Technical Discussion
  >> Windows Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread
Standard User Banger
(eat-sleep-adslguide) Mon 15-May-17 15:29:46
Print Post

Re: What's the URL of the latest Windows Update website?


[re: meditator] [link to this post]
 
Yes that's it, Win XP support 256 character file names and it ran ok on my XP 32 bit machine that is the official patch.

Tim
www.uno.net.uk & freenetname
Asus DSL-N55U and TP-Link WD9970 on 80 Meg LLU Fibre
http://www.thinkbroadband.com/speedtest/results.html...

Current Sync: 68696/18766
Standard User meditator
(fountain of knowledge) Mon 15-May-17 16:32:31
Print Post

Re: What's the URL of the latest Windows Update website?


[re: Banger] [link to this post]
 
Oh, OK.

Can't think why Microsoft thought it necessary to use such an inordinately long and seemingly randomised character string for the filename. Perhaps the employee who was responsible for making the file available on that and on one or two other parts of the microsoft site fell asleep on to his/her keyboard just as he/she was doing it?! Heh, heh, heh!

If the predictions are to be believed, this bit of malware will be only the start of a collection of variants, so conceivably a single patch might not be enough by Microsoft
Standard User Banger
(eat-sleep-adslguide) Mon 15-May-17 16:40:34
Print Post

Re: What's the URL of the latest Windows Update website?


[re: meditator] [link to this post]
 
There is already another variant of the virus in the wild, important to keep any anti virus up to date I think MS Security Essentials is still supported on XP and kept up to date.

My feeling is once you have patched the machine, other variants will have difficulty infecting the machine until a new exploit is found. But I may be wrong on this.

Tim
www.uno.net.uk & freenetname
Asus DSL-N55U and TP-Link WD9970 on 80 Meg LLU Fibre
http://www.thinkbroadband.com/speedtest/results.html...

Current Sync: 68696/18766


Register (or login) on our website and you will not see this ad.

Standard User caffn8me
(eat-sleep-adslguide) Tue 16-May-17 03:24:39
Print Post

Re: What's the URL of the latest Windows Update website?


[re: meditator] [link to this post]
 
In reply to a post by meditator:
Can't think why Microsoft thought it necessary to use such an inordinately long and seemingly randomised character string for the filename.
The 40 character string immediately before the file extension is the SHA-1 checksum of the file which means anyone can check its integrity.

On a Windoze box you can do this using the Microsoft File Checksum Integrity Verifier - which you can download for free.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs

Edited by caffn8me (Tue 16-May-17 03:26:19)

Standard User meditator
(fountain of knowledge) Tue 16-May-17 12:17:13
Print Post

Re: What's the URL of the latest Windows Update website?


[re: Banger] [link to this post]
 
Yes, I think I mentioned earlier that, although in 2013 Microsoft ceased support - for all but certain commercial instances - of WinXP, they continued with support for MSE. On my XP machine, even if I don't bother to manually download the latest MSE definitions, it happens in the background anyway. That's providing I have my XP machine online rather than offline, of course. So, over the last few years, although I've not been getting any WinXP updates I have been getting MSE updates on occasions. But whether or not that's good enough alone to protect my machine against this Wannacrypt and similar malware I don't know. One technical article by Microsoft that I read the other day seems to suggest that it will be good enough; apparently, both Windows Defender and MSE are equipped with the necessary detection.
Standard User meditator
(fountain of knowledge) Tue 16-May-17 12:46:34
Print Post

Re: What's the URL of the latest Windows Update website?


[re: caffn8me] [link to this post]
 
caffn8me,

Ah, well that's interesting. But then why has this long string been applied to just the patch file for the non-embedded version of Windows XP SP3 and no other, I ask myself? Why on earth was it necessary to include the checksum in the actual filename? That looks like an encryption string! Surely, it could just have easily been put inside the file, and with an explanation of what it was?

A downloadable checksum verifier? Well, I'm afraid I for one won't be downloading the verifier. As I think I explained earlier, the status of my XP machine is such that I steer clear of using it for any Web access (other than getting MSE updates). Thanks for letting us all know about that, though. Much appreciated.

Actually, I've just chanced upon the website of the National Cyber Security Centre. In a brief statement, they're advising users of legacy Windows to use Windows Update to get the patch. Well, that's fairly naff advice because, as far as I can gather, Microsoft stopped access to WU for manual accesses some time last year. Clearly, that explains why I myself can no longer use my XP machine to access the WU website. Possibly, if you change the updating on the machine to automatic it might then work, but then you'll probably get all the other XP updates downloaded that have existed over the years and many of which, for one reason or another, were rejected by you for inclusion (operational issues with applications, genuine bugs in the updates, etc).
Standard User caffn8me
(eat-sleep-adslguide) Tue 16-May-17 14:23:29
Print Post

Re: What's the URL of the latest Windows Update website?


[re: meditator] [link to this post]
 
In reply to a post by meditator:
Surely, it could just have easily been put inside the file, and with an explanation of what it was?
On a technical level, you can't put the hash value in the file because changing the file to put the hash inside it changes the hash of the file itself and they will no longer match.

What a hash value does is to give you a way of comparing the contents of one file to another to ensure that they are the same. If a single change is made to a file, the hash changes, which tells you that the file has been tampered with. It doesn't tell you what has been changed, just that it has been.

As an example, I've copied and pasted your first post into a plain text file. The SHA-1 hash of that file is 03bd41409bb045016ef6ae5ef5e7b062e2814c38

When I edit it such that there is no obvious visble change, by removing the space after the final word, 'longer?', the hash changes completely to d64527d3ef3f54eb20b741a712ca190b111e0bb6

You can see immediately that the two files are different because the hash values are different.

These files are a different length as the second file is one character shorter so you might be able to detect there has been a change just by looking at the file size (2534 bytes vs 2535).

What if I put a space back at the end of a different line to make the original file and the modified file exactly the same length? You still won't know it's been modified just by looking at it quickly and you can't tell by the file size. I now get a hash of d89e6dbcd32e5faa8ebbfaddd4369d905dd803c1 - which is different again.

Apart from the technical reason you can't include a hash for a file within the file, you also don't want to do that because it would mean having to open the file to view the hash value.

The aim of generating and publishing a hash for a file is so that you can check it hasn't been altered, e.g. to include malicious code. If there is malicious code you want to know before you open the file.

As for why Microsnot has chosen to include the SHA-1 hash in some file names but not others, I don't know. Newer operating systems may have different mechanisms for verifying the integrity of patches which XP doesn't - digital signatures, for example.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User TinyMongomery
(knowledge is power) Tue 16-May-17 14:34:19
Print Post

Re: What's the URL of the latest Windows Update website?


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
On a technical level, you can't put the hash value in the file because changing the file to put the hash inside it changes the hash of the file itself and they will no longer match.
Even if you could, it would rather defeat the purpose if you had to open the file to get the hash value.

==================================
Sovereignty really does mean sovereignty
Standard User caffn8me
(eat-sleep-adslguide) Tue 16-May-17 14:39:01
Print Post

Re: What's the URL of the latest Windows Update website?


[re: TinyMongomery] [link to this post]
 
Which I may just have mentioned later in my post wink

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User TinyMongomery
(knowledge is power) Tue 16-May-17 14:41:14
Print Post

Re: What's the URL of the latest Windows Update website?


[re: caffn8me] [link to this post]
 
Oops. So you did.

==================================
Sovereignty really does mean sovereignty
Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread

Jump to