Windows XP

MS Windows Malicious Software Removal Tool, MSRT, is a free download that can do a quick or full scan along the lines of Malwarebytes.

I think it gets security descriptions via monthly MS Tuesday patches.

IT guys....Do I need to run this, or is it already automatically being done by the OS???

Meaning there was no need to download it as Windows KB890830-V5,9.exe

Pretty sure MS recently said something about continuing, not just MSE, but also sending the Tuesday security info that MSRT needs.

If I am on the right track, and if you trusted that MS does not need to have excessive reports of virus infection and malware, then with the MSE antivirus and MSRT malware detection/removal, an XP user actually has credible security measures in place.

Somewhat changing the subject- other than a lot of ATM machines running XP (albeit, modified), a lot of large industrial power systems apparently use it (link to a WSJ blog). I read recently about a large industrial system, delivered this year, running XP.

That's a huge reason to go Open Source- a system running a *nix system (or BSD) could be supported by 3rd parties easily.

Gdetrailer wrote:
...
The biggest security threat is the USER of the PC and MS has never written a patch to fix the USER issues. ...

Bing! Bing! Bing! We have a winner! Give that man a Kewpie doll.

gdetrailer, having read numerous books on the subject that differ with your information regarding the roots of NT, we will have to just disagree. As I said, calling it "NT OS/2" was a marketing ploy only and the 2 OSes have no common lineage. Here is an excellent reference on how NT came about, both historically and technically.

We will also have to disagree on what kind of kernel XP has. Here is one of many references that can be found addressing the issue.

We will also have to disagree that most XP fixes are for the kernel. I referenced a site that clearly disproves that notion, but you can believe what you like.

I've been developing for Microsoft since DOS 2.0 and while I've never developed any kernel mode software I'm intimately familiar with the Windows architecture and where the bugs lie. I know how to read CVEs and what the files in a patch are (check to see how many times ntoskrnl.exe appears in a KB if you want to know how many times XP has had its kernel patched).

Again, feel free to continue to use XP. It was an excellent OS. My point is that saying it's secure and will continue to be so after support ends is misguided.

Bwanshoom writes “You might want to double-check your OS history a bit. NT had nothing to do with OS/2 other than marketing. If anything it was closer to VMS because they were designed by the same person, Dave Cutler. The NT family and Windows family were entirely different. It wasn't until Windows 2000 that they merged.

(And I'm pretty sure OS/2 wasn't built on top of any other OS, it was entirely homegrown between Microsoft & IBM initially, later just Big Blue)”

I HAVE the facts straight, I lived those days of the early OS wars..

Here is a quick overview of O/S2 and how NT has “roots” from it..

O/S2 was initially a“joint” venture between MS AND IBM, then later was further “developed” by IBM exclusively after the falling out of MS and was initially released as OS/2 1.1 in 1987 as a command line OS (no GUI, later releases added GUI).

MS and IBM had a “Joint Development Agreement” from 1985 until 1990 when the agreement fell apart by MS introducing Windows 3.0 which was “bundled” with new Non IBM PCs and sold well. OS/2 was only available exclusively from IBM on select IBM computers and wasn’t selling.

OS/2 was intended to be a “protected mode” successor of “PC DOS” (PC DOS was ALSO a “joint venture” between MS and IBM by customizing MS DOS version slightly), basic systems calls modeled after DOS calls which created common “family mode” programs which could be used in both DOS and OS/2. Because of this O/S2 “shares” similarities between Unix, Xenix, AND WINDOWS NT in many ways..

1988 MS started working on their own version of OS/2 after MS developers became frustrated with the progress of IBMs programmers and the direction IBM was taking. MS own version of O/S2 was originally named NT O/S2 3.0 and later was renamed as Windows NT as its released name..

Interestingly enough Windows NT original release shared the same O/S2 file system “attributes” of O/S2 HPFS (High Performance File System) which MS renamed as NTFS (NT File System) and had the same DOS Fat16 limitations for partition sizes (that limitation followed NT up into early versions of NT4.0 NTFS).

If you don’t think that the Windows you are using today has no common “roots” with O/S2, think again..

“Also, XP was the first desktop Windows version to use a hybrid kernel or "macrokernel". So XP, Vista, Windows 7 & 8 are all hybrid kernels, as opposed to the older monolithic kernel used in Window 95 and all prior versions. The kernel architecture doesn't have to change to cause issues with driver compatibility. Microsoft has tried to improve their driver model with each new release (and anyone who's used Windows for more than 3 versions can attest it's gotten *so much better*.) But changes in their driver manager or requirements can cause older drivers to not work on newer versions. The kernel architecture is rarely the cause.”

Vista actually is the first implementation of “macrokernel” and was released AFTER XP. XP drivers do not work with Vista but yet you could in a pinch use Win2K drivers in XP rather successfully.

