Microsoft has Delayed SP2, Again 425
I_am_Rambi writes "According to news.com.com "Microsoft has again delayed a long-awaited update to Windows XP, citing quality concerns. The company had planned to wrap up development this week on Windows XP Service Pack 2, but a Microsoft representative said late Wednesday that the software giant had decided that more work was needed on the update before if could be released to manufacturing." Yea, if 3 out of 5 machines failed to come back up, it needs some polishing."
FYI: The SP2 RC2 problems are spyware related (Score:5, Informative)
The original article [crn.com] said quit clearly that the problem they had was that they'd get a bluescreen and "A message stated that 'winserv' was missing."
What the article didn't say was what "winserv" actually is. It's not part of Windows. In fact, it is spyware. [trendmicro.com] Plain and simple.
So the problem, then, with Windows XP SP2 RC2 is that it doesn't work when the operating system has been corrupted beyond repair by spyware that hooks into various DLLs and services in an attempt to prevent itself from being uninstalled.
NOO!!!! BLASPHEMY! WINDOZE SUX. (Score:3, Funny)
How dare you imply that something is not M$ Windoze fault, heretic? Everyone knows that Winbloze boxen are terrible and crash, and GNU/Linux boxen own.
Get out of here, M$ shill!
Re:FYI: The SP2 RC2 problems are spyware related (Score:4, Interesting)
Re:FYI: The SP2 RC2 problems are spyware related (Score:5, Funny)
Re:FYI: The SP2 RC2 problems are spyware related (Score:3, Interesting)
Nope (Score:4, Informative)
Users will see it as Microsoft's problem anyway (Score:5, Insightful)
"So the problem, then, with Windows XP SP2 RC2 is that it doesn't work when the operating system has been corrupted beyond repair by spyware that hooks into various DLLs and services in an attempt to prevent itself from being uninstalled."
So if, say, 1/3 of all WinXP boxes out there are currently infected with spyware (probably a conservative guess), then 1/3 of all users applying XP SP2 would crash?
I'd say that makes it Microsoft's problem. Users aren't going to care, all they will see is that before XP SP2 their system worked, and after it didn't.
Re:Users will see it as Microsoft's problem anyway (Score:3, Insightful)
Re:Users will see it as Microsoft's problem anyway (Score:3, Insightful)
Re:Users will see it as Microsoft's problem anyway (Score:3, Insightful)
Re:Users will see it as Microsoft's problem anyway (Score:3, Informative)
Yes, whether or not it's their fault. The spyware is out there. If parts of the service pack rely on parts of the operating system that could not be secured from 'winserv', then the service pack needs to reaffirm that those DLLs & registry settings are intact.
It's a challenge, but unfortunately it's a challenge that they have to cope with.
Re:Users will see it as Microsoft's problem anyway (Score:3, Interesting)
and will blame microsoft for it
they are not liable for it but they will be blamed anyway
btw
in case of spyware you trust the idiot because he is lying to you or you don't even know he works on your car
Re:Users will see it as Microsoft's problem anyway (Score:4, Insightful)
A lot of spyware either masquerades as legitimate software, or piggy backs on legitmate software installers. Sure, some gets in through ActiveX exploits and what have you, but by no means all.
As for the "run as admin by default", that is changing, but will *not* prevent this sort of problem. Even if MS prevented interactive login by members of the Adminstrators group, you have to have a way of installing programs and performing system maintenance. That means an account that's capable of modifying system files.
So all the malware has to do is get to the machine as above (piggy backing or pretending to be legitimate), and prompt the user to enter their admin password.
Malware is not MS's fault. They've not made it as difficult for malware authors as they could have, but it's impossible to make it impossible, if the user has admin rights, and that includes *every* home user. The same applies to Linux, of course - as it grows in popularity, the malware authors will come. It'll take a little more social engineering, and an extra "enter your root password" step, but it cannot be stopped.
Re:Users will see it as Microsoft's problem anyway (Score:4, Interesting)
"So you would strip home users of admin rights? How would they apply patches then?"
Same way we do it around here (6 machines in our house). First, they don't have admin privileges. On the OS X boxen, if they download something that requires admin privileges to install, it pops up the "Admin Password Required" dialog. Then they either get me or cancel and ask later. On the Winboxen I install everything personally.
