Windows XP SP2 Delayed Until Late 2004

Aiua writes "BetaNews is reporting that Microsoft has pushed back the release date for the second Windows XP service pack to the third quarter of 2004 without giving any reasons." Update: 08/19 12:52 GMT by M : Another article claims it will be out three months earlier, no later than June 2004.

calendar? or fiscal?

[David+E.+Smith]

Since the article doesn't include sources or citations or anything, we can't even be sure if they're referring to calendar year 2004, or fiscal year 2004 (which, for MSFT, I believe runs from July 2003 through June 2004).

If they're referring to fiscal year 2004, that's between January and March of next year, which isn't nearly so bad.

Microsoft doesn't need to have reason....

[brandonlp]

Reasons... who needs reasons? When you're Microsoft, you don't have to give reasons for anything. Especially in a time where you're coasting through a big vulnerability in your operating systems without really providing many answers. I figure by late-2004, a clean install of XP with SP1 should have about 50 additional critical updates for it (... there are 27 since SP1), and the entire installation process will take 2 hours (an hour to install XP w/ SP1 slipstreamed.. and an hour to install the 50 updates). What a shame.

Ironic..

[AbbyNormal]

Isn't that the time that "Clean" up worm is set to expire?

XP bug free

Of course, the real reason for the delay is that after SP1, XP is almost completely bug free (except for thost pesky third-party apps that keep crashing...)

The press release has a typo in it

[Surak]

As I stated to daddypants, who IGNORED ME ahem, Michael, Wininformant has the real story. Due out in Q1-Q2 2004, not Q3-Q4.

Re:The press release has a typo in it

[CommandNotFound]

Then why hasn't Microsoft changed the typo on this page

They've been trying, but their machines keep rebooting on their own for some reason...

Finally!!

[AlexeiMachine]

They finally understand what a buffer overflow is, and this time, they'll *really* *really* fix all of them.

Re:Finally!!

[hplasm]

....XP has its buffers removed!!

TaDa!!

...and WinInformant says otherwise

[OfficerNoGun]

WinInformant says that the statement meant Fiscal year 2004, which ends in June 2004 for Microsoft, and that SP2 is due out mid 2004.

Win XP SP2 = Longhorn?

[narratorDan]

The story is basically saying that SP2 will incorporate things that MS "innovated" in the last year. Firewalls, anti-virus, etc, all stuff thats also supposed to be in Longhorn. Silly.

Re:Without reason?

[DrunkenPenguin]

How is that a reason? The exploit that worm used was fixed months ago.

Yeah, it was fixed about a month ago, but this recent incident that had a huge effect on their customers _must have_ increased their willingness to improve the security of their products once and for all - thus the delay. Or perhaps I'm just daydreaming.. I don't know.

Microsoft acting odd

[cr@ckwhore]

Something strange is happening at Microsoft ...

IE development ended (sort of)
Outlook express development ended
Service packs under long delay

Just an observation.

Re:One thing I don't really get...

[Matrix272]

What I don't understand is why the process of discovering, downloading, and applying security patches has to be as difficult as it currently is.

Use the Red Hat Network Update Agent sometime if you want to see an updating process that's REALLY a pain in the ass.

For example, when trying to find a patch for the vulnerability that Blaster is currently exploiting on many systems...

Going to Google and typing "blaster patch" isn't easy enough? Considering the news coverage it's getting, you'd think that by going to any news site and doing a search for Blaster, you'd get some clue where to look next. Or, you could do what I did... SUBSCRIBE TO CERT. That way, you get the vulnerability notification the same day all the other professional system administrators do.

the vulnerability I thought it was, then find a download link, then be presented with a multipage license agreement -- all for one fix.

Two points I'd like to make. First, when is there a vulnerability that gets airtime on the major news channels (like CNN, Fox, ABC, CBS, NBC, etc.) that should NOT be fixed immediately? Second, clicking 3 times (Windows Update, Scan for Patches, Install) is a lot simpler than the 10 or so that Red Hat requires. (I only have Red Hat Network to compare to, so if there's any better way to update RH8, someone let me know.)

My thought is that Microsoft would do better to be a little more proactive in their approach.

You mean besides the bubble that pops up near the clock that says "You have updates. Click here to install."? You'd prefer a popup window that takes up 80% of the screen when it boots that says "Jesus Fucking Christ, update your system, dumbass!"?

I'd appreciate having the machine automatically seek out the patches I need and apply them (particularly the most critical) without requiring my intervention...

It already can do that. When you format a new machine, the first or second time it boots, a little bubble pops up near the clock that says "Set up automatic updates." One of the options (out of the 3) is "Automatically download and install patches." For those of us that don't know where to look without formatting our systems, that's under Start, Control Panel, System, Automatic Updates. I prefer to take a look at the updates before I install them though... just my preference.