There IS a big difference between XP, Vista and Win7, so much so there is no direct “upgrade” from XP to Vista or XP to Win7. If you have XP and wanted to upgrade to Vista or Win7 you HAVE to do a from scratch install.

“Not all security issues reside in the kernel, as your post seems to allude. In fact, very few do. They exist mostly in user mode built on top and in that case there is much code shared between Windows XP and its successors.”

Most of the security patches that have been released strictly revolve around the kernel more so than anything else, IE browser patches are treated separately and technically are not really married to the version of OS it is on.. What you will find though is all IE versions of 6 or below will no longer be patched..

IE 6 is what shipped with XP, IE 7 was default browser shipped with Vista and IE 8 shipped with Win7. BUT you CAN upgrade IE from 6 to 7 or 8 and BOTH IE7 and 8 will run on XP.

Since Vista (with IE7) and Win7 (IE8) are STILL “supported” both IE7 AND IE8 will most likely still be patched..

Pretty much anyone who has XP WILL have been “forced” to upgrade IE to 7 or 8 years ago since 99.9% of the Internet sites now REQUIRE IE7 or higher to use..

This means that XP WITH UPGRADED IE7 or 8 will continue to get periodic IE7 or IE8 updates until the day the OS which they shipped with is no longer supported.. Get that?

“And don't forget that the browser is the #1 vector of security vulnerabilities - it has nothing to do with the kernel (directly) and will not be patched going forward. I'm willing to bet that a lot of people who continue to use XP after its end of support life will be running IE8.”

Which is why I am NOT scared to continue to use XP.. I don’t use IE6 or below (but who in the world can really use those versions now days, virtually no websites “support” below IE7.

No big deal, pretty simple actually to install FireFox and you get additional security which has been far better than IE with addons like Adblockplus, noscript and so on.. Not to mention that IE8 IS the “default” browser for Win7, if you have IE8 on XP, you should still get “updates” for that version..

The biggest security threat is the USER of the PC and MS has never written a patch to fix the USER issues.

I found out years ago that IE no matter how up to date the patches were, it is full of security holes..

It only took getting hit twice while browsing with malware with a virus payload to dump browsing with IE and install FireFox..

Stop the risks at the “front door” (IE the browser) and you will easily prevent the majority of unpatched kernel security holes from being used…

Gdetrailer wrote:

:R

Not really.

The Windows 4.x kernel was in use through ME, which was released long after NT.

NT was more a contemporary of Windows 95. 95, 95 Second Release, 98, 98SE, and ME were all running the Win4.x kernel series.

NT itself was built upon OS/2 which in-turn was built upon QNX.

NT kernels were used in 2k, XP, 2k3, and somewhat in Vista.

Win7 uses a microkernel of some sort (read, NOT THE SAME AS XP Kernel), which was running next to NT style kernel in Vista (hence making Vista's drivers usable in Win7) BUT you can’t use XP drivers for Win7 or for the most part even Vista.

You might want to double-check your OS history a bit. NT had nothing to do with OS/2 other than marketing. If anything it was closer to VMS because they were designed by the same person, Dave Cutler. The NT family and Windows family were entirely different. It wasn't until Windows 2000 that they merged.

Also, XP was the first desktop Windows version to use a hybrid kernel or "macrokernel". So XP, Vista, Windows 7 & 8 are all hybrid kernels, as opposed to the older monolithic kernel used in Window 95 and all prior versions. The kernel architecture doesn't have to change to cause issues with driver compatibility. Microsoft has tried to improve their driver model with each new release (and anyone who's used Windows for more than 3 versions can attest it's gotten *so much better*.) But changes in their driver manager or requirements can cause older drivers to not work on newer versions. The kernel architecture is rarely the cause.

(And I'm pretty sure OS/2 wasn't built on top of any other OS, it was entirely homegrown between Microsoft & IBM initially, later just Big Blue)

Not all security issues reside in the kernel, as your post seems to allude. In fact, very few do. They exist mostly in user mode built on top and in that case there is much code shared between Windows XP and its successors.

And don't forget that the browser is the #1 vector of security vulnerabilities - it has nothing to do with the kernel (directly) and will not be patched going forward. I'm willing to bet that a lot of people who continue to use XP after its end of support life will be running IE8.

Gdetrailer wrote:

Basically Windows 7 security “holes” are NOT NECESSARILY the same as XP, in fact none of the “updates” between XP, Vista, W7 ever addressed the SAME “exploits”.

In fact with new OS releases typically you end up with a WHOLE LOT MORE bugs and security issues that NEVER existed in the previous versions.

The ONLY thing in common was the fact that MS RELEASED “updates” for XP, Vista, 7, 8 on the same day (Tue of each week)…

That's just not true. Many, many security issues impact entire classes of the Windows family from XP to Windows Server 2012. A quick glance at this site this site shows just how many issues impact multiple versions of Windows including XP.

