Slashdot Mirror
Microsoft Delays Windows XP Service Pack 2
Rinisari writes "DesignTechnica, among some others
, explains that Microsoft has once again delayed its release of Service Pack 2 for Windows XP, though only until August. Microsoft has declined to comment on the reason for the delay. Windows Update v5, however, is online and operational (and works with Service Pack 1!), although not officially so. I know many smaller education institutions are chomping at the bit with the looming release, as they are worried about compatibility with some of the new features in Service Pack 2."
If nothing else, at least Microsoft is trying much, much harder at security nowadays.
Uh, why would it work with Firefox?
though only until August
correct me if i'm wrong, but i believe the original release was scheduled for june. when june came it got delayed until only july. now that we're in july it's been delayed just one more month....riiiight.
i for one will not be surprised to see it delayed until september next month. and who knows? maybe october after that....?
The only way to get rid of a temptation is to yield to it.
-Oscar Wilde
As I understood, it means that a bulk of IE users (the ones that don't download small "security updates", but only full SPs) will be vulnerable to well-known bug till (hopefully) August?
Well, now that just shouldn't even be compared to Mozilla's bugfixes.
(because who would be able to compare 24 hours with 24 days and not laugh to death?)
Hey, this means that Longhorn would likely get pushed back as well (if it ships at all). This gives us an extra month to make Linux a mainstream desktop OS before the NGSCB DRM (the RIAA's wet dream) ensures Microsoft forevermore. Hurry people!!
Unknown host pong.
"I'm afraid now, I have somehow missed this message," says a Windows developer who asked not to be named. "Was it buried in too many marketing messages? Was it dependent on me searching it out?"
Was it SO OBVIOUS that you even had to be specifically told to test your apps on a new version of their target platform?
No news here. Next hot tip, some stuff may not work with the latest kernel image from linus and the gang.
I don't need no instructions to know how to rock!!!!
Personally, since Microsoft doesn't seem to be releasing any more updates for NT4, I'd sure like to see them put out a Service Pack 7 so I don't have to go thru the steps SP6a - Post 6a SRP - Windows Updates every time I have to install a new component on an old NT4 system.
Give me my freedom, and I'll take care of my own security, thank you.
Last I checked /. was not about software piracy, please take your warezing rear elsewhere or by a legit copy with a legit key.
Help Brendan pay off his student loans
There is also the possibility that microsoft is having a hard time dealing with fixing all the vulnerabilities.
I wonder to what extent they find that fixing one vulnerability just break, and I mean mangles horribly, some functionality in Excel or Word that everybody has to have (like VBA or sum'thin).
It's like the domines are falling at microsoft, and that they are starting to realize that a rewrite from the ground up does not look to bad (at least you can start with a sound concept).
Of course, I doubt they could pull that off, so the next couple years are going to be really interesting.
"Piter, too, is dead."
In 2002 - product activation was the biggest punishment I have ever seen for a paid customer
In 2003 - security and hotfix galore
In 2004 - SP2 compatibility problems and more browser disaster.
In 2005 - ???
SP5 would be worth it simply for rolling up all the critical updates and Sp4 into a single executable. This would allow machines to be setup and patched offline and not worry about as many network-level vulnerabilities, as well as taking a lot of the patching burden off of needing a relatively high speed internet connection.
I've always wondered why MS didn't produce minor-version service packs (eg, 4.24) that included the last major service pack plus critical updates released since then as a single EXE. Since SPs essentially unpack and run an executable, you'd think it wouldn't be too hard to mod that system to produce SP+hotfix rollups.
"...online and operational (and works with Service Pack 1!).."
One would think this should be a requirement, it reads like more of a bonus.
boycott slashdot February 10th - 17th check out: altSlashdot.org
Last I checked, the problem wasn't whether I had permission to use RPC, it was a buffer overflow in the service that caused the exploit. It didn't matter whether or not I had permission to use RPC -- the mere act of sending a (malformed) packet to the service resulted in an crashed (or compromised) operating system.
All of the patches only serve to hide the RPC port unless it is in use. In fact, it makes any remote RPC applications much harder to deploy.
Maybe they're hoping that the NX extensions will imit to vulnerability of the buffer overflow exploit -- if you're using a processor which supports NX extensions...
I'll still install it, just for the popup and ActiveX blocking capabilities. But I have no illusions it will fix any of the other problems.
Uh-oh
...
*snip*
Windows Update cannot continue because a required service application is disabled. Windows Update requires the following services:
Automatic Updates enables detection, downloading, and installation of critical updates for your computer.
Background Intelligent Transfer Service (BITS) enables faster, restartable downloading of updates.
Event Log logs Windows Update events for troubleshooting. To ensure that these services are enabled:
*snap*
so much for turning off services that you dont want and running things manually
Try updating and not rebooting right away... you can't get rid of the Icon on the systray... and every five minutes or so it'll nag you to reboot.
