News Company offers unofficial security patches for Windows 10 until 2030 — free, $27 Pro, and $37 enterprise subscriptions

[t3t4]

*sigh* I would be shocked to discover that you even tried Linux in the last 5 years.

I guess you'll just have to be "shocked" then!

 

[Alvar "Miles" Udell]

1. Most people neither know nor care what 'version' they have. They use whatever came with the PC they bought.

2. If the system is not natively Win 11 compatible, it will be 8, almost 9 years old by Oct 2025 when Win 10 falls off support. It would need to be 7th Gen Intel or similar AMD.

The exception is Zen 1, which is not Windows 11 capable (officially) due to TPM 2.0, so it could be as little as 5 years old, or less if they waited a year or two to build it when the prices dropped, and still quite viable.

 

[NinoPino]

The question I asked myself was slightly different: "How can this even work a little bit?"
or
"How can this possibly come anywhere near to what people might expect this to do for them?"

I remember old mainframe operators going misty eyed on how they managed to hot-patch around some vendor stupidity by simply stopping the machine from the front panel, and entering instructions and data manually via the front panel switches to jump around them and then having it resume without it.

So that's binary patching without vendor consent about 60 years ago.
On mainframes with perhaps 48K words of ferrite core RAM.

These patch service companies aren't going to get Microsoft or 3rd party source code. They can't proactively eliminate newly discovered vulnerability patterns across the entire OS code base. At the very best they can patch a vulnerability that has been exploited actively enough to come to wider attention, and your main hope would be that it wasn't you, as perhaps the most attractive and biggest target, which created that attention by going down big time.

They also won't get source code for the drivers and the many services and run-time libraries that get included into what today is called an OS, while the patching service might in fact be offered only on the kernel and perhaps one or two other services listed in an addendum you'd have to read very, very carefully to check if that covers a significant part of what you need.

Anyone contemplating this needs to be truly desperate. And thus in no proper mind to make sound decisions.

Agree with you and I have the same doubts.
I am also very scared that nobody in this forum wondered how this could be technically viable. And I'm disappointed that the author of the article, as often happens, wrote a simple press communicate without asking details to "0Patch".

 

[t3t4]

Agree with you and I have the same doubts.
I am also very scared that nobody in this forum wondered how this could be technically viable. And I'm disappointed that the author of the article, as often happens, wrote a simple press communicate without asking details to "0Patch".

So, you guys don't know how 3rd party support works??? None of you have ever called Microsoft before and got a non-English speaking support agent on the line??? Really?

How about Samsung, LG, Maytag, Hewlet Packard, Asus, TP-link....ect! None of you ever experienced the pleasure of 3rd party support?

I'll tell you how it works. And I quote:

Did you try turning it off and back on again?

That is all support for all things now everywhere, all the time! If not that bit of copy and paste uselessness, then it's a web link to the same thing! Nobody working at any of these support companies has a clue what they're selling or supporting, let alone how it actually works or how to diagnose ANYTHING!

This is how the world works now. Turn it off, turn it on, then replace it 3 times before refunding your money.

 

[USAFRet]

I am also very scared that nobody in this forum wondered how this could be technically viable.

Oh, we're wondering...lol.

Where might this data come from?
It can only really come from MS.

And what 'extras' would this company include?

 

[jp7189]

There are appliances out there (esp. in the medical world) that are hideously expensive, run Windows at the core and are certified only in their exact shipping config. I've never really understood why the manufacturers of those things don't have upgrade packages (sometimes they do), but the prospect of replacing a $100k+ device just isn't an option sometimes. It can be cheaper to build SCADA like security around the networks those things are on. It why you still see so many installs of Win7 running in hospitals.

I just ran in to an industrial control system this afternoon that's running WinXP under the hood. I was told once a system is deployed and certified it's not allowed to be updated in any way.

 

[COLGeek]

I just ran in to an industrial control system this afternoon that's running WinXP under the hood. I was told once a system is deployed and certified it's not allowed to be updated in any way.

Sure, there are many such cases. However, those devices should never be internet accessible for securities sake.