Complete List of Bugs Fixed in SP2

callipygian-showsyst writes "Microsoft has published the complete list of bugs fixed in Service Pack 2. They range from the obscure like: 'File Appears to Be Deleted Although You Do Not Have Permissions on the OS/2 Warp4-Based Server' to the serious-sounding: ' Stop error message on a blue screen when you transfer data to a USB device in Windows XP'"

Very long list

[ack154]

This is a giant list of all of the updates, and then links to the KB numbers on the left, so you can read what each one was.

Side note: one of my favorites:

MS03-021: A flaw in Windows Media Player may permit the Media Library to be accessed

At first, I was thinking that it was supposed to do that ... but after reading the KB, it's an ActiveX problem that can allow a webpage to access your media library. Then again, MS has always really vague and stupid titles.

Re:Very long list

[NETHED]

827778 You receive a "There was an error updating the Registry" error message when you start Sound Recorder.

Thats a personal favorite of mine. What the hell does sound recorder need to update the registry for?

Re:Very long list

To update the list of last accessed files? To save different recording preferences like bitrate, input device, etc?

Re:Very long list

[halowolf]

What the hell does sound recorder need to update the registry for?

Windows XP keeps a list of programs recently run in the registry I believe... hey you asked! :)

Re:Very long list

I love the one just above that one.
"Windows XP Does Not Recognize a DVD-RW Disc"
I had to move all the files off of my DVD-RW disks, download a new version of InCD, reformat the disk then load all the files back onto them, resulting in hours and hours of wasted time.
SP2 recognized the disk but would not allow me to transfer any new files to the unallocated portion of the disks. Everything worked just fine before SP2.

Re:Very long list

[westlake]

"A flaw in Internet Explorer may allow an attacker to control your computer."

This is all most people need or want to know about an update.
Care to try your hand at a plain English explanation of a "buffer overflow?"

Re:Very long list

[networkBoy]

Is SP2 in the buglist?

no, but it should be:
"326863:Operating system throttling does not work"
Designed specifically to slow down your OS.
In the KB article they say it deals with overheating CPUs, but what I don't understand is why the OS specifically cares!?! If you have a properly designed heat solution then this should not be an issue. Why is it in the core OS to run slower!

-nB

Re:Very long list

[secolactico]

Why is it in the core OS to run slower!

This is called the 486sx method. Later on, they'll sell you an upgrade with the throttling disabled (Windows XP TURBO!!!).

(yes, mods, it is a joke).

Re:Very long list

[iantri]

Laptops.. they throttle the processor to increase battery life..

Re:Very long list

[spacefrog]

Because if the temperatures reach those thresholds, then your 'properly designed heat solution' obviously isn't.

If you have a 'properly designed heat solution' then you should never get throttled or should only be throttled very very little.

This is a case of the OS responding to a condition *prior* to the computer locking up. The Linux kernel has a similar feature.

Re:Very long list

[warrax_666]

Having it in the registry means you know where it is,

That's like saying you know where every configuration file is because it's stored somewhere under '/'.

(Although you do have a point about every program using a different syntax. Using the same syntax does really help all that much because you still have to understand the semantics of what you're changing to screw something up).

Re:Very long list

[LnxAddct]

You have no idea what you are talking about. Most apps use some kind of lib or something to access their configs, that keeps the config to a standard, at least internally to the app. If you have another application that needs to access that config, its usually fairly easy to do so. What your saying is, its good to make it easy for any application to access any other application's configuration. How often do you just randomly pick a registry entry and decide to use it for something? When you write your program you know what you'll need and you predefine the config files or in your case the registry. As long as you know what your accessing and how to access it, nothing else matters. The worse thing about the registry is how easily it becomes corrupted. Also, as far as I know there is no tool bundled with Windows to allow you to edit the registry from the command line. So what do you do when your registry is hosed and you can't boot to a gui? I may be wrong, but I don't beleive there is a way to edit it easily from DOS, and booting into Linux is useless because the registry isn't editable with a text editor or something simple like it should be. The registry is a great idea in theory, but horrible in practice.
Regards,
Steve

Re:Very long list

[nuggetman]

This is why $diety invented the home directory. It's there, I don't understand why app developers refuse to use it. Especially on nix based systems like Linux and OS X, where you just put a .appname folder and put the config files in there and the user doesn't see it unless they want to.