Fucking POS.
After reading about XP SP2 and Windows Update v5 on Slashdot, I had a chance to play around with them. While I'm impressed at both the operating system and the updater as of late, I have to be honest and say you've failed to address the number one problem plaguing the computer industry: ignorance.
The average Joe--your primary customer--doesn't know about Windows Update. This person doesn't know about service packs. This person doesn't care to know. In fact, when you tell this person about how critical these updates are, the average Joe is going to say "I don't care."
I've been in the industry for quite some time. I've tried to explain it using jargon...using layman's terms...using fruity Powerpuff Girls language...EVERYTHING. The end user--soccer mom and Grandpa--just don't care. They don't see the importance of updates to software.
Maybe what they need is a scare tactic? YOU, Microsoft, tell them that they are a liability on the Internet. Their documents, taxes, pictures, money, passwords, et al are vulnerable to theft. Their machines are turned into zombies which wreak havoc on innocent Net users....use the new buzz word terrorism as it will get their attention. Nah...they won't listen after 6 months again.
Is the answer to cripple the operating system unless it phones home regularly? Was this part of the original plan when XP dialed home? Nah...won't work. You have millions of XP installations out there already which do not even have updates from 2001....there's no way those users will even think about updating to enable a mandatory update.
Remember this for your next Longhorn meeting.
I've had nothing but trouble with mine, but I change my hardware configuration the way some people change their underpants.After my second activation was invalidated by changing my network card and video card, I decided I'd had enough. I've been running RESET5 to keep my install perpetually in it's 30 day grace period.
If a job's not worth doing, it's not worth doing right.
It is always embarrassing when you have to compete against your own products.
Microsoft are sort-of obliged to keep rolling out security fixes for 2K, but is a popup blocker a fix or a feature? They surely would love to have a lever to get us all moved onto XP.
Here we see one of the major disadvantages of monopolies, when your biggest competition is from your previous released it becomes very tempting to hold back on things like popup blocking and all these fixes for IE from current releases to save them for a future release. If it wasn't for mozilla suddenly becoming a threat I'm sure we wouldn't of seen these fixes to IE until Longhorn, no matter how bad it got, in fact the worse it got the better because that's simply a motivation to buy the new product. Now they have to try it earlier than they want and put it in XP because of competition from Mozilla but I'm sure we're not going to see these fixes backported to previous versions of windows, it would take away to incentive to upgrade.
I stole this Sig
Hmmm, I guess MS has decided to take a little (read: tiny) more aggressive stance towards piracy, no more automagic updates for you.
When you think about it though, what good does it do MS? These days malware doesn't format your drive and pop up a box saying, "Ha ha. Yer a victem of DorkLord Seth." It uses the box to attack other Windows boxes (and generally cause grief for the rest of the computing world).
If they think denying patches to pirates is anything except self-defeating, they are mistaken. While what remains of their reputation is taking a beating, Microsoft's best policy would be to keep every Windows box as secure as possible - no matter what its legal status. If they want the BSA to go take some names later, well that's their business.
It's a fairly well-known strategy to hype a product well before it's introduction in order to prevent a competitor from gaining ground. I don't think SP2 has been delayed at all, Microsoft's project planners would have to be completely incompetant to have delayed the patch for so long without a good reason. No, they want to string people along with the promise of a miracle cure-all for as long as possible.
Having trouble with popups? SP2 is coming soon! Need more security? SP2!! Want your computer to wash the dishes and feed the dog too? Good news, SP2!!
Yeah, i have not had any trouble with it at home or work.
home: xp pro license obtained thru a ms marketing package that cost my 39.99. i had it installed on a via based athlon mobo, i just having decommissioned that box, installed it on a sis based p4 mobo. activated cleanly.
work: no issues with machines that have been reimaged. we run the oem xp pro license, cuz software assurance for the client pcs was going to kick our brains in.
all in all, it is not as bad as i had feared.
ostiguy
Last I checked /. was not about software piracy, please take your warezing rear elsewhere or by a legit copy with a legit key.
Not correct. Slashdot is mostly general tech discussion, and folks interested in pirating software can provide discussion just as interesting as folks interested in designing copy prevention stuff.
Personally, I find it a little offensive whenever someone tells either of them to shove off ("Don't talk about piracy here" or "DRM sucks, shove off"). I'd rather not try to suppress discussion.
May we never see th
You know, their machine isn't going to spontaneously combust if they use IE to go to Windows Update...
You do realise that, don't you?
If they've connected a Windows Machine to the internet, then they've already exposed themselves to 99.9% of anything they're likely to get, regardless of what browser they use. Firefox just means they wont get ActiveX stuff and probably wont get popups.
But I hardly think pointing IE at Windows Update is suddenly going to install porn autodialers and flood them with popups.
Advanced users are users too!
At any point I have to use a phone to make a product I paid for work, it's completely broken.
This sig is the express property of someone.