An XP registry hack was posted here to extend the updates on XP , The hack modified the registry to list the product version as XP embedded.
I tried it on my old XP machine which I don't use anymore and the first time I tried to update XP the hack worked.
Now a week or so later I checked to see if more updates were available and I got the "non genuine Windows" notification.
So to all those out there....DO NOT USE THE HACK!
I was able to get rid of the message by deleting the WGA keys but still no updates are available so the hack is useless.
BTW: The modified keys are undeletable and System Restore will not work so I will need to use a remote registry editor to get rid of those unwanted keys.
For me this is not a big deal as I'm a computer experimenter and look at this as fun...however most of you out there are not going to like this.
The hack does not cause XP itself to think it is POS2009. If you apply the hack and right-click on My Computer and select properties, the system will still report the OS as Window XP, SP3. Not POS2009.
The hack makes the WindowsUpdate mechanism think your system is POS2009. Everything else on the system, all other software, and even the OS itself, does not look at those registry entries.
Was version of XP does that "old machine" have?
Is it SP2 or SP3?
Was any hardware changed on it such that it failed the hardware hash? Did you, say, remove, replace or simply unplug the CD rom drive? Did you change or clone a hard drive or video card, or add or remove or otherwise change the amount of installed RAM? Did you change the ethernet card (or disable the on-board ethernet adapter?).
Did you change or update any hardware drivers? It is a known fact that updating some drivers, especially video-card drivers, will change the hardware hash reported to the validation routine. If too many hardware items come back with different hashes, then Windows will automaticially put itself into a "non-validated" state and will remain there for (I think) about a month before other things start to happen. The remedy is to let the validation routine do an on-line check with Microsoft, where it will re-validate itself.
There is a program called "xpinfo.exe" which will tell you which hardware items are passing and failing the validation hash. If the system does not have 5 positive "hash votes" (out of something like 10 or 13 possible votes) then then your XP installation will consider itself to be "non-genuine" until you allow it to perform an on-line validation check.
Also note that bios updates of the motherboard and other hardware devices like CD-rom firmware will also likely cause a loss of a positive hardware-hash vote.
There are ABSOLUTELY NO OTHER REPORTS of other systems experiencing WGA failures because of using the POS2009 hack.
What also could have happened is that when you were performing the WindowsUpdate check, you chose "Automatic" instead of "Custom", and by choosing automatic you did not pick and choose which updates were being downloaded, and you downloaded one of those WGA validation checks and your system failed the check (which happens many times, even on legit systems).
I always tell people who manually update XP to never download the WGA "Genuine Validation" update, and to de-select it from the update list so the system will never download it even when they switch to automatic instead of custom update.
Ahh, I live for moments like this, ie to see Homelessguy exposed as the village idiot. And it didn't take long. I would have thought it could be some future update, 6 months or a year from now that would probably screw it, but it only took less than a week!
With a hack like that, you've created a time bomb. You don't know when and if the next update is going to screw the whole thing. And as others have pointed out, not sure that there was ever much upside. Most of the security holes have been shaken out of XP long ago. And many of those were related to Internet Explorer. You can't run the last two versions on XP anyway and I doubt MSFT is going to issue IE updates in the future for an EOL IE through updates for their embedded products.
In all fairness, the version of Windows I had may not have been genuine...and I am sure many out there are in the same boat... but at any rate I wanted to issue the caution.
That said...to those using XP I don't know if Windows updates do all that much anyway as far as offering protection.
More importantly is
1) Common sense
2) Keeping AV and malware checkers updated and schedule scans
3) Using a browser other than IE such as Firefox or Chrome and keeping the browsers updated
Take your foot out of your mouth and look for more evidence that philo was correct. Here's a news flash: He wasn't.
An XP validation failure after using this hack has not been reported anywhere where these registry keys were first discovered and tested.
Anyone using this registry trick should turn off automatic updates and perform manual updating - if only to avoid downloading the only thing that Macro$haft could use to torpedo this XP update scheme: WGA updates (Windoze Genuine disAdvantage). Something for which has yet to happen.
Micro$haft would never do anything in terms of messing with this update scheme to trip up XP systems if it means anything more than a zero percent chance of also screwing up any of the POS2009 systems out there. It's far too important to all stakeholders that Meekro$oft not try to be clever and screw with XP users if there is any chance of also messing up any of the systems running POS2009.
And now it's time to take your other foot out of your mouth, because of the three updates that are available for XP systems using this registry hack:
KB2926765 / MS14-027 Vulnerability in Windows Shell Handler Could Allow Privilege Elevation
KB2931365 / MS14-026 Vulnerability in .NET Framework Could Allow Elevation of Privilege
KB2953522 / MS14-029 Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11
It's as clear as day that one of them is for not just IE8, but IE 6 and
7 as well, which completely trashes your belief that MS isn't / wasn't going to be updating and patching those versions of IE.