Life would be much easier (especially in the way windows installs programs. On the mac you can juts copy your apps folder over to a new install and they'll all work, try doing that with Program Files)

Microsoft and Windows Topics Icons

[USAPatriot]

Of the list of slashdot topics, only Microsoft and the Windows icons are of a derogatory and belittling nature.

Why is it so hard that the editors can't use the appropriate icons for them?

It's time this site starts to grow up.

Re:Microsoft and Windows Topics Icons

What are you talking about? The one for Apple has a huge bite taken out it!

Re:Microsoft and Windows Topics Icons

[dave420]

Indeed. How are people supposed to take Linux seriously when a very large (and very vocal) linux-friendly community uses such childish imagery to describe their competitors. If you go on microsoft.com, they don't call linux "linsux" and have pictures of tux fucking a hooker.

Re:Microsoft and Windows Topics Icons

pictures of tux fucking a hooker.

I totally need this for my desktop wallpaper.

Re:Microsoft and Windows Topics Icons

[smooth+wombat]

If you go on microsoft.com, they don't call linux "linsux" and have pictures of tux fucking a hooker.

Because everyone knows that geeks wouldn't know what to do with a hooker if they had one anyway.

Re:Microsoft and Windows Topics Icons

[aelbric]

Copyright issues?

Re:Microsoft and Windows Topics Icons

[mahdi13]

No, Slashdot can't use Microsoft's logos...MS would sue Slashdot if they did for copyright/trademark infringement!

It's not a geek thing, it's a lawyer thing

Re:Microsoft and Windows Topics Icons

[Megaweapon]

It's time this site starts to grow up.

..says the guy with the all caps, boldface sig.

Re:Microsoft and Windows Topics Icons

[dave420]

And that means you get away with being immature how, exactly? Or, is this just another really, really good example of the double-standards this site has with Microsoft?

Whatever MS does, good or bad, is branded bad and accepted. Whatever linux does, good or bad, is branded good and anyone who says otherwise is a troll.

Re:Microsoft and Windows Topics Icons

[maxwell+demon]

Found on planetspace.de:

"Microsoft is not the Borg collective. The Borg collective has got proper networking."

Re:Microsoft and Windows Topics Icons

[nova20]

Of the list of slashdot topics, only Microsoft and the Windows icons are of a derogatory and belittling nature.

I think that the education icon is somewhat belittling... 2+2=5 ?

-nova20

Re:Microsoft and Windows Topics Icons

[gbjbaanb]

How is the Windows icon derogaroty or belittling?

If you look very closely, its either a very nice stained glass window, or each pane is cracked.

I leave the decision of which it is to the reader, who shoudl bear in mind that this is /.

Re:Microsoft and Windows Topics Icons

[mobby_6kl]

>>pictures of tux fucking a hooker.
>I totally need this for my desktop wallpaper.

Well you may want to check this out. Not exactly tux fucking a hooker, but still
1) Tux is involved
2) Fucking is involved ;)

Re:Microsoft and Windows Topics Icons

[10Ghz]

And if you go to Redhat.com, they don't call Microsoft "Micro$oft" or something like that. But I bet you can find some pro-Windows fansites/blogs and the like in the net where they use childish phrases to describe Linux and Linux-users.

And besides, Microsoft has called Linux "a toy", "anti-american" and GPL "a virus". Why is that "professional" whereas Slashdots images are not?

Re:Microsoft and Windows Topics Icons

[BenjyD]

This is Slashdot, generally a F/OSS advocacy site. Microsoft is about as opposite in beliefs from the general audience of /. as it is possible to get - they've referred to OSS as a "cancer" and actively try to limit its growth.
Why shouldn't the icons represent the distrust and dislike of MS this has created amongst the /, readership? It's a tongue-in-cheek thing anyway.

Re:Microsoft and Windows Topics Icons

[10Ghz]

And that means you get away with being immature how, exactly?

Microsoft calls Linux "a toy". Why isn't that immature?

Re:Microsoft and Windows Topics Icons

[Mysticalfruit]

Basically, your correct.

