP. In other words, you are entering into an unfamiliar territory at your own risk.”


Read more: http://www.infosecurity-magazine.com/view/38612/microsoft-warns-against-xp-hack-for-updates/
 
  • Like
Reactions: yigido

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
Lol well got to give them points for creating a hype on how bad XP is.
Lol that reminds me how crap always must have been as these hackers do not suddenly overnight turn on XP.
Given the fact that Windows 8 got bounced by German, Dutch, France and Chinese government they got to do something to get their slaes up.
Lol pathetic.
 

Oxygen

Level 44
Verified
Feb 23, 2014
3,316
People should really get windows 7........

People are just too lazy.... uhhhgg
 

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
People should really get windows 7........

People are just too lazy.... uhhhgg

Nothing to do with lazy. Most governments and local authorities run XP as its just great for what they need.
Windows 7 could work to but XP seems to have the job done for the past what? 11 years or so? And they did not get hacked then, so they probably will not get hacked now. given the huge amount of additional software and security applications running on such networks.
 
  • Like
Reactions: Jack

Oxygen

Level 44
Verified
Feb 23, 2014
3,316
Nothing to do with lazy. Most governments and local authorities run XP as its just great for what they need.
Windows 7 could work to but XP seems to have the job done for the past what? 11 years or so? And they did not get hacked then, so they probably will not get hacked now. given the huge amount of additional software and security applications running on such networks.
Why did microsoft end support when alot of people still use XP..?

I don't understand microsoft's decisions 95% of the time.
 

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Nothing to do with lazy. Most governments and local authorities run XP as its just great for what they need.
Indeed. Also changing the operating system from XP to 7 with a government agency or corporation has a lot of costs. (training people, hardware and software costs). Even so, with all this bad campaign I'm sure that almost everyone will move on from XP in a matter of months.
 

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
Why did microsoft end support when alot of people still use XP..?

I don't understand microsoft's decisions 95% of the time.

Uhhhm let me Google that for you.

Accessing Google......
Stand by
Uhmmm alright Google failed to produce a reply to this.
So lets ask my cat, he usually knows.

cat-money-gangster-300x277.jpg


Hmm i wonder what he means with that LMAO>
 
  • Like
Reactions: ravi prakash saini

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
Indeed. Also changing the operating system from XP to 7 with a government agency or corporation has a lot of costs. (training people, hardware and software costs). Even so, with all this bad campaign I'm sure that almost everyone will move on from XP in a matter of months.

Actually i know for a fact that the Dutch, German and France government has bought a package from MS that allows additional support up to 2016.
Because home support for XP will be dropped but business specially governmental contracts will go even beyond that.
If MS would force those governments to change it will cost MS a huge amount of money. Because all the software operating on XP GOV clients is tailor made, you cannot change that around overnight and migration will take at least a year and even then it will still rely on the old system as back up.
 
  • Like
Reactions: Jack
D

Deleted member 21043

Yes, and this is why they decided to stop supporting it... Maybe if they hadn't ended support none of this would have happened, but NO! They don't even care.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
We can expect more of these cases, if they don't switch to a more secure platform.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top