{"id":2906,"date":"2017-05-22T22:43:53","date_gmt":"2017-05-22T20:43:53","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=2906"},"modified":"2020-09-16T07:22:57","modified_gmt":"2020-09-16T05:22:57","slug":"critical-security-update-kb982316-for-windows-xp-may-2017","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/05\/22\/critical-security-update-kb982316-for-windows-xp-may-2017\/","title":{"rendered":"Security-Update KB982316 for Windows XP (May 2017)"},"content":{"rendered":"

\"Windows[German<\/a>]Microsoft has (probably) released another security update (KB982316) for Windows XP to the public. Admins of systems running the unsupported Windows XP could install this update. But the whole thing is mysterious – the package contains only old stuff – and the update is available in English only (not installable on other languages).<\/p>\n

<\/p>\n

WannaCry and the after EOL Windows XP-Update<\/h2>\n

\"\"Windows XP is no longer supported from Microsoft for the masses (end of life was 2014). Only customers paying for extended support are receiving additional security updates (and also Windows Embedded). But there has been an exception: After WannaCry used a vulnerability in SMBv1, Microsoft released update KB4012598 for (unsupported) Windows XP, Windows 8 and Windows Server 2003 to the public.<\/p>\n

Update KB982316 for Windows XP \u2013 the next one?<\/h2>\n

Microsoft Update KB982316 for Windows XP has been released at May 19, 2017, as Windows Central reported here<\/a>\u00a0(and according to the date given on Microsoft's web site). I used a web search for update KB982316 which returned the page An update is available for the Windows Telephony Application Programming Interface (TAPI)<\/a>.\u00a0dated from 2010 and addresses also Windows XP. Also Microsoft Update Catalog doesn't provide an entry.<\/p>\n

But Security Update for Windows XP Service Pack 3 (KB982316) may be downloaded from this Microsoft download site. The update has a size of 492 KB and is available in English only. The download site, dated May 19, 2017, says:<\/p>\n

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it.<\/p>\n

A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system.<\/p><\/blockquote>\n

Although this vulnerability requires an attacker to be authenticated local, it seems that this issue is critical enough, that Microsoft released another security patch for a non supported operating system. The update may be installed executing the .exe download. A system restart is required. That's what we can read on Microsoft's site…<\/p>\n

Inspecting the package<\/h2>\n

But I've inspected the .exe file and it's content and got puzzled. The files within the package comes with time stamps from 2009 up to 2010. The manifest file says that a TAPI dll shall be updated. And also subfolder update <\/em>shipped within the patch has a date 06\/14\/2010. A bit mysterious \u2013 but I don't believe, that's an accidental shipped update, because it's only offered from the download link given above.<\/p>\n

My theory: Microsoft intended to realease an update – but somebody failed to link to the appropriate update package – or something in the download mechanic is broken (could be an explanation of the broken language selection).<\/p>\n","protected":false},"excerpt":{"rendered":"

[German]Microsoft has (probably) released another security update (KB982316) for Windows XP to the public. Admins of systems running the unsupported Windows XP could install this update. But the whole thing is mysterious – the package contains only old stuff – … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,2],"tags":[853,69,195,832,847],"class_list":["post-2906","post","type-post","status-publish","format-standard","hentry","category-update","category-windows","tag-kb982316","tag-security","tag-update","tag-wannacry","tag-windows-xp"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=2906"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2906\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=2906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=2906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=2906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}