dencorso Posted May 20, 2017 Share Posted May 20, 2017 For those having trouble with winlogon, and anyone wishing to use the latest version of it, there is WindowsXP-KB2878379-v2-x86-ENU.exe, which was not pushed via WU/MU, athough it's rather old. I've been using it since March 2014, with no adverse effects. It may or may not solve the described issue, but it won't hurt to try, right? It installs winlogon.exe, licdll.dll and dpcdll.dll, all three v. 5.1.2600.6443. It's digitally signed by MS on Fri, Sep 06, 2013 (4 years old, as I said) and exists in many or maybe all language versions. 2 Link to comment Share on other sites More sharing options...
heinoganda Posted May 21, 2017 Share Posted May 21, 2017 (edited) POSReady 2009 KB4018556 no longer available via WSUS catalog! KB4018556 seems occasionally to cause problems, appears to have been withdrawn for now. In the context of KB4018556 there seems to be problems with Server 2003 (Technet Forum). Time zone update available. (Morocco Ramadan DST changes) WindowsXP-KB4023136-x86-ENU.exe 18.05.2017 Edited May 21, 2017 by heinoganda More recent info Link to comment Share on other sites More sharing options...
Dave-H Posted May 24, 2017 Share Posted May 24, 2017 Just as a matter of interest for those who may not know about it, there is a utility available here which will download from Windows Update or Microsoft Update for you, including saving the files for use offline. It's mainly useful in Windows 10, where it is otherwise impossible to see optional updates for some stupid reason, but it works in all Windows versions from 2000 onwards. It does replace the IE8 interface, but unfortunately still uses the normal update mechanism, so won't get around the extremely slow scanning problem! There are x86 and x64 versions in the package, but no documentation. It's pretty obvious how to use it though, and there is more information here. 2 Link to comment Share on other sites More sharing options...
SD73 Posted May 24, 2017 Share Posted May 24, 2017 Nice too, Dave. Thanks for posting! Link to comment Share on other sites More sharing options...
FranceBB Posted May 26, 2017 Share Posted May 26, 2017 (edited) Cyber-security firm enSilo has released a patch for Windows XP and Windows Server 2003 that will protect against attacks via ESTEEMAUDIT, a hacking tool developed by the NSA. It can be used to get into computers with open RDP ports, or for moving laterally inside a network that features PCs with open RDP connections. The website "bleeping computer" says that Microsoft has not provided security updates to protect against this threat 'cause it only works on Windows XP and Server 2003, but how about POSReady? Maybe Microsoft didn't release a patch because this threat has been developed by the NSA? Do you think it's safe to install this patch: http://pages.ensilo.com/download-the-patch-for-esteemaudit-exploit Edited May 26, 2017 by FranceBB Link to comment Share on other sites More sharing options...
Dave-H Posted May 26, 2017 Share Posted May 26, 2017 Well I'm certainly not going to be the first to try it! Someone with a non-critical installation that can be used for testing and doesn't matter if it gets hosed I hope will try it and report back. Link to comment Share on other sites More sharing options...
Mathwiz Posted May 26, 2017 Share Posted May 26, 2017 Hmm.... I was willing to take a chance, but the web page for the download wouldn't work with Firefox 52.1.2, or IE 8. Had to use IE 11 on a Win 7 machine just to get the Web page to work. I guess if you really are running XP or 2003 you're screwed (unless the page works with Chrome 49). Then they ask for first & last name, COMPANY name, JOB TITLE, BUSINESS email, phone number, country, and (if you select US) state. Seems it's not available to individual XP users! Yet the Terms & Conditions state you get a "personal" license to use the patch. Still trying to decide whether to take the plunge on this one. Link to comment Share on other sites More sharing options...
Bersaglio Posted May 26, 2017 Share Posted May 26, 2017 Do not install this unofficial patch! Use official update from Microsoft (if it isn't already installled in Your system): http://download.microsoft.com/download/A/F/5/AF53BEA0-61B7-4551-AAD2-1232A0117BDA/WindowsXP-KB982316-x86-ENU.exe 1 Link to comment Share on other sites More sharing options...
