Forum Thread: Microsoft may end antivirus updates on XP in April

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as resolved.
mogs Microsoft may end antivirus updates on XP in April
Member 31st Oct, 2013 17:13
Ranking:
Posts: 6,279
User Since: 22nd Apr, 2009
System Score: N/A
Location: UK


--

Post "RE: Microsoft may end antivirus updates on XP in April" has been selected as an answer.
mogs RE: Microsoft may end antivirus updates on XP in April
Member 4th Nov, 2013 15:29
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 5th Nov, 2013 06:34
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
taffy078 RE: Microsoft may end antivirus updates on XP in April
Contributor 6th Nov, 2013 18:48
Score: 408
Posts: 1,460
User Since: 26th Feb 2009
System Score: 100%
Location: UK
what a farce Mogs! Has anyone told Google?

They "promised XP support for Chrome" until 2015 per http://secunia.com/community/forum/thread/show/145...

So does that mean that out there in the real world, customers will be using Chrome on their XP PC until 2015 thinking all is well - when in fact it won't be?!! Then I saw your post about XP still be sold at inflated prices!

These industry giants need their backside kicked very firmly. Was it Ralph Nader who put the fear of god in the American car industry years ago, siding with consumers and highlighting hidden automotive issues? There needs to be someone similar sorting out the computer giants.

Apologies for my rant - I've had four phone calls today: from "Worldwide web protection", "Internet Security Inc", "Microsoft Help Desk" (still trying that one!) and "WWW Safenet". The last was the best - I confused them by referring to WWE. Worldwide web were on for ten minutes (on speaker phone) thinking I was at my PC.

I'm experienced enough to ignore these idiots but how many Joe Public are still being conned while the PC giants sit on their b*ms?



--
taffy078, West Yorkshire, UK

HP Envy Win10 PC 1511 Build 10586.71 and Compaq Presario CQ71 Win10 Upgraded 1511 build 10586.71
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 6th Nov, 2013 20:45
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
@taffy

I think someone must be telling Google something : in the middle of all the Internet feuds, my browser is not too often unresponsive....quite unlike a palm leaf this Autumn !!
On the question of XP....a couple of Christmases, at least, must have gone by since MS's intentions first registered at home or abroad !! Even ET must have gotten the phone call ?!

At least this thread allows some room for airings in a stable forum ?!

Spare a thought for working in this environment (?!!)....as follows :-

Working for Google isn't all it's cracked up to be

Search engine employees gripe about those horrible, horrible perks
By Chris Merriman

EMPLOYEES of internet giant Google have revealed that its legendary office atmosphere is not all it's cracked up to be.
Responding to an enquiry on Q&A website Quora, Googlers have vented their top frustrations at working for the giant company, revealing why free stuff isn't really all that good, and why your job working for a pittance for the boss from hell isn't so bad, really.
Top gripes include the fact that making a difference in a company where even the janitor is overqualified is almost impossible, and as a result there's very little chance of promotion. The atmosphere is described as "sycophantic" and "arrogant", while whooping at news that you are largely ambivalent about apparently remains a must.
Other moans include the slow pace of development, a culture of "cool" over substance, and the "fun" banter between colleagues making it nearly impossible to get a straight answer to a straight question.

More to read at :-
http://www.theinquirer.net/inquirer/news/2305103/w...

--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 12th Nov, 2013 18:08
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 14th Nov, 2013 06:21
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 15th Nov, 2013 14:19
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
NOVEMBER 15, 2013
Microsoft to fix Windows XP update SVCHOST redline issue 'soon'
Microsoft has identified why using Windows Update to install patches on Windows XP may lock up users' machines for hours on end
By Woody Leonhard | InfoWorldFollow @woodyleonhard

Microsoft thought it had the Windows XP update redlining problem solved in this month's Black Tuesday crop of patches. Instead, the problem's back this month with a vengeance. The Microsoft Update team has analyzed the latest manifestation, come up with an explanation, and we're promised that a permanent solution will arrive "as soon as possible."

Windows Update team member Doug Neal has just posted a message to the Patch Management Mailing List that explains what's happening when Windows XP's Windows Update agent, wuauclt.exe (running in a SVCHOST wrapper), drives CPU utilization to 100 percent -- and can keep WinXP machines pegged at 100 percent for 15 minutes or longer.

