Slashdot Mirror
Microsoft Releases Changelist for Upcoming XP SP2
kylef writes "As we know from independent sources, Microsoft is busy readying Service Pack 2 for Windows XP. They have published on their website a changelist document (link goes to TechNet download page) detailing the nature of the security-related fixes and updates. The document is targeted towards XP admins and covers some interesting things such as the new Internet Explorer Pop-up Manager and various security policy changes. Some other juicy tidbits from the document: Internet Connection Firewall will be enabled by default, and there will be new support for something called "Execution Protection" which allows developers to make use of the NX (no execute) page guard flag on Intel's Itanium and newer AMD processors. An interesting read."
Did you RTFA? (I hate saying that, it makes me feel .. like all the other assholes who say that)
...
Internet Explorer Pop-up Manager
Q. What does Pop-up Manager do?
A. Pop-up Manager blocks most unwanted pop-up windows from appearing. Pop-up windows that are launched when the end user clicks a link will not be blocked.
End users and IT administrators can let specific domains launch programmatic pop-up windows. Developers will be able to use or extend the pop-up functionality in Internet Explorer for applications hosting Internet Explorer.
Q. Who does this feature apply to?
A. For end users, browsing the Web will be less annoying, because unwanted pop-up windows will not automatically appear.
For Web developers, Pop-up Manager affects the behavior of windows opened by Web sites, for example, by using the window.open() and showHelp() methods
For application developers, there is a new user interface: InewWindowManager.
Applications that use the rendering engine in Internet Explorer to display HTML can choose to use or extend the Pop-up Manager functionality.
It opens in StarOffice just fine.
I have been pwned because my
I just read through that thing - there are a lot of good fixes in there. For one, they've apparently made a lot of changes to IE that will make it less of a pain in the ass to use. Some major changes to popup windows in general - they're making it much harder to trick users with popups.
They also seem to have made a lot of changes to the firewalling stuff - firewalling is on by default, too. They also made it so that the File Sharing and Networking ports only work in the local subnet -this means people won't be able to hit you with Windows Messenger spams from the 'net anymore, or access your RPC ports... good stuff.
Maybe, just maybe, MS will eventually get security right. This Service Pack appears to be a sizable step in the right direction.
using namespace slashdot;
troll::post();
I think you misunderstand:
HTML writers - web page authors - cannot just bypass the pop-up manager changes. The new interface they reference is for applications that use IE to render HTML. This new interface is part of the Win32 API essentially, and cannot just be called willy-nilly from a webpage (just like any piece of Win32 API).
The little FAQ snippet makes this distinction bu but not very clearly. For app-developers this means that instead of using a little piece of Javascript to open a window they will have to hitch into the API to create a new window.
Basically its just a move to allow app-developers to still use the renderer in an effective way with minimal code changes. Most developers I know however do not use the HTML engine to open new windows. They instead create a new window with API or a language construct and then assign a new instance of the IE activex object to that handle. It's a much more reliable way of opening new HTML windows in applications.
The new one in SP2 does incoming and outgoing connections, blocks udp and multicast and enables ports on a per-program basis without requiring the program to specifically open or close them. It is also on by default and covers all network interfaces.
I expect they will supply default behaviours that allow their own programs to phone home. But hopefully it is properly configurable so you can decide if you want that or not.
I don't know if it is feature comparable to the third party offerings, but it is significantly improved on the version that shipped with WindowsXP
"Taligent is still pure vapor. Maybe they'll be the last who jumps up on Openstep... "
This already exists - Ingo Molnar has written something called the exec-shield patch which implements this functionality in a slightly different fashion. Here is a link to one of Ingo's patch announcements.
SCREW THE ADS! http://adblock.mozdev.org/ Proud user of teh Fox of Fire - Registered Linux User #289618
Since XP already groups multiple windows open in the same application and puts them on their own pseudo-tabs on the task bar, it's probably considered redundant. I know it isn't quite the same thing, but they probably think of it has having implemented tabbed apps as an OS-wide feature already.
You see? You see? Your stupid minds! Stupid! Stupid!
God, IE could really use some better CSS handling. I'm disappointed they didn't add any with this service pack.
I read the document and apparently the pop up blocker is crap. Here's why
ustomers will still see pop-ups launched in the following cases:
The pop-up is opened by a link which the user clicked.
The pop-up is opened by software that is running on the computer.
The pop-up is opened by ActiveX controls that are instantiated from a Web site.
The pop-up is opened from the Trusted Sites or Local Intranet zones.
I sense an increased use of ActiveX by ad-ridden websites in the future. What this is really, is not a way for MS to help out the user by eliminating annoyance. It is a strategy to get everyone who wants pop up ads on their site to use ActiveX. And hopefully when they're using ActiveX they'll make important parts of their site with it. Like say, the navigation bar. I'll stick to Firebird tyvm.
The GeekNights podcast is going strong. Listen!
Why, why, why no full IE PNG support?
Argh.
May we never see th