Last time I checked we're on the "IN-TER-NET". You know that place that is practially a blackhole of all things immature.

If you were to map the internet like a galaxy, Slashdot would be tucked over in the corner next to the obscene jokes and well stuff involving well hung midgets and horny lonely housewives.

Microsoft could release a patch that just by installing would cure world hunger and shrink maligant tumors and the headline on Slashdot would be "Microsoft distrupts food distribution and healthcare systems worldwide!"

So, in short, if your looking for unbiased punctunal and definitative coverage of the every evolving internet, this is not the place.

If however, your looking for the diatribes of cynical, world weary geeks, who know the whole world is basically built on match sticks and is gleefully waiting for the day the whole place comes tumbling down, you've found it.

Re:Microsoft and Windows Topics Icons

[Paul+Crowley]

Because we fucking hate the bastards! Slashdot is not a corporate news portal - it's still fundamentally a fan-run advocacy site. It's ludicrous to imagine that Slashdot should pretend to be neutral, or mature, about these things

Re:Microsoft and Windows Topics Icons

[FireFury03]

If you go on microsoft.com, they don't call linux "linsux" and have pictures of tux fucking a hooker.

microsoft.com is a corporate website, slashdot is an unofficial messageboard for geeks...

Besides, if slashdot used the real MS logo they're probably get sued into the ground for infringing the trademark every time someone made a bad comment about MS.

Re:Microsoft and Windows Topics Icons

[Mateito]

Will this do?

Worksafe... unless your boss is a penguin.

Re:First Dupe!

[ack154]

It's not a dupe. The one you listed is SP2's incompatibilities. This is a list of things it fixes.

What I want to see...

[rarose]

is the list of bugs they've *introduced*.

Re:What I want to see...

[The-Bus]

The bugs are right here. Of course, MS is still not calling them bugs.

Re:What I want to see...

[slashrogue]

Score:5, Insightful? If this were a Linux distro getting an update, this would be marked as a Troll or Flamebait. At the very least, Funny would be more appropriate.

Re:What I want to see...

[rarose]

Have you heard of the term "slime"? Slime in the parlance is a "feature" introduced under the version control cover of a "defect".

Let's say I need to fix a simple little bug, a misspelling in a message, which happens to be in source code file "abcd.c". I've got sitting on my hard drive this awesome new feature (at least *I* as the developer think it's cool), but nobody wants to accept it into the product. Hey! It's in file "abcd.c" too! I check in the misspelling fix, along with 2000 lines of new code for my new feature. In version control though it shows up as nothing but "fix a misspelling". That's slime.

With open source you can't do slime... well you could try but it'd never stay undercover. Thus I'd argue this *is* an insightful comment for a non-open source release, but possibly Flamebait for a Linux release.

Clarification

[Bikini+Kill]

This list is all the bugs that have been fixed in Windows XP through SP2, not bug fixes exclusive to SP2.

Oh no!

[asd-Strom]

How can they fix these: "Random "0x0000008E" Error Message on a Blue Screen in Windows XP" and "Your Computer Restarts Unexpectedly When You Press CTRL+ALT+DELETE to Unlock Your Computer" These are the best features in windows!

Makes you wonder

[suso]

if we're close to the time when the majority of slashdot readers don't know what OS/2 Warp4 is?

Re:Makes you wonder

[TheDredd]

if we're close to the time when the majority of slashdot readers don't know what OS/2 Warp4 is?

Hey! not everybody on /. watches Star Trek

Enough Paper ?

I mean, this guy printed the list : http://www.microbizz.nl/buglist.jpg

13 bugs found that could lead to code execution.

[garcia]

Well, out of the many bugs listed as being fixed thirteen were repaired that could cause code execution...

Were these bugs found internally by their team or were these found by outsiders and then patched months later because knowledge was never released?

Not Prompted to Obtain a Digital Rights Management License for Installations Created by Using Sysprep

This was one bug they could have left unfound ;)

But...

[FunWithHeadlines]

It's time this site starts to grow up.

But, but, but...then it wouldn't be slashdot any more!

Individual vs Cumulative fixes

[Gentoo+Fan]

There are a lot of instances of the word "cumulative" in this list ("Cumulative patch for Internet Explorer..."). I wonder how many true bugs are fixed with this, not just support article entries.

