windows xp

10 Articles

Kernel Hack Brings Windows XP To The 486

June 23, 2024 by 20 Comments

The venerable Intel 486 was released in 1989 as the successor to the extremely popular Intel 386. It was the minimum recommended processor for Windows 98.  (Surprisingly, the Windows 95 minimum was a 386!)  But by the time XP rolled around, you needed at least a 233 MHz Pentium to install. Or at least that was the case until recently when an extremely dedicated user on MSFN named [Dietmar] showed how he hacked the XP kernel so it could run on the classic chip!

The biggest issue preventing XP from working on earlier processors is an instruction introduced on the Pentium: CMPXCHG8B. This instruction compares two 8-byte values and takes different actions depending on an equality test. It either copies the 8 bytes to a destination address or loads it into a 64-bit register. Essentially, it does what it says on the tin: it CoMPares and eXCHanGes some values. If you want to dig into the nitty-gritty details, you can check out this info on the instruction taken from the x86 datasheet.

Without getting too technical, know that this instruction is vital for performance when working with large data structures. This is because one instruction moves 8 bytes at a time, unlike the older CMPXCHG instruction, which only moves a single byte. Essentially, [Dietmar] had to find every usage of CMPXCHG8B and replace it with an equivalent series of CMPXCHG instructions.

On a side note, the once well-known and devastating Pentium F00F bug was caused by a faulty encoding of the CMPXCHG8B instruction. This allowed any user, even unprivileged users, to completely lock up a system, requiring a full reset cycle!

So [Dietmar] was successful, and now you can run the German version of Windows XP on either a real 486 or an emulated one. The installer is available on the Internet Archive and there’s a detailed video below demonstrating installing it on the 86Box virtual machine host.

Continue reading “Kernel Hack Brings Windows XP To The 486”

Hackaday Links Column Banner

Hackaday Links: June 2, 2024

June 2, 2024 by 6 Comments

So you say you missed the Great Solar Storm of 2024 along with its attendant aurora? We feel you on that; the light pollution here was too much for decent viewing, and it had been too long a day to make a drive into the deep dark of the countryside survivable. But fear not — the sunspot that raised all the ruckus back at the beginning of May has survived the trip across the far side of the sun and will reappear in early June, mostly intact and ready for business. At least sunspot AR3664 seems like it’s still a force to be reckoned with, having cooked off an X-class flare last Tuesday just as it was coming around from the other side of the Sun. Whether 3664 will be able to stir up another G5 geomagnetic storm remains to be seen, but since it fired off an X-12 flare while it was around the backside, you never know. Your best bet to stay informed in these trying times is the indispensable Dr. Tamitha Skov.

Continue reading “Hackaday Links: June 2, 2024”

Building A Serial Bus To Save An Old Hard Drive

June 28, 2022 by 67 Comments

Universal Serial Bus has been the de facto standard for sending information to and from computer peripherals for almost two decades, but despite the word “universal” in the name this wasn’t always the case. Plenty of competing standards, including USB, existed in the computing world in the decades before it came to dominance, and if you’re trying to recover data from a computer without USB you might have to get creative with how it’s done.

[Ben] recently came across a 80486 with this problem, so he had to get creative to recover the contents of the drive. He calls it the “lunchbox” computer due to its form factor, and while it doesn’t have USB it does have a tried-and-trusted serial port to communicate with other computers. [Ben] wrote up a piece of software for both the receiving computer and the sending computer in order to copy the drive sectors one by one across a serial link to a standalone computer running Windows XP, and was able to recover the contents of the drive that way instead.

All of the code [Ben] wrote is available on his GitHub page for anyone looking to boot up a 30-year-old computer again. While it might sound uncommon, computers of this vintage are still around running things like CNC machines or old mainframes.

Ask Hackaday: Is Windows XP Source Code Leak A Bad Thing?

September 25, 2020 by 57 Comments

News comes overnight that the Windows XP source code has been leaked. The Verge says they have “verified the material as legitimate” and that the leak also includes Windows Server 2003 and some DOS and CE code as well. The thing is, it has now been more than six years since Microsoft dropped support for XP, does it really matter if the source code is made public?

The Poison Pill

As Erin Pinheiro pointed out in her excellent article on the Nintendo IP leak earlier this year (perhaps the best Joe Kim artwork of the year on that one, by the way), legitimate developers can’t really make use of leaked code since it opens them up to potential litigation. Microsoft has a formidable legal machine that would surely go after misuse of the code from a leak like this. Erin mentions in her article that just looking at the code is the danger zone for competitors.

Even if other software companies did look at the source code and implement their own improvements without crossing the legal line, how much is there still to gain? Surely companies with this kind of motivation would have reverse engineered the secret sauce of the long dead OS by now, right?

Spy vs. Spy

The next thing that comes to mind are the security implications. At the time of writing, statcount pegs Windows XP at a 0.82% market share which is still going to be a very large number of machines. Perhaps a better question to consider is what types of machines are still running it? I didn’t find any hard data to answer this question, however there are dedicated machines like MRIs that don’t have easy upgrade paths and still use the OS and there is an embedded version of XP that runs on point-of-sale, automated teller machines, set-top boxes, and other long-life hardware that are notorious for not being upgraded by their owners.