The phenomena that Chris refers to where the bad guys reverse engineer patches to find the vulnerabilities is very real. It happens every day with every product. Don't underestimate the bad guys here - it's not script kiddies getting their jollies, it's organized crime with hundreds of millions of dollars or more in play.

If you want to use XP that's fine, it's your choice. But don't spread misinformation that is potentially harmful. You can lament that technology doesn't stay stagnant and is constantly evolving. But to say that because a company doesn't want to support an OS for 20 years is only due to corporate greed is kind of short sighted. Technology has always evolved at a quick pace and in the past 25 years computer technology has advanced at a breathtaking pace. But that's how technology goes. Remember that only 66 years elapsed between the Wright brothers' flight and Neil Armstrong walking on the moon. That's only 5 XP lifetimes.

burlmart wrote:
The sandboxed dragon chrome beowser is too hard for me to see w/o high contrast black.

Not sure what version of Comodo you were using, but here is how you use Firefox in the latest version of CIS Virtual Kiosk sandboxed mode:

Just make sure you have a Firefox or any other app shortcut already on your Windows desktop, and it will appear in Comodo's isolated desktop when you click Virtual Kiosk. You can easily switch back to your Windows desktop by selecting Switch to Windows.

SCVJeff wrote:
Anyone know where I can get a real copy of XP at this late date?

Depends.

IF (and that is a BIG IF) you can find a NOS copy which is still in factory plastic then you might be OK..

Pretty much anything you dig up on Ebay, Amazon or Craigslist is gonna be a big gamble to say the least.

You didn't say if you needed the media, COA or both. But if it is COA (you have the media) generally in the past you could call the MS activation phone number and buy a new COA. Not sure if they will continue to offer that but I do know that they WILL continue to allow XP to be activated and ALL released updates will continue to be available.

The rub is there are quite a few "versions" of XP..

You had Retail upgrade, Retail full, OEM, Home, Media center, Pro. None of the COA keys will interchange between any of the different versions.

Then you have 32/64 bit on top of that.

It would be a needle in the haystack thing to say the least, especially since MS pulled all Retail versions of Win7 from the market. You might be able to still buy the W7 Pro OEM which was the last version available as of 6 months ago..

burlmart wrote:

Welll, nope. What does it do, and what programa does it monitor? I saw the pdf and GUI for EMET, but do not speak ITese I am such a light user, maybe I should just drop EMET?

On Comodo, you once back a while recommended it and I tried it, but it was confusing for me. The sandboxed dragon chrome beowser is too hard for me to see w/o high contrast black. So I am back to MSE, Malwarebytes, and Firefox , and

Actually, EMET comes with presets for monitoring some key apps that have been subject to exploits, such as Java, IE, and Acrobat. So to say its not doing anything, is not accurate. But you need to specify other applications that you want monitored such as Firefox for instance.

You don't need to make configuration changes to Comodo for the most part. Just click Virtual Kiosk which will load your current browsers, be it Firefox or Chrome, in its sandboxed desktop. You don't have to use Comodo Dragon(Chrome).

Chris Bryant writes “It's all well and good to say XP will still work- and it will, but I would not use it to connect to the Internet.
Microsoft will, in effect, be giving hackers a roadmap on vulnerabilities in XP every time they issue a patch for 7 or 8- better than half of the vulnerabilities also exist in XP, except they will be unpatched. Kind of a big "kick me" sign.”


:R

Not really.

The Windows 4.x kernel was in use through ME, which was released long after NT.

NT was more a contemporary of Windows 95. 95, 95 Second Release, 98, 98SE, and ME were all running the Win4.x kernel series.

NT itself was built upon OS/2 which in-turn was built upon QNX.

NT kernels were used in 2k, XP, 2k3, and somewhat in Vista.

Win7 uses a microkernel of some sort (read, NOT THE SAME AS XP Kernel), which was running next to NT style kernel in Vista (hence making Vista's drivers usable in Win7) BUT you can’t use XP drivers for Win7 or for the most part even Vista.

Basically Windows 7 security “holes” are NOT NECESSARILY the same as XP, in fact none of the “updates” between XP, Vista, W7 ever addressed the SAME “exploits”.

In fact with new OS releases typically you end up with a WHOLE LOT MORE bugs and security issues that NEVER existed in the previous versions.

The ONLY thing in common was the fact that MS RELEASED “updates” for XP, Vista, 7, 8 on the same day (Tue of each week)…

Chris, I think you better have a talk with the governments, banks, hospitals and pretty much every large company on this earth to let them know they must scrap BILLIONS of dollars worth of PCs running XP which are in full use AND CONNECTED to the Internet as of this moment.

There ARE a lot of applications which do not run on Vista/W7/8 in use and it takes considerable money and manpower to update/replace these applications and some just are not replaceable..

MS (and Intel) most likely appreciates your help in getting people to kick their working XP PCs to the curb filling up yet more land fills with electronic scrap..

People panic and they make money selling new OS and hardware… It’s the new American wasteful way of life.