The problem is caused by the Windows Update client evaluating an exceptionally long supersedence chain - something IE6 and IE7 have more than any other version of IE due to their time in market. Each 'link' in the chain doubles the CPU resources needed to evaluate it over the previous version. The chain is so long that the design stymies the WUA client.

In other words, when you run Windows Update, the program has to bang against Microsoft's internal database of patches and figure out which patches need to be applied and which ones have been superseded and can be ignored. Since IE6 and IE7, in particular, have been around since the dawn of time, that's an enormous pile of patches to sort through.

Reading between the lines of Neal's response, it occurs to me that 1) the method for traversing the tree of available patches is enormously inefficient ("doubles the CPU resources") and 2) there should be some way to pre-evaluate the most common chains and bypass supersedence checking entirely in many cases -- or at least minimize it.

Be that as it may, Microsoft's solution is to go in and crop the tree: remove dead branches that don't need to be pursued. As Neal explains it:

We thought this problem was one of extremely long supersedence chains in IE6/IE7 which we fixed with Tuesday's release. We're hearing from you and others that this didn't fix the problem... We're working to expire these exceptionally old, dated, unnecessary updates in the chain. The expirations for these didn't happen as planned.

Those of you who have written to me and expressed a Dexter-like rage at the people inside Microsoft who caused their machines to keep churning for hours on end might take note that Microsoft really did think it had the problem licked with this month's Black Tuesday patches.

Neal concludes by saying:

While I can't provide a date for when this will be done, we know it's an issue affecting customer PCs and we're working to get it out as soon as possible to halt the impact.

So if it's any consolation, you can put away the butcher knife, roll up the plastic, and trust that a fix is coming before too long. But don't throw away the carving tools just yet, OK? We may need them.
http://www.infoworld.com/t/microsoft-windows/micro...

--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 21st Nov, 2013 08:52
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 22nd Nov, 2013 13:35
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
taffy078 RE: Microsoft may end antivirus updates on XP in April
Contributor 24th Nov, 2013 10:16
Score: 408
Posts: 1,460
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Don't throw away your old XP PCs!

Fact 1: There are lots of individuals and small charities that have no intention of going on-line.

Fact 2 (I think!!): Most of the computers with XP are probably too old to / incapable of coping with modern software.

So, could someone start a world-wide drive to get the computer community to donate their XP
machines to such individuals / charities to use as word processors?

--
taffy078, West Yorkshire, UK

HP Envy Win10 PC 1511 Build 10586.71 and Compaq Presario CQ71 Win10 Upgraded 1511 build 10586.71
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 26th Nov, 2013 11:56
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 27th Nov, 2013 20:25
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 28th Nov, 2013 11:14
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 28th Nov, 2013 11:22


--
Was this reply relevant?
+0
-0
Maurice Joyce RE: Microsoft may end antivirus updates on XP in April
Handling Contributor 28th Nov, 2013 12:45
Score: 12068
Posts: 9,327
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Secunia details are here:

http://secunia.com/advisories/55809/

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 28th Nov, 2013 13:28
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Firms urged to ditch Windows XP after zero-day attack discovered in the wild

by Alastair Stevenson
28 Nov 2013

A zero-day vulnerability in Microsoft's Windows XP and Server 2003 has been discovered and is being actively targeted by hackers, leading to fresh calls for businesses to move to newer Windows versions sooner rather than later.

FireEye researchers Xiaobo Chen and Dan Caselden reported uncovering the vulnerability in a blog post, confirming that it only affects Windows XP systems.

"FireEye Labs has identified a new Windows local privilege escalation vulnerability in the wild. The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel. Currently, the exploit appears to only work in Windows XP," read the post.

The researchers confirmed evidence that the vulnerability is being actively targeted by hackers. "This local privilege escalation vulnerability is used in the wild in conjunction with an Adobe Reader exploit that appears to target a patched vulnerability," read the post.

"The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3. Those running the latest versions of Adobe Reader should not be affected by this exploit. Post exploitation, the shellcode decodes a PE payload from the PDF, drops it in the temporary directory, and executes it."

More to read and workarounds here :=
http://www.v3.co.uk/v3-uk/news/2309770/firms-urged...