805 bugs

[MDaniszewski]

Out of an amazing 805(?) bugs listed, this has to be my favorite.

Some programs do not work as expected when large files are opened

Re:805 bugs

More obscurity. They should just come out and say "MS Word does not work as expected when large files are opened." In fact skip the 'large' part.

What about usability?

[ciryon]

Are there any fixes in terms of usability or user interface?

Like the damn message that comes up VERY TIME I wake a windoze laptop from sleep: "Hi! You're connected to your wireless network again. The same network as always, but I just wanted to remind you. The signal strenght is excellent. Click me, and I'll disappear. But be sure that I'll return the next time you start or wake your computer!"

I wonder how many suicides are directly related to windows error and/or informational messages.

Ciryon

Re:What about usability?

[Cat_Byte]

HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced, make entry EnableBalloonTips, set REG_DWORD to 0

Check out no. 825062

[BubbaThePirate]

Bug fix no. 825062.

..."Service Pack 4 Permits You to Remove the Service Pack by Using the Recovery Console".

..."The information in this article applies to:
* Microsoft Windows 2000 Advanced Server SP4
* Microsoft Windows 2000 Professional SP4
* Microsoft Windows 2000 Server SP4".

Are they intentionally driving up the number of bugs fixed?

Last time, the list was not complete.

[Futurepower(R)]

SP1 fixed very serious bugs in Win XP that were not on the SP1 bug list. Also, serious bugs that had been reported a long time before were NOT fixed.

My Favourite

[billimad]

326971 - Operating system does not work

Angry Users Demand Return of "Backdoor" Feature

[tenzig_112]

It looks like SP2 also got rid of some useful PC remoting features [in default mode, anyway].

Here's an excerpt from a recent article on the debacle.

REDMOND, WA- Ever since the release of the long-delayed Service Pack 2 for Microsoft's Windows XP, users have noticed a few things missing from the popular OS. Rather than adding new features to Windows, angry customers say this new "upgrade" takes them away. Specifically, the new default configuration in SP2 inhibits the backdoor software that allowed users to access their personal data data, passwords, and credit card data from a remote computer.

"Just a few years ago, people paid through the nose for the convenience of remotely controlling their PC from home or office," explained long-time Windows user Guy Labelle. "I was thrilled to hear that XP shipped with this functionality built in, and it was a big reason I paid for the upgrade."

XP's original default installation included a popup engine, email generator, and a suite of "spyware" applications that allowed Microsoft technicians to run Scandisk and other maintenance utilities in the background, all of it now gone thanks to SP2.

"XP's WinBackdoor was so user-friendly, in fact, that I didn't have to do anything at all," said Labelle. "I'd just sit back and let other people control my PC for me."

Re:How many months did it take?

[Scoria]

Okay, tell meonce again how many months it took to root out those errors? Some where known for a long time. And I expected a longer list... waaaaay longer!

Modifying a large operating system while attempting not to "break" any end-user configurations is nothing short of a prodigious task.

The modifications were probably developed and committed to the Windows source tree in a relatively short period of time. However, Windows must accommodate a diverse array of configurations, including many that are very "fragile" and obscure. Because of this, the modified build likely endured an extensive testing process, hence the multiple delays.

Resolution

[boatboy]

Issue:
Error message on a blue screen when you transfer data to a USB device in Windows XP.
Resolution:
Error message now placed on gradient green screen when you transfer data to a USB device in Windows XP.

Re:Eh... WTF?

[Junta]

Probably a problem discovered during 2003 testing, that, ultimately, was determined to be in XP. Happens a lot in testing that an incidental find sticks with the original summary even after finding it applies to other things.

There was a story on slashdot about this already

[Raistlin99]

And you have to be in administrator mode. Oh no, you mean if I log in as administrator the programs can do bad things.

If I logged on to linux as root and ran a program it could cause the same sort of problems

Re:How about this bug in the firewall

[argent]

This isn't a bug in the firewall.

Local applications running with administrator privilege are inside the security perimeter of the firewall and have the same rights as the firewall management GUI. Microsoft would need to be enforcing mandatory access control to actually prevent third-party applications with appropriate right from managing the firewall, so all they could do would be to leave the management API undocumented and create a false sense of security.

