Jump to content
NotebookTalk

0patch offers two more years of updates for Windows 7 and Windows Server 2008 R2


Papusan
 Share

Recommended Posts

0patch offers two more years of updates for Windows 7 and Windows Server 2008 R2 techspot.com

 

The company has already promised "two more years" of critical security patches for the Windows 7 codebase, extending the support period "at least" until January 2025 with a possible further extension dependent on client demand.

 

 

https://blog.0patch.com/2022/10/two-more-years-of-critical-security.html

 

Two More Years of Critical Security Patches for Windows 7 and Windows Server 2008 R2
Extended Security Updates about to be terminated? Don't worry, we have your back.

 

 

 

 

  • Thumb Up 1
  • Confused 2

"The Killer"  ASUS Maximus Z690 Apex | 13900K | Zotac graphics | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt  |  Custom Loop

 Papusan @ HWBOTTeam PremaMod @ HWBOT

Link to comment
Share on other sites

Microsoft is supporting Windows Server 2008 R2 until at least January 2024 for Azure customers, and I am assuming that those patches will be able to be shoved onto Windows 7 somehow, since the codebase and patches are largely the same?

Dell Precision 7770 (personal) • Dell Precision 7560 (work) • Full specs in spoiler block below
Info posts (Dell) — Dell Precision key postsDell driver RSS feeds • Dell Fan Management — override fan behavior
Info posts (Windows) — Turbo boost toggle • The problem with Windows 11 • About Windows 10 LTSC

Spoiler

Dell Precision 7770 (personal)

  • Intel Core i9-12950HX ("Alder Lake"), 8P+8E
    • 8× P cores ("Golden Cove"): 2.3 GHz base, 5.0 GHz turbo, hyperthreading
    • 8× E cores ("Gracemont"): 1.7 GHz base, 3.6 GHz turbo
  • 128GB DDR5-3600 (CAMM)
  • NVIDIA GeForce RTX 3080 Ti 16GB (DGFF)
  • Storage:
    • 2TB system drive: Samsung 980 Pro, PCIe4
    • 24TB additional storage: 3× Sabrent Rocket 4 Plus 8TB, PCIe4 (Storage Spaces)
  • Windows 10 (Enterprise LTSC 2021)
  • 17.3" 3940×2160 display
  • Intel Wi-Fi AX211 (Wi-Fi 6E + Bluetooth)
  • 93Wh battery
  • IR webcam
  • Fingerprint reader

 

Dell Precision 7560 (work)

  • Intel Xeon W-11955M ("Tiger Lake")
    • 8×2.6 GHz base, 5.0 GHz turbo, hyperthreading ("Willow Cove")
  • 64GB DDR4-3200 ECC
  • NVIDIA RTX A2000 4GB
  • Storage:
    • 512GB system drive (Micron 2300)
    • 4TB additional storage (Sabrent Rocket Q4)
  • Windows 10 (Enterprise LTSC 2021)
  • 15.6" 3940×2160 display
  • Intel Wi-Fi AX210 (Wi-Fi 6E + Bluetooth)
  • 95Wh battery
  • IR webcam
  • Fingerprint reader

 

Previous

  • Dell Precision 7530, 7510, M4800, M6700
  • Dell Latitude E6520
  • Dell Inspiron 1720, 5150
  • Dell Latitude CPi
Link to comment
Share on other sites

50 minutes ago, Aaron44126 said:

Microsoft is supporting Windows Server 2008 R2 until at least January 2024 for Azure customers, and I am assuming that those patches will be able to be shoved onto Windows 7 somehow, since the codebase and patches are largely the same?

wow that sounds....wonky. but hey, if it works, why not? more options! 😄 

Mine: Hyperion "Titan God of Heat, Heavenly Light, Power" (2022)
AMD Ryzen 9 7950X / Asus ROG Crosshair X670E Extreme / MSI Geforce RTX 4090 Suprim X / G.Skill Trident Z5 RGB DDR5-6600 2x16 GB / Seagate Firecuda 530 4 TB / 2x Samsung 860 Evo 4 TB / Arctic Liquid Freezer II 420 / Seasonic TX-1600 W Titanium / Phanteks Enthoo Pro 2 TG / Samsung Odyssey Neo G8 32" UHD 240 Hz / Ducky One 3 Daybreak Fullsize Cherry MX Brown / Corsair M65 Ultra RGB

 

My Lady's: Clevo NH55JNNQ "Alfred" (2022)
Sharp LQ156M1JW03 FHD matte 15.6" IGZO 8 bit @248 Hz / Intel 12600 @ 4.4 - 4.8 Ghz / Nvidia 3070 Ti 8 GB GDDR6 / G.Skill 16 GB DDR4-3800 / Samsung 970 Pro 1 TB / Intel AX201 ax+BT / Win 11 Pro Phoenix Lite OS / 230 W PSU powered by Prema Mod!