Simple. Never had a problem. Even our 5-year-old groks it.
For the solo clueless home Win user, XP could add a little warning in addition to requiring the separate Admin password. Couple that with MS spending some of that $40-60 billion on user education. It's Redmond's ass in a sling after all.
Re:Users will see it as Microsoft's problem anyway (Score:3, Informative)
They are local admins. And due to the user interaction style, they think twice about what they're doing. Works great.
Re:Users will see it as Microsoft's problem anyway (Score:4, Funny)
Must be Linux's fault that users install trojans.
Re:Users will see it as Microsoft's problem anyway (Score:3, Funny)
I really can't wait for SP2 if it's going to break the vast majority of XP installs. I do onsite support for homes and businesses and removing spyware is my bread and butter. This will be even better, and I can probably charge out the ass for it.
Show me the service pack, Microsoft, and show me the money.
This may suck... (Score:2)
I feel for the schools starting before us (most of them). Patching a medium speed laptop can take HOURS now. Hopefully MS will be able to get this out soon because otherwise, patching incoming systems is going to take twice as long...
Re:This may suck... (Score:4, Funny)
Let's see, the girls come back to school, they need computing help, you are the man on the job, and you don't see the opportunity there? Must be a /. geek...
Re:FYI: The SP2 RC2 problems are spyware related (Score:2, Informative)
Microsoft created a product that allows random spyware programs to, as you put it, corrupt beyond repair various DLLs and services. No OS should allow itself to be damaged so irrevocably far.
On point though, I think that it should frighten people from trying it. If your claim is that spyware is
it's "imminent" (Score:5, Funny)
"imminently"
Re:it's "imminent" (Score:5, Funny)
Missed their goal (Score:5, Funny)
Thank God (Score:5, Funny)
Re:Thank God (Score:2)
Good (Score:5, Insightful)
Re:Good (Score:3, Insightful)
MS Says : We're delaying release to make sure the software is up to our quality control levels.
I Hear : We still have several killer bugs we haven't figured out yet so tell everyone the delay is because we care about the users, not because we're incompetent.
Either way you read it, its always about quality (and spin
Credit (Score:4, Funny)
Re:Credit (Score:2, Funny)
What are they doing? (Score:2, Funny)
Re:What are they doing? (Score:2)
Re:What are they doing? (Score:3, Insightful)
Yes, this isn't a substitute for fixing overflow bugs in first place, but the point is that in a large codebase inevitably there will be some that get missed - so having some additional defense-in-depth is a good idea.
I know it's popular to slag Microsoft... (Score:5, Insightful)
If a bunch of machines won't boot -- even if it's the fault of the developers of third-party software as we've seen with faulty drivers impacting Windows 98 -- people will be slow to adopt what is perhaps the most critical software patch the Internet has seen.
Re:I know it's popular to slag Microsoft... (Score:2)
so NOT a solution (Score:5, Insightful)
Re:I know it's popular to slag Microsoft... (Score:4, Informative)
This is terrible news (Score:2, Funny)
An improvement (Score:5, Funny)
I guess MS was right when they said that Win XP SP2 is more recure. You can't infect a computer that's down.
Good For Them (Score:4, Insightful)
They want to get it right the first time. I congratulate them for doing the Right Thing and making sure they deliver a rock solid Service Pack for the millions of XP users out there.
Before the slashdot editors and crowd crow over this delay, just remember the 503 errors and flakiness this site has experienced since "maintenance" was performed. Don't throw stones in glass houses, kids.
Re:Good For Them (Score:4, Funny)
First time? This is Service Pack 2. They missed "get it right the first time" by two revisions!
Re:Good For Them (Score:2)
Yeah, Linux and OSX have been done with security updates for years now. Windows needs to catch up.
Re:Good For Them (Score:2, Flamebait)
They want to get it right the first time. I congratulate them for doing the Right Thing and making sure they deliver a rock solid Service Pack for the millions of XP users out there.
They should not be congratulated for doing the Right Thing. That is how they should do things all the time. And with quality like "3 of 5 machine not coming back up", it didn't sound like it was too difficult of a decision to make.