Don't complain, you should be applauding them for avoiding another "security through obscurity" dead-end.

My favorite

[Shakaar]

326863 Operating system throttling does not work

Re:Jeeze, it's BIG

[Mant]

I beleive a lot of files have been re-compiled to prevent buffer overflows and take advanateg of the NX flag on processors that support them. Many of these programs don't have a 'bug' as such, but are being made more secure.

It is a bit scary watching the install and seeing all these things being replaced.

Also the ~250MB is the admin version, that has every update. The version for home users will only have the necessary ones they need, and should be quite a bit smaller if the machine is reasonably up to date.

Probably still the biggest SP for windows ever though.

Re:How about this bug in the firewall

[mslinux]

I'm not complaining. The fact of the matter is that 90% of WinXP users run as administrators. By allowing *any* software to tamper with the firewall, MS has made a mistake. All a virus will have to do is trick a user into clicking a link on a web page or something and the fw will go down. This isn't possible with zone alram or sygate firewalls... nor should it be.

Re:How about this bug in the firewall

[maxwell+demon]

This is just to avoid antitrust lawsuits. If any competitor claims MS destroys their market by including a firewall in the OS, MS can reply: "Well, you see, our FW isn't really secure, so you still have a market."

Wrong time, OS/2 users left know to blame MS

[SmallFurryCreature]

You can only pull this kinda crap (that MS has been proven and even admitted to of having done) when your sure it is the other guy that is blamed. Kinda like when IE fails to load a page it is the websites fault but when Mozilla fails to load a page it is Mozilla's fault.

OS/2 has been killed but it is still being used. Those customers are smart enough to know that any problems are not OS/2 fault but MS. Since MS wants them at one time or another to switch it is probably not to wise to alienate them by showing them how buggy MS software is. Once they switched and are totally locked in THEN you spring the bugs on them. It helps sell the next version. Just explain to me exactly why I should have upgraded from Win95? What exactly has been added that is so helpfull? Stability? Stabilty is a bug, it should have been fixed in a patch.

Read what I wrote...

[rarose]

They *can* hack in an easter egg while *USING SOURCE CODE CONTROL*. And in the management reports it will show up as "fixed a misspelling".

I've done it, I know bunches of other people that have done it, and I've been directed by my manager at one company to do it.

The cutoff date for features is *way* earlier than the cutoff date for defect fixes, and on occasion we'd (i.e. my first level department) discover a feature that we needed to have in the product, but which higher level management would never agree to due to the schedule. Our first line boss would give us the OK to slime it in. It's the old "It's easier to beg forgiveness than to ask permission".

Would somebody lose their job? I guess it all depends on whether your first line manager goes to bat for you or not... but that being said I've *never* heard of a programmer losing their job due to slime.

Re:Read what I wrote...

Before you checkin code, it must be code reviewed -- this is manditory. Someone checking in a fix described as "fixed a spelling error", while adding 2000 lines of code, will be told to remove it (or get a bug opened for the new stuff that they added, and deal with it in a different change).

Depending on the group you work in and the phase of the dev cycle you're in, you also have to get triage approval -- this means you have to justify your change to a group of people trying to keep code churn to a minimum.

When code is checked in, the change is mailed to one or more mailing lists. Among the things in the mail are the changelist description and the file in the changelist. Again, red flags will be rased when someone looks at the diff (and believe me, some anal retentive fucker like me will catch it).

If, somehow an employee managed to get through all of those layers and snuck in those 2000 lines of easter egg code under the radar, and the "easter egg" is discovered (and it will be), they lose their job. It's one of the few things you can do at Microsoft which /will/ result in immediate termination.

This is news?

[isorox]

Why is this news, I thought everyone here used Linux. Or is it just me and you're all laughing behind my back?

Re:This is news?

[Stevyn]

I agree. After I switched to linux I noticed how many people make it seem they're running linux (because of their pro linux comments and being modded up for praising linux), but run windows. Look how many people comment on big microsoft stories. Sometimes it's over a thousand.

I want to see slashdot's webserver statistics showing what people are really running. I wouldn't be surprised if it's only 10-15% of people running linux.

