Microsoft Delays Windows XP Service Pack 2 399
Rinisari writes "DesignTechnica, among some others
, explains that Microsoft has once again delayed its release of Service Pack 2 for Windows XP, though only until August. Microsoft has declined to comment on the reason for the delay. Windows Update v5, however, is online and operational (and works with Service Pack 1!), although not officially so. I know many smaller education institutions are chomping at the bit with the looming release, as they are worried about compatibility with some of the new features in Service Pack 2."
Good on them (Score:4, Insightful)
If nothing else, at least Microsoft is trying much, much harder at security nowadays.
Re:Windows Update v5? (Score:1, Insightful)
rolling delays (Score:1, Insightful)
correct me if i'm wrong, but i believe the original release was scheduled for june. when june came it got delayed until only july. now that we're in july it's been delayed just one more month....riiiight.
i for one will not be surprised to see it delayed until september next month. and who knows? maybe october after that....?
Bug time (Score:4, Insightful)
Well, now that just shouldn't even be compared to Mozilla's bugfixes.
(because who would be able to compare 24 hours with 24 days and not laugh to death?)
Delays (Score:5, Insightful)
Re:Bug time (Score:5, Insightful)
>small "security updates", but only full SPs)
>... that just shouldn't even be compared to
>Mozilla's bugfixes. (because who would be able to
>compare 24 hours with 24 days and not laugh to
>death?)
Lemme make sure I got this right. A "bulk of IE users" don't download small security updates, but you think they'd get small security updates for Mozilla?
24 hour bugfixes are irrelevant to "a bulk of users" if they can't be bothered to download and install them, as you claim.
-l
Umm Duyoyoyoy (Score:2, Insightful)
Was it SO OBVIOUS that you even had to be specifically told to test your apps on a new version of their target platform?
No news here. Next hot tip, some stuff may not work with the latest kernel image from linus and the gang.
NT4 Service Packs (Score:4, Insightful)
Re:Bug time (Score:2, Insightful)
Re:Good on them (Score:5, Insightful)
How hard Microsoft is trying when it comes to security is strictly implied. Unfortunately, most should have EXPECTED it of them to begin with. "Trustworthy Computing" is primarily a marketing response...with technical consequences.
Re:Ok, so where to get new keys? (Score:1, Insightful)
Re:Maybe a Sensible Move... (Score:5, Insightful)
I wonder to what extent they find that fixing one vulnerability just break, and I mean mangles horribly, some functionality in Excel or Word that everybody has to have (like VBA or sum'thin).
It's like the domines are falling at microsoft, and that they are starting to realize that a rewrite from the ground up does not look to bad (at least you can start with a sound concept).
Of course, I doubt they could pull that off, so the next couple years are going to be really interesting.
Re:invalid product keys... (Score:3, Insightful)
In 2003 - security and hotfix galore
In 2004 - SP2 compatibility problems and more browser disaster.
In 2005 - ???
SP5 worth it for criitcal update roll-up alone (Score:2, Insightful)
I've always wondered why MS didn't produce minor-version service packs (eg, 4.24) that included the last major service pack plus critical updates released since then as a single EXE. Since SPs essentially unpack and run an executable, you'd think it wouldn't be too hard to mod that system to produce SP+hotfix rollups.
Am I reading that right? (Score:3, Insightful)
"...online and operational (and works with Service Pack 1!).."
One would think this should be a requirement, it reads like more of a bonus.
Just more hoops? (Score:2, Insightful)
Last I checked, the problem wasn't whether I had permission to use RPC, it was a buffer overflow in the service that caused the exploit. It didn't matter whether or not I had permission to use RPC -- the mere act of sending a (malformed) packet to the service resulted in an crashed (or compromised) operating system.
All of the patches only serve to hide the RPC port unless it is in use. In fact, it makes any remote RPC applications much harder to deploy.
Maybe they're hoping that the NX extensions will imit to vulnerability of the buffer overflow exploit -- if you're using a processor which supports NX extensions...
I'll still install it, just for the popup and ActiveX blocking capabilities. But I have no illusions it will fix any of the other problems.
windows update V5. (Score:2, Insightful)
*snip*
Windows Update cannot continue because a required service application is disabled. Windows Update requires the following services:
Automatic Updates enables detection, downloading, and installation of critical updates for your computer.
Background Intelligent Transfer Service (BITS) enables faster, restartable downloading of updates.
Event Log logs Windows Update events for troubleshooting. To ensure that these services are enabled:
*snap*
so much for turning off services that you dont want and running things manually
Microsoft Crap.... (Score:1, Insightful)
Fucking POS.
