JRB - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Windows POSReady 2009 registry hack brings back Windows XP updates

Admins who still have Windows XP systems on their networks can turn to a Windows POSReady 2009 registry hack to reopen the update floodgates.

It might seem crazy for an organization to still use Windows XP, but the elderly operating system is hanging around at many companies. The mere presence of Windows XP is bad enough, but what's even worse is that many of the machines aren't current with the latest Windows XP patch.

Windows XP is a dead OS, so Microsoft doesn't release Windows XP patches anymore. Unpatched machines connected to the network go without necessary security updates and can act as a portal for hackers and malware, but there is a way IT administrators can continue to patch and secure Windows XP machines until 2019.

Microsoft has a sister version of Windows XP called Windows POSReady 2009. It's an operating system for point of sale machines such as credit card readers, and its core is based on Windows XP Service Pack 3. Admins can make a simple change to the Windows XP registry to make XP think it's POSReady 2009, and it will continue to receive patches.

Windows XP patch hack

The hack is simple: Add a DWORD of <1> into the registry hive KEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady, and Windows updates start flowing again.

This hack only works with 32-bit versions of Windows XP, but 64-bit versions are rare. If an organization does have a 64-bit version, there is a method to get updates, but it is risky because the updates aren't tested on regular XP systems. Microsoft does not support either hack for getting continued Windows XP patches.

Using the registry edit to trick Windows XP into thinking it's Windows POSReady 2009 can improve security for organizations that can't move off Windows XP. Some shops simply can't make the transition from Windows XP to another operating system, whether it's because a legacy application won't run on a newer OS or there's no budget to upgrade. And although this tweak isn't supported by Microsoft, the security risks associated with not patching networked and internet-connected Windows XP systems are too great to not take any action. All it takes is for one user to click the wrong link or open a bad email attachment and not only is the unpatched Windows XP system infected, but the entire network is put at risk.

This registry hack is not the only option available to shops that still run Windows XP, however. Admins can turn to application virtualization, web-based applications or third-party products such as Sphere 3D's Glassware 2.0.

Regardless of the method they choose, IT administrators need a set plan to rid their networks of Windows XP or at least patch the machines that still run XP using the registry entry. Admins should also ensure that they're following other industry best practices on these endpoints, including implementing strong malware protection, data loss prevention, and proactive logging and alerting tools. If admins decide to ignore the security problems of sticking with Windows XP, they might be responsible if there's a security incident or confirmed breach.

Next Steps

Guide to a post Windows XP world

Why did Windows XP stick around so long?

User risk with Windows XP

This was last published in June 2016

Dig Deeper on Microsoft Windows XP Pro

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What is the biggest risk involved with continuing to use Windows XP?
Cancel
You will feel compelled to move to Linux one day when browsers fail to display web pages with error messages. Otherwise the security risks of continuing to use XP are greatly exaggerated. If you are really worried about security you could always install a Host Intrusion Prevention System like the awesome Malware Defender application (for hardcore geeks only).
Cancel
As of July 2017 the POSREADY 2009 registry hack is no longer working.  I have tried deleting these registry keys, but to no avail.  The only update notifications I receive are for Office 2007:

HKEY_LOCAL_MACHINESYSTEMWPAWEPOS
HKEY_LOCAL_MACHINESYSTEMWPAWES
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlWindowsEmbedded

All I can suggest at this stage is to visit the RyanVM forum and obtain the list of the updates included in the latest XPSP3 QFE POSREADY Updates Addon and compare this with the installed updates shown in the Nirsoft WinUpdateList program.  This program will display updates that were integrated into an install CD using the RyanVM Integrator in addition to those downloaded by Windows Update.  Then you can use this information to manually download the required updates from the Microsoft Update Catalog site.  Otherwise there is no alternative to the tiresome Microsoft Windows Update service as far as I know.
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close