Big deal... Rollup Updates have been around forever on RyanVM and I've been making integrated install CDs with RVMi and nLite for years.

I do not think it is merely a rollup, but a way to tick MS updates into thinking your consumer Windows XP it is an XP embedded variant, for which security updates are still being produced.

A detailed list of fixes can be found here, but of particular interest is POSReady. The POSReady security hack was announced in May and it takes advantage of a Microsoft loophole that provides security support for ‘Windows Embedded POSReady’ (now called ‘Windows Embedded Industry’) which will last until 2019. Emdedded Industry is a b2b-focused variant of Windows XP running Service Pack 3.

How it works is the POSReady hack tricks Microsoft servers into thinking consumer versions of Windows XP are in fact Embedded Industry and therefore supplying them with security updates. Rightfully critics have noted that the two OSes are not identical which could cause problems, but it has proved a fruitful route so far. The hack was fairly simple, but automating it within a wider update will appeal to many.

After reading that article, the thought came to me that perhaps Microsoft could offer an operating system for sale called Windows XP OSR2. It is essentially the same as Windows XP SP3, except that you the consumer have to purchase OSR2 to continue receiving security updates.

Here we go again with the security paranoia...

Apparently people think that there are hundreds of hackers just waiting to hack into their computers and if they don't have the latest security update, their PCs turn into huge bullseyes.

Guess what, your data isn't that important! Hackers want to break into servers which hold sensitive information such as bank account details etc. They don't want to waste their time browsing through the porn you've downloaded. Stop watching bad TV documentaries and get into your head that The Matrix is just a movie!

Seriously, just run a firewall and an antivirus and you will have all that you actually need for your home computer security needs, unless you keep nuclear missile launch codes on your hard drive.

feipoa wrote:

I do not think it is merely a rollup, but a way to tick MS updates into thinking your consumer Windows XP it is an XP embedded variant, for which security updates are still being produced.

That part of it is just a single registry entry, no more no less.

I also don't know what is the real difference with other patch collections/rollups. Will have to wait out for a localized version anyways...

Yasashii wrote:

Here we go again with the security paranoia... […]
Show full quote

Here we go again with the security paranoia...

Apparently people think that there are hundreds of hackers just waiting to hack into their computers and if they don't have the latest security update, their PCs turn into huge bullseyes.

Guess what, your data isn't that important! Hackers want to break into servers which hold sensitive information such as bank account details etc. They don't want to waste their time browsing through the porn you've downloaded. Stop watching bad TV documentaries and get into your head that The Matrix is just a movie!

Seriously, just run a firewall and an antivirus and you will have all that you actually need for your home computer security needs, unless you keep nuclear missile launch codes on your hard drive.

They don't need to hack and the vast majority of the people out there are of no real interest for surveillance reasons. However there is always a small few and it doesn't take much to pop up on the radar if you know what they are keeping tabs on.

Yasashii wrote:

Guess what, your data isn't that important! Hackers want to break into servers which hold sensitive information

What about wannabe hackers that are starting to learn the basics, would'nt they choose an easier target like, say, an old OS with documented security issues and a random PC on the net WITHOUT the correspondent security updates?!?!?!?!?!

There are people who still want to run XP on a rig for daily usage?

Every time I have to do something on a server running 2003 R2 or a machine running Windows XP I cringe at how ancient it feels.

m1919 wrote:

There are people who still want to run XP on a rig for daily usage?

Every time I have to do something on a server running 2003 R2 or a machine running Windows XP I cringe at how ancient it feels.

Why wouldn't people continue to use Windows XP? Because MS said so? Because some "security firm" was paid off by MS to spread FUD just to get people to buy the latest version of Windows? Like the old saying goes, if it ain't broke don't fix it.

There are even hundreds that still use Windows 98 SE even unto this day... they install the unofficial SP3 for Windows 98 SE, and KernelEX and they are set and able to use most up-to-date apps.

Windows 2000 and Windows XP were the last decent Windows NT-based versions Microsoft released. Vista was total crap, and 7 is pretty much a resource hog (at default), even trimmed down Windows 7 is a bit of a hog.

However i'll admit I really do enjoy Windows 98 SE more than XP though.

Windows 7 is actually pretty decent, with some aggressive optimizations. Of course, you still need decent hardware to make the most of it. Even though I've seen it run on systems as lowly as a Pentium 4 with 1GB of RAM, I wouldn't run it on anything less than a beefy Core 2 Duo with 4GB.