Before the sl
Re:Good For Them (Score:3, Insightful)
If Microsoft is now as serious about security as they claim then they should get this patch right *and* rescind their earlier
Blame it on pirates (Score:2)
With every missed step... (Score:2, Interesting)
Re:With every missed step... (Score:2, Insightful)
Re:With every missed step... (Score:3, Interesting)
Come on, man - you have to see that this is a dangerous time for them.
Re:With every missed step... (Score:4, Insightful)
No. They don't. And chances are, most could care less about Longhorn, and even more don't mind that it is pushed back because computing isn't a large part of their life. So it won't matter how fast linux improves, nor how far back Windows get's pushed. -Right now- Windows works perfectly for a good number of people, and it does what they need. There is no incentive for the flood of Windows users to care whether its in 2004 or 2006, because in their mind they know one thing: "We will get it when it is released".
And no, I don't see this as a dangerous time for them.
Re:With every missed step... (Score:4, Interesting)
There are things to worry about for Microsoft. For now things are under control, but it only requires some small slips for things to get away from them.
Jedidiah.
Re:With every missed step... (Score:2)
And MS was never mistaken before? How is this oen different?
>you have to see that this is a dangerous time for them.
When was it NOT a dangerous time for MS? How is this time more dangerous than others?
How is it it not a dangerous time for OSX and Linux?
Re:With every missed step... (Score:3, Informative)
This is exactly what they are doing. By taking the time to make sure that the patch is "in order", they are avoiding an even bigger backlash if they released a buggy patch.
How configurable is the SP? (Score:5, Insightful)
Re:How configurable is the SP? (Score:3, Informative)
Re:How configurable is the SP? (Score:3, Insightful)
I know. (Score:5, Insightful)
Configuring the firewall is _easy_.
I too have real firewalls. I leave the SP2 one turned on as well, because it hasn't gotten in the way of anything i do with the machines (yet). I did add a port or two to the allow list, and thats it.
Remember, defense in depth. Having every XP machine tightened up out of the box as much or more as a default linux install is a good thing.
But, you can turn the firewall features off _very_ easily.
I really like the popup blocker and other IE changes in SP2 as well. I've stopped using proxomitron. I see inline ads where prox used to just put [Ad] but that doesn't bother since the super obnoxious stuff is gone. Also, the way IE handles ActiveX controls is _much_ nicer than it used to be - no being asked 23049 times per page to dismiss modal dialogs.
finally, i wouldn't get too worked up over the headline that XP SP2 is delayed. I have some inside info on the delay.. and its (so far) not worth the sensational press its getting at sites with.. ABM slants
People need to be honest. If MS said there's a problem and released it anyway, the ABM camp would grill them for releasing shitty unfinished product. By holding it for a while longer, MS gets grilled for delaying its release (with sideline comments about them being incompetant or SP2 being vapor or what have you). To the ABMer, MS can do nothing right.
(ABM = "Anything But Microsoft"
Re:How configurable is the SP? (Score:3, Interesting)
Does your hardware firewall protect you from other computers on your local network, or just from the Internet connection? It's getting to the point that all computers should really have software firewalls installed to augment the hardware firewalls. A lot of companies and universities have been noticing recently that their hardware firewalls don't cut it. Just like in the real world, much of the damage ca
Perhaps they were busy (Score:4, Funny)
Good thing... (Score:5, Insightful)
I'd prefer they get their stuff together instead of rushing to market. Though personally the service pack thing to me is more of a PITA than patching the various subsystems and then creating a 'roll up' service pack vs. the service pack being the 'holy grail' update all at once breaking/changing things willy nilly (at least that is how it seems some days)
Windows Update (Score:5, Funny)
On the welcome screen, it tells you what you can do to get Windows XP Service Pack 2.
It doesn't say wait and pray.
SP2 Name Convention (Score:5, Funny)
No Big Hurry (Score:2)
I will probably wait an additional amount of time equal to how long it is taking to get SP2 out to make sure their constant silent updates to SP2 are all ironed out and finally made stable.
Im thinking by then Longhorn should be near if not already released.
Dupe!! (Score:5, Funny)
Oh, wait, it was delayed again?!