There will certainly be more XP, IE and .net vulnerabilities to be discovered and your claim that XP users are better off to NOT try this way to update their systems will leave no doubt in anyone's mind that you are the real village idiot here.
MSFT has no obligation to the handful of people like you who for some bizarre reason, think that it's a good idea to apply future updates for embedded XP to XP Home, Pro etc. MSFT has stated that support for XP is over, that they will not issue future updates. Any future updates are for embedded XP and are only tested and verified to work with it. MSFT can't stop people from doing foolish things. If your system gets "messed up", it's *your* doing, not MSFTs. And I'm sure MSFT won't care about the .00000001% of their customers in that group with you. It's like taking some electronic system component for a Ford Mustang and shoving it in Taurus, because you *think* it's compatible, then expecting Ford to protect you from your own dumb actions so that it can't damage your car. "Why Ford would never screw around with the Taurus's out there..... Surely this Mustang electronic part will work...." Good grief.
As others have pointed out to you as well, if you're running IE6, 7 etc, you have bigger problems than security updates, a lot of websites will no longer even work with it. And curiously, I don't see XP Embedded on the list of systems those updates apply to either, why is that?
They can do whatever they like. So far, one person here has tried it and reported what happened. People can reach their own conclusions. As far as being the village idiot, you've demonstrated to just about everyone's satisfaction with your loon OT posts, that you're a deranged troll, totally lacking in reasoned judgement.
Instincts may tell you not to trust HB...but logic says otherwise. Many ppl with businesses use their PC for everything: surfing; bookkeeping; payroll and such... M$ agreed to continue updating Windows embedded AND Windows XP for those folks (and I believe XP in China). I'm also "testing" the installation...and so far, so good!
That's a new claim and I believe it is false. The only thing I've seen is that MSFT is continuing to update the "Embedded" version of XP which is a specific product with a very different and specific installed base. It is where Embedded XP has been integrated and used as part of a specific dedicated product, eg cash register, ATM, etc. It's not the typical business computer running XP and being used for surfing, payroll, etc.
formatting link
Note that it includes EOL for enterprise, small, medium businesses as well as home users.
Of course Micro$hit has no obligation to XP users.
The point was that MS is playing with fire if they try to screw with their WindozeUpdate mechanism to try to trip-up XP systems using this hack if there is any chance that it will also screw up some of the POS2009 systems.
Why are you repeating old news?
And why do you fail to understand that POS2009 is simple XP-SP3 with a different license agreement?
Again you are showing that you are totally clueless when it comes to the internal architecture of the similarities and differences in the architecture within the NT-based Windows product family.
The MS marketing department has accomplished it's mission with you - which is to create artificial differences in the same product by using marketing and product-naming tricks and have you believe that "under the hood" they are vastly different products.
That statement is a diversionary tactic by you. We were not discusing the relative merits of the different versions if IE in terms of web-compatibility.
So by trying to divert the discussion on that point, you admit that you were wrong in claiming that MS was or would no longer be updating/patching those old versions of IE.
Maybe because you haven't looked here:
formatting link
======================= MS14-029: Security Update for Internet Explorer (KB2953522)
Locale: All
Deployment: Windows Update, Microsoft Update, Important/Automatic Updates, WSUS, and Catalog Classification: Security Updates
Security severity rating:
Critical: Windows 8.1, Windows RT 8.1, Windows 8, Windows RT, Windows Embedded Standard 7, Windows 7, Windows Vista, and Windows XP Embedded
Moderate: Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, and Windows Server 2003
Supersedes:
MS14-021 (KB2964358) on Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP Embedded
Target platforms:
Windows 8.1, Windows RT* 8.1, Windows Server 2012 R2, Windows 8, Windows RT*, Windows Server 2012, Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP Embedded
Approximate file sizes:
Internet Explorer 11 for Windows 8.1 update: ~ 15362KB
Internet Explorer 11 for Windows 8.1/Windows Server 2012 R2 x64 update:
Internet Explorer 11 for Windows RT 8.1 update: ~ 15592KB
Internet Explorer 10 for Windows 8/Windows Server 2012 x64 update:
Internet Explorer 10 for Windows 8 update: ~ 17367KB
Internet Explorer 10 for Windows RT update: ~ 14407KB
Internet Explorer 9 for Windows Embedded Standard 7/Windows 7/ Windows Server 2008 R2 x64 update: ~ 28926KB
Internet Explorer Windows Embedded Standard 7/Windows 7/ Windows Server 2008 R2 for x64-based Systems update: ~ 38863KB
Internet Explorer 10 for Windows Embedded Standard 7/Windows 7/ Windows Server 2008 R2 Service Pack 1 for x64-based Systems update:
