• United States



Registry hack enables free Windows XP security updates until 2019

May 26, 20143 mins
Data and Information SecurityMicrosoftSecurity

Banks paid millions for continued Windows XP security updates, but a simple registry tweak enables those updates for free.

Windows XP users might want to rejoice as there’s a registry hack that will let those machines continue to receive security updates until April 2019…all for low, low price of free.

A week before Microsoft ended XP support, 95% of the world’s 2.2 million ATMs were still running XP; banks were willing to cough up millions upon millions to pay Microsoft for extended support. ATMs, cash registers and self-service checkouts use a different breed of stripped-down XP; it has a smaller footprint and is meant for point-of-sale devices, but this registry hack will also work for “regular” XP machines, according to ghacks.

What makes this interesting is the fact that Windows Embedded POSReady 2009 is based on Windows XP Service Pack 3, and that the security updates released for that system are identical with the ones that Microsoft would have released for XP systems.

The extended support for Windows Embedded POSReady 2009 systems ends on April 9th, 2019 which means that you can use the trick to get another five years of security patches for XP.

For 32-bit versions of Windows XP SP3, tweak the registry by opening Notepad, and pasting in:

Windows Registry Editor Version 5.00



Then Save As xp.reg. Note, the “.reg” file extension, not the default .txt.

Alternately, you can download the registry tweak.

For 64-bit versions of XP, there is a workaround on Sebijk. The site is originally in German, but here’s the English translation.

Users really should migrate away from XP, and continued security updates won’t change that fact. Microsoft harped on about that for the last six months, how Windows XP is less secure than more modern versions of Windows.

After changing the registry, Betanews grabbed a screenshot showing security updates for WEPOS and POSReady 2009. But Microsoft will probably also issue a reminder that those updates are not meant for desktop systems. Still, it seems worth trying if you haven’t moved away from XP and haven’t paid the Redmond giant millions for continued support.

Like this? Here’s more posts:

  • Hacking hotels, shells, cellphones, cars and more mischief coming to Black Hat
  • Microsoft knew about ‘new’ Internet Explorer zero-day for 7 months but won’t patch
  • Yikes, ICS-CERT reminds public utilities about dangers of remote access without firewall
  • New NSA Chief expects attacks attempting to damage, destroy critical infrastructure
  • Huge demand for NSA-proof email: ProtonMail uses a month’s server capacity in 3 days
  • Smart toilet spying on health is a hoax, but is there privacy in a public potty?
  • No reasonable expectation of privacy when third parties cross the creepy line?
  • Over 70% of energy and financial firms say cyberattacks coming within 12 months
  • Microsoft shares 2 cybersecurity papers to protect infrastructure and supply chain

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.