FranceBB Posted May 27, 2017 Share Posted May 27, 2017 2 hours ago, Bersaglio said: Do not install this unofficial patch! Use official update from Microsoft (if it isn't already installled in Your system): http://download.microsoft.com/download/A/F/5/AF53BEA0-61B7-4551-AAD2-1232A0117BDA/WindowsXP-KB982316-x86-ENU.exe Oh, ok. So Microsoft did release a patch. (I guess the website was wrong, then). Thank you! Link to comment Share on other sites More sharing options...
dencorso Posted May 27, 2017 Share Posted May 27, 2017 To be precise, MS re-released a patch: as you can easily guess by its number, KB982316 is, in fact, old news. OTOH, it's much better to have too much information (if there actually is such a thing as "too much information"), than to have too little of it. Thanks for calling my attention to enSilo... I hadn't heard about them before. Link to comment Share on other sites More sharing options...
heinoganda Posted May 27, 2017 Share Posted May 27, 2017 I have the fun allowed to update a freshly installed Windows XP sp3 (German language edition) via Windows updates. Well, KB982316 was not to be found, although this security update is from Aug 09, 2010! Because I create for my use update rollups (KB982316 available) and a corresponding list I was also able to find. This security update has been around for almost 7 years. This patch has never been replaced by a more recent patch. Here Microsoft should give a answer! Am appalled! Link to comment Share on other sites More sharing options...
Mathwiz Posted May 27, 2017 Share Posted May 27, 2017 (edited) Not so fast. That's an old patch from 2010. M$ just re-released it; that's all. Also, it doesn't appear related to the RDP vulnerability ostensibly closed by the 3rd-party patch. M$ has updated the MSRT, though: https://www.askwoody.com/2017/the-new-xp-patch-kb-982316-is-a-dud-but-the-new-msrt-is-for-real/ Edited May 27, 2017 by Mathwiz Link to comment Share on other sites More sharing options...
heinoganda Posted May 27, 2017 Share Posted May 27, 2017 (edited) Please read again exactly my comment, I am about the question why the security update KB982316 is no longer distributed via Automatic Updates or WU / MU with IE? In all appearances, a gap was deliberately left open! Will start another try with the English edition of Windows XP sp3. Update: Same result, no KB982316 was installed. Search result of Windows Update as .pdf and .xps format. Download here In any case, very strange. Edited May 27, 2017 by heinoganda Link to comment Share on other sites More sharing options...
Mathwiz Posted May 27, 2017 Share Posted May 27, 2017 (edited) I don't know if it helps, but here's what M$ has to say about KB982316 (along with download links for XP, Server 2003, Vista, and Server 2008): https://support.microsoft.com/en-us/help/982316/an-update-is-available-for-the-windows-telephony-application-programming-interface-tapi Quote This update implements a defense-in-depth change that some customers may decide to deploy. That probably explains why it isn't being pushed via Windows Update: it doesn't patch a specific, known vulnerability; instead it adds some extra protection to an uncommonly used Windows feature: Quote This update changes the Access Control Lists (ACLs) for the following registry entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Telephony By default, Network Service (NS) users explicitly have full permission to this registry entry. After you install this update, NS users will have Read-Only access to this registry entry. The update will apply the same ACLs to all subkeys of the registry entry. On 32-bit XP, the only file replaced is tapicust.dll. I've read through the linked page, and AFAICS this isn't related to any of the recently-exposed NSA exploits. I don't think it hurts anything to install it, but don't expect it to do a lot to protect your PC from malware. I have no clue why they re-released it now, especially with no changes. It might have been re-released by accident, and that sounds to me like as good a guess as any. Edited May 27, 2017 by Mathwiz Link to comment Share on other sites More sharing options...
niko32 Posted May 27, 2017 Share Posted May 27, 2017 Hm, I dont' have that file tapicust.dll in my Windows XP. Do You guys have it? It's only logical that I don't need it then, but I'm not entirely sure. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now