Link to comment
Share on other sites

Nobody needs their so called "critical Patches"  Windows 7 doesnt have any need for any such patches. If those types of patches were needed, they would have found them years ago, and microsofts "critical patches" tend to break perfectly functioning systems....aka windows 10. Whats needed for winodws 7 is continued driver support, but we know that wont happen. Windows 7 is actually fun to tweak, and customize....oh, and control myself without big brother MS ****ing things up.

  • Thumb Up 1
  • Bump 1

Lian Li Lancool III | Ryzen 9 7950X | 32gb G-skill Trident Z5 DDR5 6000mhz | MSI Mpg X670E Carbon |

Sapphire Radeon Pulse RX 6800XT |Arctic Liquid Freezer 420 AiO |

WD Black SN770 500gb NVME | Seagate 6Tb 7200rpm Data |

EVGA 1000w SuperNova |32" Agon 1440p 165hz Curved Screen | Windows 7 Ultimate | Windows 10 LoT 21h2

Link to comment
Share on other sites

On 1/11/2023 at 2:49 PM, Etern4l said:

Sounds too good to be true TBH. How can they patch software they don't have source code for?

By being really incredible programmers.

 

More specifically, their software overwrites the vulnerable part of Windows in-memory, while it is running, rather than on disk.  This prevents Windows from overwriting their patches due to its file protection system seeing modified files, and also prevents hackers from exploiting the security flaws, which are no longer present in the in-memory version of Windows (which is what is really important, programs always run in memory even though they are stored on disk while not running).

 

I know a guy who has added new functionality to an early 2000s strategy game by using a similar technique, in that case hooking into where functions are registered in the in-memory version of the code and redirecting the old functions to new ones that he has compiled from C or C++ code and which provide that new functionality.  Pretty incredible stuff.  I'm a good enough programmer to know conceptually that this is possible with some Windows APIs that could let you do this sort of thing, but am not nearly knowledgeable enough in assembly, in-memory executable structures, and reverse engineering to pull off anything like 0Patch.  Let alone also knowing enough to identify the security flaws and fix them.  0Patch probably relies in part on publicly available reports of the security flaws to know what to patch, and most patches will fall into several common categories, such as buffer overflows, but it's no mean feat.  There's a reason they charge for it, people who have that much knowledge of the Dark Arts can command a high salary.

 

I don't know that you could use those APIs on sandboxed Windows Store style applications, but for classic Win32 applications, and evidently for Windows itself, it is perfectly possible to write a program that modifies another program while it is running.  We're used to living in the post-MS-DOS world, where programs have their own memory spaces, you aren't supposed to be able to overwrite another program's memory.  Not the case with these APIs.  There's a sense of power that comes with realizing there is a way to do that even today, and that if you know enough about the program you are trying to modify - which is the really difficult part - you can modify it to behave how you like, regardless of how it was intended to behave. 

 

This API is the specific one I've used to overwrite another program's memory (along with a few of its sibling APIs to read the structure of the program's data and know what I want to modify).  It's intended to be used for debuggers; if it's the one 0Patch is using it, they're repurposed it for a different type of de-bugging.  I've only used it for proof-of-concept programs, since I don't have sufficient knowledge of adjacent skill sets to make something really impressive with it, but it works as advertised.

 

It's also worth noting that you want to think about whether you trust the people writing these sorts of programs - your thought of "this may be too good to be true" is a good instinct.  Like anti-virus programs, they reach rather deep into your system to do what they do.  I have no reason to believe 0Patch is not trustworthy, and politically they're from Slovenia which has a good reputation, but I am not Bruce Schneier or Brian Krebs.  If you are enough of a Real Programmer to write 0Patch and fix these flaws, you are also enough of a Real Programmer to write software that would add security holes to a system.