Windows problems (Score:5, Interesting)
Microsoft deserves these problems. Their software is too tightly integrated. The benefit of having highly modular software is that problems tend to not spread beyond a single module or subsystem.
Re:Windows problems (Score:3, Insightful)
Re:Windows problems (Score:3, Insightful)
Goose Sauce (Score:5, Interesting)
Trying to be fair-minded about updates and what we'll call minor rev level releases to the OS (remember all the waiting for Godot that occurred for Linux 2.4.0 and 2.6.0), I think it is a good thing if MS doesn't release SP2 until it feels comfortable that it's ready and secure.
The key difference, of course, is that knowledgeable and concerned XP sysadmins might want to expedite patches to their systems faster than MS would like and be willing to suffer other problems and risks that MS doesn't feel would be good for the general sysadmin population to experience.
Now, if the Windows source tree and nightly builds were available, then those admins would be free to update at their own risk, an option they don't have because the OS source must remain under proprietary lock and key.
If there is one software company... (Score:5, Interesting)
Nuttles
Christian and proud of it
Re:If there is one software company... (Score:3, Insightful)
Bah! Talk about throwing money down the crapper!
There is absolutely nothing that Microsoft could do or say to make me like/respect them as a company, and I'm far from alone in that sentiment. They have pumped out shitty software for too long and made too many false claims about the quality of said software. Hell, I've made a career out of cleaning up the mess when their shoddy products shit the bed, and my boss has built a multimillion dol
I work at Microsoft (Score:5, Informative)
I have been running SP2 since RC1 with no problems myself.
Re:I work at Microsoft (Score:5, Interesting)
"People are installing SP2 internally all over the place and I certainly haven't heard of "3 out of 5" computers dying. In fact I haven't heard anything bad at all."
Then maybe you should email Ballmer and tell him the delay isn't needed, and he should just get some balls and release it.
Or maybe, just maybe, the average user that's going to have to install this thing doesn't benefit from a huge Redmond IT staff, firewalls, NATs, etc.
No offense, but if this is the typical thought in Redmond cubicals ("Works for me! Must be rock-solid!") then the last 15+ years of Microsoft treating their users as beta testers makes a lot more sense.
Re:I work at Microsoft (Score:3, Interesting)
Meanwhile, the company runs huge install fests around Redmond, recruiting as
Hm... That's NOT what I've been hearing... (Score:3, Informative)
I am no MS apologist, but... (Score:5, Insightful)
In this case, I have to congratulate Microsoft. Yeah, I said it... They deserve a pat on the back for finally realizing, at least in this one instance, that it doesn't pay to release crap software. I doubt this is the beginning of a trend or anything, but for this they deserve a pat on the back.
What's the big rush? (Score:3, Insightful)
Come on now (Score:5, Insightful)
Come on now - you have to give microsoft some credit. This update is a major overhaul to the OS. Look at kernel updates for linux. You have to be careful as hell, making sure all of your drivers are still compatible, libs all still work, etc etc. SP2 is along the lines of a linux kernel upgrade.
You really have to give MS some credit because all of their drivers will be working with SP2, as well as most software. Sure, linux upgrades might come out more often, but you have to admit - actually applying them is a lot more intensive than simply clicking 'next, next, next, yes i will reboot now.'
Anyway, I think people are WAY to hard on MS. For going almost 15 years now and barely breaking backwards compatibility, they seriously deserve more credit than the slashdot crowd gives them. Good luck to em with this new upgrade.
Re:Come on now (Score:3, Insightful)
Seriously. All the descriptions I've read say it rolls up all the previous security updates and changes some default settings. There may also be some other changes that are hinted at.
What's so major about it? Seems all the previous security updates should have been fully tested along the way and changing default settings to something any user may have done on their own shouldn't be a big problem IMO.
I know any type of upgrade is a big job, but I'm still struggling with why M
Re:Come on now (Score:3, Insightful)
SP2 will change lots of things, more than most users care about. If Microsoft wants to rewrite half of XP out of a sense of perfectionism, fine. But security upgrades should be considered time-critical, and shouldn't wait on "nice to haves".