Internet Explorer 10 for Windows Embedded Standard 7/ Windows 7 Service Pack 1 update: ~ 20090KB
Internet Explorer 8 for Windows Embedded Standard 7/Windows 7 update:
Internet Explorer 9 for Windows Embedded Standard 7/Windows 7 update:
Internet Explorer 11 for Windows Embedded Standard 7/Windows 7 update:
Internet Explorer 8 for Windows Embedded Standard 7/Windows 7/ Windows Server 2008 R2 x64 update: ~ 17532KB
Internet Explorer 8 for Windows Server 2008 R2 IA-64 update:
Internet Explorer 7 for Windows Server 2008 IA-64 update:
Internet Explorer 9 for Windows Server 2008/Windows Vista update:
Internet Explorer 9 for Windows Server 2008/Windows Vista x64 update:
Internet Explorer 8 for Windows Server 2008/Windows Vista update:
Internet Explorer 7 for Windows Server 2008/Windows Vista x64 update:
Internet Explorer 7 for Windows Server 2008/Windows Vista update:
Internet Explorer 6 for Windows Server 2003 update:
Internet Explorer 8 for Windows Server 2003 update:
Internet Explorer 6 for Windows Server 2003 IA-64 update:
Internet Explorer 6 for Windows Server 2003 x64 update:
Internet Explorer 8 for WEPOS and POSReady 2009 update:
Internet Explorer 6 for WEPOS and POSReady 2009 update:
Internet Explorer 7 for WEPOS and POSReady 2009 update:
Description:
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.
formatting link
================
Oh look - what is that?
Do I read IE6, 7 *and* 8 for POSready 2009?
Oh look - what does it say under "Target Platforms" ? Does it say "Windows XP Embedded" ?
That's called a slam. That's how I slam you with the facts.
How does it feel?
Everyone has just seen me slam you.
And has express doubts himself about what his exact experience was.
Yes, you have again proven to be just that - the village idiot.
Want to try again to debunk and inject FUD into the applicability of these POS2009 updates to any generic Windows XP system?
| Instincts may tell you not to trust HB...but logic says otherwise.
It's not a matter of trust, faith, or logic. XP is no longer supported. XPE is not the same thing. Microsoft has no reason to make sure XPE patches are compatible with XP. They do, on the other hand, have motivation to create a situation of, "Woops! Well we did tell you not to use the XPE patches." Support and no support is a big difference. With support they promise not to break compatibility. With no support there's no promise of any kind. If they release an XPE patch incompatible with XP and it destroys your install, that's your problem.
| Many ppl with businesses use their PC for everything: surfing; bookkeeping; payroll and such... | M$ agreed to continue updating Windows embedded AND Windows XP for those folks
They didn't "agree" to. They're selling support contracts, starting at $250,000/year, at about $200/year per PC. So yes, they're still making patches for XP. But those are not the patches you're downloading with this hack. The fact that there are people paying for support is all the more reason for MS to break XP with XPE patches.
And as has been mentioned already in this thread: What's the value in taking the risk? You shouldn't be allowing IE online in the first place. How many other patches are likely to be relevant? Just about any vulnerability is likely to be coming through IE. A few may also come through MS Office, which is a good reason not to use that. But if you're not using MS software online there's little to worry about. (I haven't got an MS patch since SP3 and I'm not worried.)
*This month's patches are not even relevant.*
This month's patches are a good example, as HomeGuy lists them. One is for IE. (Again, no one should be using IE online. All the more so if you're running Vista or earlier, because MS doesn't even have a version of IE for those systems anymore. IE is not a browser in the normal sense. It's best viewed as a Windows component that is vulnerable if connected online.)
The other 2 patches are for privilege elevation. For the vast majority of people using XP there's no such thing as privilege elevation. They're already running without restrictions! So those patches are meaningless.
One patch deals with .Net remoting. There's no reason to even install .Net if it's not needed by some program. There's certainly no reason to let it run remotely. That's as risky as installing Java and letting it run through your browser. Even if you've done all that, all that's at risk is privilege elevation, which is almost certainly meaningless on your PC.
The other patch is for a bug that allows someone who has already logged on locally to go from lackey mode (common user restrictions) to Admin mode by running particular code. All of the code that's running on your XP machine right now is almost certainly in Admin mode. Nobody runs XP in lackey mode. In fact, in many cases there are no restrictions possible. My XP is installed to FAT32 file system, as many copies of XP were. Only an NTFS file system allows for user restrictions. IF you have XP installed on NTFS, and IF you have kids who you've set up with a restricted user account, then they *could* bypass those restrictions if they can figure out how to run the hack. Is that worth risking your system for?
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.