Continue reading “Ask Hackaday: Is Windows XP Source Code Leak A Bad Thing?”

Hiding Malware, With Windows XP

May 22, 2020 by 20 Comments

In the nearly four decades since the first PC viruses spread in the wild, malware writers have evolved some exceptionally clever ways to hide their creations from system administrators and from anti-virus writers. The researchers at Sophos have found one that conceals itself as probably the ultimate Trojan horse: it hides its tiny payload in a Windows XP installation.

The crusty Windows version is packaged up with a copy of an older version of the VirtualBox hypervisor on which to run it. A WIndows exploit allows Microsoft Installer to download the whole thing as a 122 MB installer package that hides the hypervisor and a 282 MB disk image containing Windows XP. The Ragnar Locker ransomware payload is a tiny 49 kB component of the XP image, which the infected host will run on the hypervisor unchallenged.

The Sophos analysis has a fascinating delve into some of the Windows batch file tricks it uses to probe its environment and set up the connections between host and XP, leaving us amazed at the unorthodox use of a complete Microsoft OS and that seemingly we have reached a point of system bloat at which such a large unauthorised download and the running of a complete Microsoft operating system albeit one from twenty years ago in a hypervisor can go unnoticed. Still, unlike some malware stories we’ve seen, at least this one is real.

This Week In Security: What’s Up With Whatsapp, Windows XP Patches, And Cisco Is Attacked By The Thrangrycat

May 21, 2019 by 21 Comments

Whatsapp allows for end-to-end encrypted messaging, secure VoIP calls, and until this week, malware installation when receiving a call. A maliciously crafted SRTCP connection can trigger a buffer overflow, and execute code on the target device. The vulnerability was apparently found first by a surveillance company, The NSO Group. NSO is known for Pegasus, a commercial spyware program that they’ve marketed to governments and intelligence agencies, and which has been implicated in a number of human rights violations and even the assassination of Jamal Khashoggi. It seems that this Whatsapp vulnerability was one of the infection vectors used by the Pegasus program. After independently discovering the flaw, Facebook pushed a fixed client on Monday.

Windows XP Patched Against Wormable Vulnerability

What year is it!? This Tuesday, Microsoft released a patch for Windows XP, five years after support for the venerable OS officially ended. Reminiscent of the last time Microsoft patched Windows XP, when Wannacry was the crisis. This week, Microsoft patched a Remote Desktop Protocol (RDP) vulnerability, CVE-2019-0708. The vulnerability allows an attacker to connect to the RDP service, send a malicious request, and have control over the system. Since no authentication is required, the vulnerability is considered “wormable”, or exploitable by a self-replicating program.

Windows XP through Windows 7 has the flaw, and fixes were rolled out, though notably not for Windows Vista. It’s been reported that it’s possible to download the patch for Server 2008 and manually apply it to Windows Vista. That said, it’s high time to retire the unsupported systems, or at least disconnect them from the network.

The Worst Vulnerability Name of All Time

Thrangrycat. Or more accurately, “😾😾😾” is a newly announced vulnerability in Cisco products, discovered by Red Balloon Security. Cisco uses secure boot on many of their devices in order to prevent malicious tampering with device firmware. Secure boot is achieved through the use of a secondary processor, a Trust Anchor module (TAm). This module ensures that the rest of the system is running properly signed firmware. The only problem with this scheme is that the dedicated TAm also has firmware, and that firmware can be attacked. The TAm processor is actually an FPGA, and researchers discovered that it was possible to modify the FPGA bitstream, totally defeating the secure boot mechanism.

The name of the attack, thrangrycat, might be a satirical shot at other ridiculous vulnerability names. Naming issues aside, it’s an impressive bit of work, numbered CVE-2019-1649. At the same time, Red Balloon Security disclosed another vulnerability that allowed command injection by an authenticated user.

Odds and Ends

See a security story you think we should cover? Drop us a note in the tip jar!

Free As In Beer, Or The Story Of Windows Viruses

July 5, 2017 by 211 Comments

Whenever there’s a new Windows virus out there wreaking global havoc, the Linux types get smug. “That’ll never happen in our open operating system,” they say. “There are many eyes looking over the source code.” But then there’s a Heartbleed vulnerability that keeps them humble for a little while. Anyway, at least patches are propagated faster in the Linux world, right?

While the Linuxers are holier-than-thou, the Windows folks get defensive. They say that the problem isn’t with Windows, it’s just that it’s the number one target because it’s the most popular OS. Wrong, that’d be Android for the last few years, or Linux since forever in the server space. Then they say it’s a failure to apply patches and upgrade their systems, because their users are just less savvy, but that some new update system will solve the problem.

There’s some truth to the viruses and the patching, but when WannaCry is taking over hospitals’ IT systems or the radiation monitoring network at Chernobyl, it’s not likely to be the fault of the stereotypical naive users, and any automatic patch system is only likely to help around the margins.

So why is WannaCry, and variants, hitting unpatched XP machines, managed by professionals, all over the world? Why are there still XP machines in professional environments anyway? And what does any of this have to do with free software? The answer to all of these questions can be found in the ancient root of all evil, the want of money. Linux is more secure, ironically, at least partly because it’s free as in beer, and upgrading to a newer version is simply cheaper.

Continue reading “Free As In Beer, Or The Story Of Windows Viruses”