Two months ago, in an effort to fightback against the WannaCry ransomware, Microsoft took the ‘highly unusual’ step of releasing a patch for Windows XP, the ancient operating system it stopped supporting back in 2014 (even though, as it turned out, it was really Windows 7, not XP, that was to blame for the spread of the devastating malware).
Then just two weeks ago, Microsoft included Windows XP and Vista — another operating system it no longer supports — in June’s Patch Tuesday updates. Despite these recent actions, neither XP nor Vista are going to receive regular security updates from Microsoft, meaning users still running either OS remain at serious risk. However, the good news is there are a couple of tricks you can use to continue receiving security updates for both XP and Vista.
In the case of XP, the trick is to make use of updates for Windows Embedded Industry (formerly known as Windows Embedded POSReady). This is based on Windows XP Service Pack 3, and the security updates which are being released for it are essentially the same ones Microsoft would have pushed out for XP, if it was still doing so.
You can’t simply install the updates — that would be too easy — and you’ll receive a version mismatch error if you try. But a simple registry tweak is enough to fix that.
Create a text document, and call it XP.reg. You’ll need to make sure .reg is the proper extension — so not “XP.reg.txt”. If it’s not showing up as a registry file, open any folder, go to Tools > Folder Options, select View and uncheck ‘Show hidden files and folders’. That should fix the problem.
Right-click the file, and select Edit. Paste in the following:
Windows Registry Editor Version 5.00
Save it, and then double-click the file. That will make that change to the registry. That’s all you need to do. Windows should now automatically fetch updates designed for Windows Embedded Industry, ensuring XP remains protected until 2019.
This trick only works for 32-bit editions of XP, but there’s a workaround for 64-bit versions here.
As for Vista, the trick to getting updates is similar, except it uses Windows Server 2008’s patches as that OS architecture is very close to Vista’s and Microsoft plans to keep supporting it until 2020.
To use this, you need to make use of the Microsoft Update Catalog.
The steps to follow are:
- Look for any Windows Server 2008 updates mentioned by Microsoft, and make a note of the relevant Knowledge Base ID, or browse the regularly updated list at BeepingComputer.
- Open the Microsoft Update Catalog and search for the ID, or click the BeepingComputer update link.
- Locate the Windows Server 2008 version of the patch.
- Download and install it.
Naturally there are risks associated with both these methods — you are, after all, installing patches on an operating system they aren’t intended for — so it’s worth making sure you’ve backed up all your important personal files or settings before proceeding.