The OS hasn't been totally rewritten; however a lot of the code base has been recompiled with the newer compilers offe
SP2 Automatic Updates service (Score:5, Informative)
It's interesting to note that the 'Automatic Updates' service must be set to 'Automatic' and be running in order for Windows Update to work through IE. Even if you choose not to use Automatic Updates (as I have), you *must* have the service running all the time for Windows Update to work (or change it to Automatic each time before going to Windows Update in IE). Rather annoying.
This just in: (Score:5, Insightful)
We've just recieved word that 3 out of 5 Windows systems use a commonly pirated CD-KEY.
DeMe
Re:This just in: (Score:3, Informative)
We've just recieved word that 3 out of 5 Windows systems use a commonly pirated CD-KEY.
Funny you mention that.. Windows Update is now upgraded to "version 5" which prohibits updates from pirated keys [microsoft.com]. So, the only way to get SP2, would be to apply it manually. Even then, i'm not sure it would allow an install. I believe they rolled out that new update site to coincide with the release of the now delayed SP2.
roll other software packages into SP2 (Score:5, Interesting)
'Holy Crap Maude, my WeatherBug is gone but this thing shore is runnin quick!'
Multisession! (Score:4, Interesting)
Well, almost. The catch word is "two".
Good security (Score:5, Funny)
The thing I don't understand is why it takes so long to prevent all machines from booting....
Re:New captain at the wheel? (Score:5, Funny)
Re:New captain at the wheel? (Score:3, Informative)
Re:New captain at the wheel? (Score:3, Funny)
Re:New captain at the wheel? (Score:4, Interesting)
SP2 is supposed to be a big "security fix." Assuming that it really is, it sounds as if it's breaking lots of stuff that was previously able to work around existing security to function.
Re:New captain at the wheel? (Score:5, Interesting)
Re:New captain at the wheel? (Score:4, Insightful)
I wouldn't hold my breath waiting for XP2 to come out. (Yes, it will come out, eventually, but if it even does half of what it was supposed to do, expect much pain/patching of third party products.)
Re:New captain at the wheel? (Score:4, Insightful)
SP2 is supposed to be a big "security fix." Assuming that it really is, it sounds as if it's breaking lots of stuff that was previously able to work around existing security to function.
I doubt their screwed security is that hard to fix, but rather finding out how many programs depends on this former screwed security. Which are marked with this logo [sicomputer.it]. I guess this is why the final stages of this service pack has been delayed so much. It doesn't seem like the actual core coding took much longer than estimated, but rather what they're finding out in the QA stages.
Re:New captain at the wheel? (Score:3, Insightful)
Re:New captain at the wheel? (Score:5, Interesting)
Re:New captain at the wheel? (Score:3, Insightful)
So, my theory is that they've made the OS so huge by integrating everything in that a little change in one place means that a good deal of the product needs to be retested.
Re:New captain at the wheel? (Score:3, Interesting)
IIRC prior to the Win 95 public beta, the term "public beta" didn't even exist for commercial software. Being old-fashioned, public beta's are still a bad idea for commercial software IMO.
OTOH, prior to that time methods for delivering large software packages were rather limited (try that with your 9600 baud modem!).
Re:puts on the black glass (Score:2, Informative)
Also gets rid of the horrible tagline "It is where IT is", egads!
- Seth
Re:puts on the black glass (Score:2)
Re:puts on the black glass (Score:2, Informative)
Grab the bookmarklet, and with one click you never have to ask for the link again:
http://www.electricstate.com/slashdot.php [electricstate.com]
(sorry for the shameless whoring.)
Re:puts on the black glass (Score:5, Informative)
Re:But it's already stable! (Score:3, Interesting)
That's a stupid comment. Every OS needs patching as bugs are discovered and fixed.
Doh. Is this what a "troll" is?
Re:Someone tell me... (Score:3, Insightful)
XP is built on the NT kernal, NOT the DOS kernal of ME and previous.
There is alot of emulation code to support, um arguably buggy or unsupported methods going forward.
The problem is really NOT in the operating system, but in default security functionality, overly "functional" common applications, (outlook and IE), an ignorant user base (Really, a FREE kournakova JPG? How did they know?), and an extraordinarily malicious mal-ware community.
SP2 changes default security function