  • Thumb Up 1
  • Like 1

Desktop: Core i5 2500k "Sandy Bridge" | RX 480 8 GB | 32 GB DDR3 | 850 Evo + HDDs | Seasonic Prime Titanium 650W | 8.1 Pro

Laptop: MSI Alpha 15 | Ryzen 5800H | Radeon 6600M | 16 GB DDR4 | 512 GB SSD | 10 Home

Laptop history: MSI GL63 (2018) | HP EliteBook 8740w (acq. 2014) | Dell Inspiron 1520 (2007)

Link to comment
Share on other sites

All I am hearing so far is "really incredible hackers". If you allow 3rd party software to somehow "patch" shared libraries, arbitrary applications, and the kernel in memory, which would be nuts - if an OS made actually all of that possible (BTW how do we know if any of the alleged "patching" actually happens?), I would immediately delete it. The whole thing sounds sketchy as hell due to the violation of basic modern OS design principles and for the reasons you mentioned in the last paragraph. Based on the information at hand so far, I wouldn't touch this thing with a barge pole. 

Link to comment
Share on other sites

On 1/13/2023 at 1:03 AM, Etern4l said:

All I am hearing so far is "really incredible hackers". If you allow 3rd party software to somehow "patch" shared libraries, arbitrary applications, and the kernel in memory, which would be nuts - if an OS made actually all of that possible (BTW how do we know if any of the alleged "patching" actually happens?), I would immediately delete it. The whole thing sounds sketchy as hell due to the violation of basic modern OS design principles and for the reasons you mentioned in the last paragraph. Based on the information at hand so far, I wouldn't touch this thing with a barge pole. 

For user mode programs, one of the programs you can use to view (and edit) running memory of other programs is HxD Hex Editor.  Go to Tools -> Main Memory, choose the program whose memory you want to examine, and you can start viewing it and editing it.  This could be used to verify patching happened in a equivalent process for user mode programs.  There are probably tools that offer a similar experience for kernel-mode programs, but I don't know what those tools are.

 

0Patch almost certainly uses a kernel-mode driver to apply its updates, since a user-mode program shouldn't be able to patch kernel-level components.  Their user manual mentions that you must install it with an administrator account, which would be required for installing a kernel-mode driver.

 

But just like you can do sketchy things with other user-mode programs as a user-mode program, once you have a kernel-level driver installed, you can do quite a bit at the OS/kernel level.  This is why you'll occasionally read about a flawed update to an anti-virus program causing havoc; they also are putting tentacles all over the place to do what they do, with kernel-level drivers, and are another category of program where thought about, "do I trust the developers of this program?" should be made before installing them.

 

It's also worth noting that Windows NT (the core architecture of Windows today) dates from the early 1990s, and was not considered a cutting-edge design even at the time, but a pragmatic one.  GNU was following then-modern OS design principles with its HURD kernel, but Linux and Windows NT went with older monolithic designs.  Sandboxing wasn't really a thing, and while there was a whole lot more protection from accidentally trampling on other applications than there was in DOS-based Windows (especially in the early days in Real Mode), there weren't a lot of guardrails against intentionally trampling beyond the user/kernel mode split.  A walled garden like iOS can restrict some of the abusable APIs to only be used by first-party software, but Windows NT was not designed like that, and at a time when most computers weren't networked, the security threat model was different.

 

The upshot is this is why it's important to be careful about downloading programs from the Internet, and why (from a security standpoint) Microsoft launched the Microsoft Store where applications are more restricted than traditional Win32 applications, with sandboxing that follows those modern principles that didn't exist when Win32 was created.

 

I don't yet feel like I have enough information to say whether 0Patch is trustworthy.  Which, if they are, is probably one of their main business challenges.  The tradeoff of using their product is you are definitely screwed if they aren't trustworthy, while you are potentially screwed if you don't use their product and a hacker exploits a flaw on your system that their software would have protected you from.  The lower-risk of a user you are, the less potential upside there is in the risk of trusting 0Patch.

 

For additional reading, I'd recommend the book, Showstopper! by G. Pascal Zachary, about the development of Windows NT.

  • Thumb Up 1

Desktop: Core i5 2500k "Sandy Bridge" | RX 480 8 GB | 32 GB DDR3 | 850 Evo + HDDs | Seasonic Prime Titanium 650W | 8.1 Pro

Laptop: MSI Alpha 15 | Ryzen 5800H | Radeon 6600M | 16 GB DDR4 | 512 GB SSD | 10 Home

Laptop history: MSI GL63 (2018) | HP EliteBook 8740w (acq. 2014) | Dell Inspiron 1520 (2007)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use