Still receiving windows XP updates... Is this expected behavior?
Solution 1
Both answers given say it, but I don't consider them clear enough. This lead me to add an answer of my own, just to clarify things.
Microsoft stopped providing updates for Windows XP since april 1st 2014. The updates excluded are security hotfixes for Windows XP
and updates to Microsoft Security Essentials
.
The Windows Update functionality won't stop, but no updates that fix security leaks in Windows XP will be patched, meaning that the longer you use Windows XP the bigger the chances are that your pc becomes infected with spyware and a hacker can take over your pc installing randsomware and other crap.
Especially old pc's had a problem because updating to a newer OS meant that it just would not be possible due to the performance. Luckily, since the recent Windows 8.1 update, if you install Windows 8.1 32 bit (given that you have less than 4 GB of ram) it will actually perform better than Windows XP will. I experienced this first hand myself when I was forced to update my old pc. Not to mention that a full install of Windows 8.1 requires less free diskspace than Windows XP does.
Solution 2
The updates shown on your screenshot are not Windows XP updates. They are related to .NET Framework, Office 2007, Office 2010 and the Malicious Software Removing tool that's why you're receiving it.
I don't think your system is compromised (at the moment) but I strongly advise you to upgrade it to at least Windows 7 because Windows XP is no longer supported.
http://windows.microsoft.com/en-us/windows/end-support-help
Solution 3
The key thing to understand is that no NEW
updates will be released for Windows XP after the EOS date. All previous updates will still be made available, so check the release date of the updates you're seeing. They should all be prior to the EOS date with the exception of the update for IE related to CVE-2014-1776. I'm not sure if the Windows Malicious Software Removal Tool qualifies as an update but what you're seeing is legitimate, as shown here in the Applies to
section:
https://support.microsoft.com/kb/890830
Additionally, I would find it very hard to believe that malware could inject itself into the Automatic Updates engine and masquerade as an update advertised alongside legitimate updates.
Related videos on Youtube
Comments
-
Pacerier almost 2 years
According to the answer on another post, we should not have been receiving any more updates for Windows XP.
But I am receiving updates:
Is this indicative that my system is bugged or compromised (some malicious program trying to trick me into clicking "Download" which downloads their software)?
-
L.B. about 10 yearsThe notice I received from Microsoft said that although they are no longer providing updates for Windows XP, they are going to continue to provide security updates.
-
Cole Tobin about 10 yearsThe real question is why you are still using Windows XP?
-
Cole Tobin about 10 yearsIf a malicious program was trying to trick you into installing their software, it wouldn't look like a native window. If it was a native window, why would the malware bother asking you to install their software?
-
David Richerby about 10 years@ColeJohnson I agree that malware wouldn't ask for permission to install but the idea that malware doesn't try to look like native windows is dangerously wrong. It does try to look like native windows, to mislead people into using it, just like phishing emails try to look like actual emails from eBay/PapPal/your bank.
-
Pacerier about 10 years@ColeJohnson, The real question is why there are still tons of people using Windows XP... gs.statcounter.com/press/…
-
Ramhound about 10 yearsAll 4 of those updates are for other Microsoft products. Microsoft before the April date say WMSRT updates would continue.
-
Thalys about 10 yearsI'm still getting those updates as well on my dad's XP system - I'd guess OS updates are gone, but stuff like .net will keep being updated
-
Pacerier about 9 years@JourneymanGeek, Which "leading VFX" company are you at?
-
Thalys about 9 yearsPlace called double negative.
-
-
Pacerier about 10 yearsWell the update dates in the screenshot above clearly shows May 2014 which is after EOS...
-
joeqwerty about 10 yearsYes, which is why I clearly stated that I wasn't sure whether or not the Windows Malicious Software Removal Tool qualifies as an update, but the KB clearly states that it applies to Windows XP.
-
gronostaj about 10 yearsFrom your answer: "The updates included are security hotfixes for windows xp", and later: "no updates that fix security leaks in windows xp will be patched". Aren't those opposite?
-
LPChip about 10 years@gronostaj you're right. I meant the updates excluded are... I'll edit my post.
-
Brandon about 10 years"Additionally, I would find it very hard to believe that malware could inject itself into the Automatic Updates engine and masquerade as an update advertised alongside legitimate updates." That sounds like a brilliant idea for malware writers. I'm sure it can be done too. Why not?
-
Michael Hampton about 10 yearsTo be clear, you can still download old updates, but new ones will generally not be produced.
-
Keavon about 10 years@LPChip, that's still unclear. Are they providing updates to security fixes or not? The second paragraph seems to say it is, but the third says otherwise.
-
LPChip about 10 years@Keavon they don't. Microsoft excluded support for updates as "security hot fixes" and "Microsoft Security essentials". So no hotfixes and virus definition updates. (MSE will actually say that Windows XP is unsupported and that you are unprotected) The scanner works, but no new definitions are downloaded for the anti-virus technology.
-
kirb about 10 yearsUpdates are signed with a certificate. You'd need to retrieve the private key somehow. I do believe there was a case of it being successfully brute forced to deliver malware, though.
-
HikeMike about 10 yearsWindows Malicious Software Removal Tool - May 2014 appears (from its name only) to have been released after support ended. Wouldn't that contradict this answer?
-
LPChip about 10 years@danielBeck
Windows Malicious Software
is notMicrosoft Security Essentials
, so no.