--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 28th Nov, 2013 22:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 29th Nov, 2013 14:02
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
DEATH-PROOF your old XP netbook: 5 OSes to bring it back to life

Or: How to talk your child out of using an iPad..


By Simon Sharwood, 28th November 2013

Four customers who never have to replace their PCs again

My son's school has decreed that next year he'll need a computer of some sort.

Mr 12 wants an iPad. I want him to use the 2009-vintage Lenovo S10e Netbook gathering dust in the study, because it's already been paid for. The netbook is also fit for purpose: it was the very model handed out in Australian schools circa 2009.

It's also alive and kicking. That Redmond will turn it into a curiosity next April rankles, so I want to find something useful for it to do.

Mr 12 scoffs at such sensible arguments and cares little for the family budget. All he knows is that the single core 1.6Ghz ATOM N270-powered machine with its 2GB of RAM, 150GB hard disk and oddly proportioned 1024 x 576-pixel 10.1-inch screen runs like treacle.

After some back and forth, a compromise has been reached: if I can show him an operating system that makes the netbook faster and look cool, he'll give it a go.


Lots 'n lots more to read here :-
http://www.theregister.co.uk/2013/11/28/five_oses_...


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 30th Nov, 2013 12:24
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 2nd Dec, 2013 19:57
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
December 02, 2013

Windows XP zero day gives attackers a way around Adobe sandbox

Microsoft may provide an out-of-cycle security update to protect users


By John E Dunn | Techworld

A new zero day flaw in Windows XP and Windows Server 2003 is being exploited in the wild to bypass the sandbox on unpatched versions of Adobe Reader, security firm FireEye has reported.

According to the firm's analysis, the vulnerability allows for a standard user running XP SP3 to elevate privileges to admin level, allowing a targeted attack on users running Reader versions 9.5.4, 10.1.6, 11.0.02 and before using a malicious PDF.

"An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights," said Microsoft in a separate advisory (2914486).

In other words, attackers hitting this flaw can beat Adobe's sandbox by routing their sneakiness via a lower-level call through the OS itself.

The issue has been designated CVE-2013-5065 and an out-of-band patch looks like a distinct possibility given its seriousness.

"Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs," said Microsoft's advisory, dropping a heavy hint that early action was likely.

In order to fix the problem, users are advised to update Adobe Reader to a later version or simply abandon Windows XP for Windows 7 or 8.

News of the issue will be taken as further confirmation that users need to get off XP although privilege elevation flaws can in principle affect any OS from time to time. They have become rarer in recent years, hence their importance when they surface.

A month ago Microsoft's Q3 Security Intelligence Report (SIR) found that XP was not only more likely to encounter malware but significantly more likely to fall prey to it all things being equal. Later versions of Windows -- especially Windows 8 -- are architected with a greater level of low-level security designed to beat off some attacks.

Windows XP might be a dying operating system but it can still throw up some nasty surprises. This won't be the last one.

http://www.infoworld.com/d/security/windows-xp-zer...



--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 4th Dec, 2013 22:37
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 4th Dec, 2013 22:49
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 5th Dec, 2013 16:37


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 6th Dec, 2013 10:44
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs RE: Microsoft may end antivirus updates on XP in April
Member 10th Dec, 2013 21:35
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft issues 11 security bulletins for the last Patch Tuesday of 2013
Addresses a zero-day vulnerability for bad TIFF images on Windows XP systems


By Lee Bell
Tue Dec 10 2013, 10:44

SOFTWARE PATCH FACTORY Microsoft has released its last Patch Tuesday list for 2013, issuing 11 bulletins, five of which are rated critical.

These last 11 bulletins cover Internet Explorer, Windows operating systems and Microsoft Office software, bringing the total number of patches released by the Redmond firm in 2013 to 106, up from last year's total of 83.

The most critical security bulletin addresses a zero-day vulnerability documented by the November Microsoft Graphics Components advisory 2896666, affecting Windows, Office and Lync through Microsoft Office 2007 installed on Windows XP.

"In this vulnerability, an attacker needs to convince a user to preview or open a bad TIFF image for exploitation. Because we know persuading users to click isn't always that hard to do, a patch for this one is definitely welcome," said Lumension forensics and security analyst Paul Henry.

More to read at :-
http://www.theinquirer.net/inquirer/news/2318054/m...

--
Was this reply relevant?
+0
-0

This thread has been marked as locked.