I think in addition to our karma, we should have a linux-o-meter linked to our ID name. That would expose that asshole who shouts out "winblowz," "Micro$oft" and all that other childish crap who's really running windows xp in his mother's basement. There's nothing wrong with people using windows. Hell, I use it at work. It's just when the slashdot "politics" skew the reality of the situation that it starts to get aggrivating.

And by the way, yes I did switch to linux to seem cooler on slashdot because that is all that matters in life.

Here is another list...

[way2slo]

This the list of programs that the built-in firewall will break until you add them to the exception list. Be ready to do the procedure listed in the Knowledge Base article on every machine you apply the service pack to.

Re:How about this bug in the firewall

[argent]

It's a bit of a design flaw in the Windows security model.

I agree 100%. The Windows security model is broken. As I just commented in another discussion: "I hope Microsoft decides to join the 21st century and changes the default configuration so ordinary users do not run with excessive privileges, and instead requires an explicit action (as in the UNIX 'su' command, or Apple's authentication dialog) to grant installers and configuration tools temporary rights when they need it."

I honestly can not comprehend the selective blindness that Microsoft seems to suffer from when it comes to understanding freshman-level computer security.

However.

Going back to my original point: this is not a security flaw in Windows Firewall, and other firewalls like Zone Alarm are not inherently any safer... they are simply depending on security by obscurity. Unless they lose market share to the point where they don't matter to malware authors there will undoubtedly be software that disables them.

Look at antivirus software. They don't have a "Disable" API, but there are still viruses that disable them... and the code to do it as available to anyone with a copy of the world's premier virus distribution tool (Outlook).

Re:My experience with SP2

[delus10n0]

Sorry, but you're talking out your arse.

I installed SP2 and then it made me re-activate both Windows and Office 2003.

We've deployed it on approximately 100 machines here in the office, and haven't had any activation issues of any kind, with Visual Studio, Office, or Windows XP itself. I also fail to see how a service pack would force a re-activation.

spoke to numerous tech support and activation department employees before they gave me a new product key which could be re-activated. I felt like I was getting interrogated as to why I was re-activating the software

You've apparently never actually had to re-activate windows or office. The very first thing you can do is use the internet to re-activate. 90% of the time this works right off the bat. The second thing you can do is call their 1-800 number, and be connected to an automated phone system. You say/speak the code into your phone, and the system reads back an auth code. Bam, done. If for some reason the phone system cannot understand you, it transfers you to a Real Live Person (tm) who asks for your code, and gives you back an auth code. No interrogation. No questions at all, even.

You're a bit confused.

[Ayanami+Rei]

The processor can't detect "empty clock ticks"... there's no such thing.
If the operating system determines that no user threads have anything to do, and the kernel has run out of stuff to do to... so it's just waiting for hardware interrupts (keyboard, mouse, network, video, disk, interval timer), rather than sitting around in a loop it executes the HALT instruction which brings the CPU into a low-power state until an interrupt or trap wakes it up.

Otherwise it would have to spin in a loop for a few milliseconds, and that eats juice it shouldn't otherwise need to.

Intel Speed Step CPUs let the operating system use special MTRRs that allow it to dynamically adjust the clock speed in reaction to an increase or decrease of thumb-twiddling time as well. Because a CPU at 1.2GHz halting 50% is still consuming more power than the same CPU at 800MHz in HALT only 20% of the time.

I believe this is the thing that doesn't work in XP without Service Pack II or hotfixes. I've heard about this gripe before.

It wouldn't be so bad...

[Ayanami+Rei]

if there were three changes....

1) That the reg tool existed as early in NT as when the registry was first introduced.

2) That the reg tool would allow you to dump and restore hives and keys to flat/text files

3) That the registry would be broken up into many hives that applications could load and unload dynamically and keep independantly.

In this fashion, for example, all the settings for a particular app for a particular user might end up as %USERDIR%/Application Data/foobar/foobar.dat and would be dynamically added under HKCU or whereever until it the relevant app was closed (and the hive removed).

You could always go back and manually mount that hive and make changes...

In this fashion, complete rebuilds would become unnecessary because you could spread out your critical config, and backup/restore parts independantly, prevent corruption or slow access from large hives, etc.