Category Archives: Windows XP

Not recommended: tricky way to obtain Windows XP updates

Someone recently discovered that it’s possible to trick Windows Update into providing updates for Windows XP.

Recall that even though Microsoft has stopped issuing updates for Windows XP to the general public, they are actually still developing updates – for paying customers.

The trick for obtaining updates for Windows XP involves changing a setting in Windows that makes Windows Update think that it’s actually running a variant of Windows XP that’s still supported, namely ‘POSReady 2009’.

There are all kinds of problems with this, starting with the likelihood that Microsoft will find a way to stop it. In short, if you’re desperate to keep running Windows XP and you want to install the available updates, and you’re willing to take the risk of totally messing up your system, it might be worth a try. But I seriously cannot recommend it.

Update 2014Jun04: For those of you who can’t resist the temptation to try this, the procedure is outlined in this betanews.com blog post.

Microsoft issues special update for Internet Explorer

We recently reported on a serious vulnerability affecting all versions of Internet Explorer that is being exploited on the web.

Well, it appears that Microsoft sees this vulnerability as very serious, because they are planning to release an update – later today – that addresses the problem. This is an ‘out-of-band’ update, meaning that it’s considered too important to wait for the next Patch Tuesday.

Just in case you were wondering, this vulnerability affects all versions of Internet Explorer on all versions of Windows, including Windows XP. But the patch will not be made available for Windows XP computers.

Update 2014May02: Surprisingly, Microsoft has decided to make this update available for Windows XP. I confirmed this by running Microsoft Update on my WinXP test system: security update 2964358 was offered, and I installed it without any difficulties. Reading through the associated bulletin (MS14-021) there is no explanation for this decision, but there is confirmation, in the section titled “Security Update Deployment
– Windows XP (all editions)”, and in a related post on the MSRC blog. The Verge has additional details, as does Ars Technica. The Ars Technica post includes the official explanation from Microsoft:

Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded) today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.

Update 2014May02: Another Ars Technica post makes the argument that releasing a patch for Windows XP was a mistake. The moment of truth will be Patch Tuesday for May 2014: will Microsoft stick to its guns and leave Windows XP out of the next set of patches?

No more updates for Windows XP – what now?

RIP Windows XP. At least from Microsoft’s point of view. In fact, use of the O/S continues, and will probably do so for years.

First, let’s get one thing out of the way: it’s not a good idea to keep running Windows XP. If your XP computer is never connected to the Internet, then you have much less to worry about, but continuing to use XP on a computer that is connected to the Internet is risky. Especially if you’re also still using Internet Explorer, in which case you will almost certainly end up with malware of some kind in the very near future.

Anyone who can’t or won’t upgrade from Windows XP should take certain precautions. Check out the Windows XP page on this site for some useful tips.

If you want to do the responsible thing and move away from Windows XP, what are your choices? The best option at this point is Windows 7. You can still buy Windows 7, but Microsoft says that they will stop selling it in February 2015. I’ll be updating the Windows 7 resources on this site to provide XP -> 7 migration tips in the near future.

Other possibilities – for the more adventurous – include Linux and Chrome OS. Linux comes in many flavours, but one in particular is designed to make Windows user feel at home: Zorin OS (free). Chromium OS from Google was designed to be used with its inexpensive and simple ChromeBook computers, but it can be installed on regular PC hardware. It’s free, but probably only useful for users with basic requirements. It runs on top of Linux.

There are loads of articles on the web about the ‘XPocalypse’ – as it’s come to be known. Ars Technica has this: ‘The XPocalypse is upon us: Windows XP support has ended‘.

British and Dutch governments paying for Windows XP updates after April 8

It’s long been understood that Microsoft would continue to produce updates for Windows XP after support officially ends on April 8, 2014 – for anyone willing to pay. What hasn’t been known for certain is whether anyone would actually pay.

Now, as reported by Ars Technica, the British and Dutch governments have apparently decided to delay upgrading thousands of Windows XP computers, and have contracted with Microsoft to continue supporting Windows XP.

This raises some interesting possibilities. It seems likely that at least one person who works in the British government will find a way to leak new Windows XP security updates to the rest of the world. Microsoft may have measures in place to prevent this, but people are inventive, and would probably find workarounds. Then again, would you trust a supposedly-official update that you obtained from a shady download site? One can imagine Microsoft relenting, and making the updates available to everyone, just to stop the spread of tainted updates.

Another possible scenario is that a flood of hacks, attacks and malware, all based on previously unknown Windows XP vulnerabilities, have such a huge impact on the Internet, that again Microsoft relents and makes updates available to everyone.

If Microsoft does give in and continue making updates available for everyone, what does that mean for the British and Dutch governments? Will they demand refunds from Microsoft? Each has apparently paid many millions of dollars for the updates, so it would be completely reasonable to want it back if the updates became available for free.

This is going to get interesting…

Update 2014Apr15: Add the US Internal Revenue Service to the list of organizations paying Microsoft for Windows XP support and patches.

Update 2014Apr21: Apparently Microsoft just reduced the price tag for Windows XP patches. Presumably they looked at the current Windows XP usage numbers and decided it’s less important to gouge corporate clients than it is to make sure Windows XP systems are patched.

Millions of computers still running Windows XP

With less than a week to go before Microsoft ends support for Windows XP, over 27% of Internet-connected computers are still running the venerable O/S, according to an Ars Technica report.

Microsoft has clearly been unable to convince XP users to switch to another O/S, and the days and weeks following April 8 will likely be filled with stories about new malware and attacks on XP-based systems.

MSRT will still be updated for Windows XP after April 8

Microsoft’s Malicious Software Removal Tool (MSRT) checks for and attempts to remove known malware from Windows computers during the Windows Update process.

Previously, it was assumed that MSRT would stop being updated for Windows XP once support for that O/S ends in April. A few weeks ago, Microsoft confirmed that it will continue to update MSRT on Windows XP computers until July 15, 2015.

This is good news for anyone who will still be running XP after April, but it’s important to note that MSRT is not a substitute for a full anti-malware solution, and should not be seen as protection against the flood of malware, targeted at Windows XP computers, expected to appear after April 8.

Windows XP will nag you to upgrade after support ends

Microsoft will prod you to upgrade your Windows XP computers after support for that O/S ends in April.

According to Ars Technica, a message will pop up on the 8th of every month, starting on March 8, 2014. Although this may be viewed as a nuisance by some users, at least the message has a “don’t bother me again” checkbox.

Microsoft is also working on making the transition easier with migration tools and a web site that tells visitors whether they are in fact running Windows XP. And they are encouraging tech-savvy people to assist friends and family with upgrading.

The Windows XP end-of-support site is a good starting point for anyone still running XP.