Dear Microsoft... (Score:2, Insightful)
The average Joe--your primary customer--doesn't know about Windows Update. This person doesn't know about service packs. This person doesn't care to know. In fact, when you tell this person about how critical these updates are, the average Joe is going to say "I don't care."
I've been in the industry for quite some time. I've tried to explain it using jargon...using layman's terms...using fruity Powerpuff Girls language...EVERYTHING. The end user--soccer mom and Grandpa--just don't care. They don't see the importance of updates to software.
Maybe what they need is a scare tactic? YOU, Microsoft, tell them that they are a liability on the Internet. Their documents, taxes, pictures, money, passwords, et al are vulnerable to theft. Their machines are turned into zombies which wreak havoc on innocent Net users....use the new buzz word terrorism as it will get their attention. Nah...they won't listen after 6 months again.
Is the answer to cripple the operating system unless it phones home regularly? Was this part of the original plan when XP dialed home? Nah...won't work. You have millions of XP installations out there already which do not even have updates from 2001....there's no way those users will even think about updating to enable a mandatory update.
Remember this for your next Longhorn meeting.
Re:invalid product keys... (Score:2, Insightful)
I've had nothing but trouble with mine, but I change my hardware configuration the way some people change their underpants.After my second activation was invalidated by changing my network card and video card, I decided I'd had enough. I've been running RESET5 to keep my install perpetually in it's 30 day grace period.
Re:What about Windows 2000 (Service pack 5?) (Score:4, Insightful)
Microsoft are sort-of obliged to keep rolling out security fixes for 2K, but is a popup blocker a fix or a feature? They surely would love to have a lever to get us all moved onto XP.
Here we see one of the major disadvantages of monopolies, when your biggest competition is from your previous released it becomes very tempting to hold back on things like popup blocking and all these fixes for IE from current releases to save them for a future release. If it wasn't for mozilla suddenly becoming a threat I'm sure we wouldn't of seen these fixes to IE until Longhorn, no matter how bad it got, in fact the worse it got the better because that's simply a motivation to buy the new product. Now they have to try it earlier than they want and put it in XP because of competition from Mozilla but I'm sure we're not going to see these fixes backported to previous versions of windows, it would take away to incentive to upgrade.
Re:Cannot validate the product key (Score:3, Insightful)
Hmmm, I guess MS has decided to take a little (read: tiny) more aggressive stance towards piracy, no more automagic updates for you.
When you think about it though, what good does it do MS? These days malware doesn't format your drive and pop up a box saying, "Ha ha. Yer a victem of DorkLord Seth." It uses the box to attack other Windows boxes (and generally cause grief for the rest of the computing world).
If they think denying patches to pirates is anything except self-defeating, they are mistaken. While what remains of their reputation is taking a beating, Microsoft's best policy would be to keep every Windows box as secure as possible - no matter what its legal status. If they want the BSA to go take some names later, well that's their business.
Re:Maybe a Sensible Move... (Score:4, Insightful)
It's a fairly well-known strategy to hype a product well before it's introduction in order to prevent a competitor from gaining ground. I don't think SP2 has been delayed at all, Microsoft's project planners would have to be completely incompetant to have delayed the patch for so long without a good reason. No, they want to string people along with the promise of a miracle cure-all for as long as possible.
Having trouble with popups? SP2 is coming soon! Need more security? SP2!! Want your computer to wash the dishes and feed the dog too? Good news, SP2!!
Re:Microsoft Crap.... (Score:3, Insightful)
Re:invalid product keys... (Score:3, Insightful)
home: xp pro license obtained thru a ms marketing package that cost my 39.99. i had it installed on a via based athlon mobo, i just having decommissioned that box, installed it on a sis based p4 mobo. activated cleanly.
work: no issues with machines that have been reimaged. we run the oem xp pro license, cuz software assurance for the client pcs was going to kick our brains in.
all in all, it is not as bad as i had feared.
ostiguy
Re:Ok, so where to get new keys? (Score:2, Insightful)
Not correct. Slashdot is mostly general tech discussion, and folks interested in pirating software can provide discussion just as interesting as folks interested in designing copy prevention stuff.
Personally, I find it a little offensive whenever someone tells either of them to shove off ("Don't talk about piracy here" or "DRM sucks, shove off"). I'd rather not try to suppress discussion.
Re:[ot] windows update, without IE? (Score:2, Insightful)
You do realise that, don't you?
If they've connected a Windows Machine to the internet, then they've already exposed themselves to 99.9% of anything they're likely to get, regardless of what browser they use. Firefox just means they wont get ActiveX stuff and probably wont get popups.
But I hardly think pointing IE at Windows Update is suddenly going to install porn autodialers and flood them with popups.
Re:invalid product keys... (Score:3, Insightful)