
Developer publishes patch to enable Windows 7 and 8.1 updates on new hardware - happy-go-lucky
http://www.computerworld.com/article/3191427/microsoft-windows/developer-lifts-windows-7s-update-blockade-with-unsanctioned-patch.html
======
mauvehaus
Actual technical content on github, which is linked from the article, but
perhaps should be the main link?

[https://github.com/zeffy/kb4012218-19](https://github.com/zeffy/kb4012218-19)

The article does at least do some digging vis-a-vis the history of Zeffy's
work and how it came to reach the state that it's in currently, so some credit
is due to computerworld.

~~~
AlexandrB
It'll be interesting to see what happens next and whether Microsoft will put
effort into closing this loophole. If so I think it reinforces the idea that
this hardware check is an attempt to force upgrades to Windows 10, not just a
"we're choosing not to support this platform" decision.

~~~
blibble
they'll probably move the logic into the kernel and use patchguard to defend
it

~~~
AlexandrB
Thinking more about it - it's pretty funny that such a patch would:

* do nothing on machines running < Kaby Lake

* not install on machines running >= Kaby lake with no modifications

* only install and function on machines running >= Kaby Lake that have been hacked by the user to download future Microsoft patches

------
Paul_S
I don't think anyone believed it was anything but a business decision so this
is not really shocking.

Operating systems are hard, drop Windows and sell your software on Linux. We
all know it's inevitable in the long run.

~~~
GiorgioG
Windows 7 was end of life'd in January of 2015. I don't think this is some
kind of evil business decision Microsoft made. Switching to Linux isn't a
magical way to ensure your OS version will be supported for the rest of
eternity. Linux is great for many things, but give the Microsoft/Windows is
evil thing a rest.

~~~
philipov
The evil business decision was to make Windows 10 a steaming pile of malware.
Everything else follows from that. If running Windows 10 weren't such a big
security risk, end-of-lifing Windows 7 and 8 wouldn't be a problem.

~~~
BEEdwards
OSX is sending just as much telemetry back to Apple, but it's less hipster to
call their OS a steaming pile of malware...

~~~
oceanswave
Citation needed.

Windows 10 "Basic" level telemetry:
[https://technet.microsoft.com/itpro/windows/configure/basic-...](https://technet.microsoft.com/itpro/windows/configure/basic-
level-windows-diagnostic-events-and-fields)

macOS Sierra Privacy policy and analytics:
[https://www.apple.com/privacy/privacy-
policy/](https://www.apple.com/privacy/privacy-policy/)
[https://support.apple.com/kb/PH25654?locale=en_US&viewlocale...](https://support.apple.com/kb/PH25654?locale=en_US&viewlocale=en_US)

~~~
cptskippy
> With your explicit consent, we may collect data about how you use your
> device and applications in order to help app developers improve their apps.

That is all Apple's policy has to say about Telemetry collection. It doesn't
say when or how it gains consent.

With Windows you can't install without consent. I'm not going to re-image my
Mac to check but I wouldn't at all be surprised if consent was part of that
first boot EULA that you agree to.

Ultimately you find Microsoft's transparency on the matter is unsettling but
Apple's hand waving "Trust us to do the right thing" is ok?

~~~
Joeri
Also, I've never heard of any OS vendor, microsoft or otherwise, abusing
telemetry data. They're incentivized to not abuse this data.

------
youdontknowtho
When Mark Russinovich did something like this, he got a job offer from
Microsoft. Maybe Zeffy has a future on the Windows team?

~~~
chris_wot
The question is: why would you want put yourself through that level of hell? I
don't mean working for Microsoft, that would be pretty amazing! What I mean
is, why would _anyone_ want to become a specialist in Windows Update and
winsxs technologies?

Seriously, it's kludge after kludge. Windows 7 uses the WSUS protocol (which
is a hairball set of web services) to figure out which updates it needs to
apply - of which it does through recursively querying what base packages are
on the system and goes some way to explain the incredibly slow updates people
see... but it gets its latest package list and after Microsoft realised they
had so many security patches they were releasing they discovered their CAB
file format needed to be rearchitected as it could hold enough files... hence
WSUSCAN2.CAB now must be downloaded along with something like a third or
fourth attempt at getting the windows agent written correctly.

But it gets worse, because somehow it must check what it has downloaded in a
gigantic (over 1GB) opaque ESE edb file, which it synchronised with the sift
are distribution cache in the Windows directory. Here it looks up the
Componebt Based Services registry, along with a CONPONENTS hive that only the
Windows Update service loads and you generally can't see when you open
Regedit. Except that there is a set of keys in the
HKLM\Software\Microsoft\CurrentControlSet\Conponebt Based Services -
consisting of an ApplicabilityCache, a list of packages, a package index, a
set of package detection keys, and a set of componebt detection keys.

Once you begin to decipher a current and applicable state, you must work out
how it relates to the package index list in the registry, which in turn
somehow related to the packages keys, which have their own interesting binary
keys that Microsoft set...

So once you've worked that out then you need to decipher the manifest files in
the Windows Sude by Side system. These are signed with CAT files, abdysuslly
have Microsoft Update files that go along with actually payload files. Somehow
these relate to a set of session XML files, which are meant to help you
troubleshoot when things go wrong and package states go awry. Except the XML
format isntvfocumebted except in a few tantalising blogs which aren't in any
way complete and some of which seem to becMicrosidt developers reverse
engineering the file format themselves...

WinSxS itself holds every files ever installed by Windows Uodate in the
%systemroot%\winsxs folder, which is a bunch of folders with NTFS hardkinks
back to the C:\Windows\system32 files. Microsoft originally wanted to see the
state of an installation so they made the decision that when the kinks to
newer files were updated they would keep The of files around so they could
know the system state and presumably try to allow rolling forwards and
backwards o a snapshot of time - they reasoned this was ok because they
released the dism.exe took to remove of hitfixee and updates from previous
service packs. Unfortunately that switch never got used because the DISM got
released in Windows 7 SP1 and sonebody in Mucrosodt decided to go with rolling
updates, and no more service packs. Consequently there are often 8 or 9 GBof
unneeded and unused files in most Windows 7 systems (depending on the age and
how frequently updated the system has been maintained)... and evidently
someone st Microsofy realised this because about 4 or 5 months ago they
released an update for, or all things, the Windows Disk Cleanup Woizard to
remove these old packages. You must run it, then reboot and depending on the
amount if packages it removes has been known to have edb ysers stuck in "100%
of updates have been installed" for 15 to 45 minutes whilst it cranks through
the cleanup process. Of course most end users think there PC has crashed and
Windows is "stuck" so they reboot it half way through, to varying results.

There are three different tools to check corruption - the sfc utility, the
dism utility and a variety of Windows diagnostics that old you can download
and that are a bunch of Powershell of VBscriot scripts that attempt to
_slowly_ fix the plethora of issues that can prevent Microsoft Update from
working.

No, kernel reversing engineering is fun, but poking around Windows Update is
not. I wouldn't recommend getting hired to untangle it...

~~~
ch4ck
Disk cleanup wizard WinSXS addon for W7 SP1 was released in October 2013...

[https://blogs.technet.microsoft.com/askpfeplat/2013/10/08/br...](https://blogs.technet.microsoft.com/askpfeplat/2013/10/08/breaking-
news-reduce-the-size-of-the-winsxs-directory-and-free-up-disk-space-with-a-
new-update-for-windows-7-sp1-clients/)

~~~
chris_wot
Oh, I stand corrected then!