I prefer Vista over XP. 😊

Over 75% of the PC's that come into my shop for repair are still running XP and most aren't in the slightest bit interested in the fact that it's now obsolete.

TELEPACMAN wrote:

What about wannabe hackers that are starting to learn the basics, would'nt they choose an easier target like, say, an old OS with documented security issues and a random PC on the net WITHOUT the correspondent security updates?!?!?!?!?!

Well, yes, that's why I said you should have a firewall running. Those "hackers" who are still learning the basics should find that an obstacle difficult enough to go around so that they skip your PC and look for one without a firewall.

I still use XP to browse the net. 2GB of RAM, nVidia onboard video and a sempron.

I would still be using 98SE if the internet was a little more vintage browser friendly and I knew I wouldn't be exposing my network to unnecessary risk in doing so.

Required Flash and HTML5 is the common stopper for Win9X browsing anyhow. So is Java Runtime, but that however has become increasingly irrelevant these days (thank god!!!).

If Flash's refusal for older OS doesn't stop you, the insane CPU usage for video playback will. 🙁

I use XP as my main computer, and run Win2k on another internet machine. I don't think my XP has even been fully patched yet, I've never been diligent about updating it. This trick sounds interesting, but ultimately it isn't something I'm worried about.

I'm a big believer in firewalls, but I don't think it takes anything fancy to protect a home user. Most people are behind a router nowadays. In that case I don't think a local firewall is necessary, but it doesn't hurt. Those few who plug a modem directly to their PC definitely need a firewall installed though. WinXP provides one. It's simple, and it's good enough IMO. It basically does the same things a NAT router would do.

The biggest security problem affecting home users is people downloading and installing viruses. They need to stop that, no matter what operating system they have. I hate real-time antivirus apps and prefer to just screen what I install beforehand, and I keep an archive of clean installers. But if some people want to run a real-time antivirus, fine that works too. Either way, this isn't an OS issue.
I've had a virus exactly once, back in the early part of the last decade, and it was for a specific, identifiable reason. It wasn't anything that needed paranoid security to prevent, I just needed to not be stupid. I was stupid, so I got a virus. I learned my lesson and that was it.

When they're not downloading it intentionally, there are 2 likely vectors for a virus to magically teleport itself onto somebody's home computer. The first is through USB autorun, which should always be disabled. XP needs this done manually, but it can be done.
The other is through scripting exploits in their web browser. This is an unnecessary but genuine problem thanks to the way modern sites are designed, and the browsers that dutifully support this nonsense. NoScript addresses that, and this isn't an OS version issue either.

As a failsafe, it's often recommended in principle that users run their PC as restricted users without admin rights. If one wants to do this, it can be configured under XP or any NT OS, it doesn't take Vista78 to set user permissions. The "Run As" service allows running a program as administrator when needed. Vista just made this the default configuration and added a flashier, more annoying prompt.

Windows versions after XP are designed to protect people from themselves. Some people need this, but many don't, and for them it's fine to keep running Windows XP, 2000, 3.1, or a Commodore 64. Microsoft would love to scare people away from XP, and sadly it will probably work. I don't really care about Microsoft supporting it, but when 3rd party apps drop it, that's when I'll be disappointed.
I'm going to be really ticked off when I can't play my Steam games on XP anymore.

Nicely put Shamino.
I run XP in my PC shop, mainly because I always need to have an XP machine handy and an x86 OS at that.
In fact, I've had that machine running at my sales counter since 2009, fully used daily and for testing kit from customer PC's and never a virus or any form of attack.
In my experience, autorun is the single biggest culprit, a common denominator if you will.
I live in a country where piracy seems to be the de facto standard and the common denominator of almost all the PC's I have to clean up is Ares and its ilk.
I'll be installing XP Pro x86 on both of my main PC's this week, for no other reasons than I want certain games compatibility without all the faffing about and I always liked XP, but acknowledge that 7 was a big improvement.

I do think the modern internet, with interactive content such as javascript, can be a threat to a browser and the OS behind it. I think browser configuration, such as using NoScript, is an important factor.

It seems the availability of security patches for browser and OS is also something that definitely matters. I was trying to find objective opinions on this matter, and there was no IT consulting agency that still considered XP connected to the internet after april 2014.
That was just before the POSready trick was posted.