Slashdot Mirror
Latest SP2 News
Xformer writes "It seems that SP2 for Windows XP isn't as secure as Microsoft touts it to be. Heise Security has uncovered two flaws in SP2's bolstered security measures, both of which may be used to get around the new trusted/untrusted executable origin checks. Of course, who would be surprised by this?" Reader EtherNetFreak writes "Well it appears that at least one hotfix is already available to fix yet another bug in Windows XP, post SP2 application." Reader Finalnight writes "'Microsoft Corp. yesterday delayed yet again its oft-delayed Windows XP Service Pack 2, this time postponing the patch's distribution through the company's Automatic Update service.'"
SP2 for Windows XP isn't as secure as Microsoft touts it to be you just blew my mind :)
All the torrents you could want.
I'm curious how long it takes them to release Service Patch 2 for SP2...
Great, someone used Sweeping Microsoft Generalisations #423 and #587, and gets modded up as Funny.
Come on, guys, if you're going to bash the Beast of Redmond, at least put some effort into it!
-MT.
-MT.
In other words: It's not a programming bug, it's a design flaw.
I think it's funny, because it happens very often...
... (Fill in some very good reason, like getting fired ;))
Developers vs Rest-of-company:
Pre-release-phase:
Rest-of-company : Come on, we _need_ SP2 now!
Developers : But it isn't finished yet...
Rest-of-company : If we don't get it NOW, we will
Developers : Oke, but there are too many problems with SP2...
Rest-of-company : We'll release some hotfixes, just give it to us _NOW_!
Developers : *shrugs* Oh well... Just don't forget we warned you guys...
Post-release-phase:
Rest-of-company : WHOA, There is a problem with xxx. How is that possible?
Developers : Well, SP2 just isn't quite finished yet...
Rest-of-company : Not finished? What the f**k?!
Developers : We told you so, before the release, but...
Rest-of-company : I don't want to hear that, just go and work on the hotfix...
Developers : *shrugs* Oh well...
Is it there or isn't it? What is it? It's the Heisenberg Patch!
And remember kids: Never trust a computer you can actually lift.
*Yet* another flaw in XP SP2 has been found:
Even with the service pack applied, Windows does nothing to guard against the user revealing their password to a complete stranger in a train station in exchange for some crappy pen.
MICROCRAP WINBLOWS!!!!!!!
Sending an email and instructing a user to do something more than "click here"? What's next, "Hello. To see nude pictures of Natalie Portman, please: go to insecure.org and download nmap, go to arin.net and find ip ranges for several major calbe internet providers, search for vulnerable Windows XP systems that you can use exploits on (use Google to find Windows compiled versions of the exploiting tools), and use the exploits to inform the remote user of this method. If you infect 10 people and get them to pass it to 5 of their friends, Bill Gates will send you a check for $50 for every person that references you. It's true! I did it and you can to! K THX!"
DeMe
Unfortunately, some idiot on /. will probably claim that Linux is better at releasing non-buggy software. Just ignore that 2.6.8.1 kernel over there.
At the top of the hour, we'll bring you Microsoft's latest battle to ensure Security in their Service Pack 2 Upgrade, but first, this message from your sponsor...
...Okay, Microsoft the #1 manufacturer of software in the US has announced that it will not be shipping its Service Pack 2 upgrade on time. We have an operative at Microsoft headquarters who can bring you the scoop. Stan?
...security are coming along just fine. Hang in there, and we'll show you that Microsoft is the only company in the world that can offer you security from all manners of Internet threats, from pirates to hackers, and of course, file-sharers."
...oops, sorry, wrong footage...
*cue the Microsoft ad*
*cut to Microsoft Windows ad*
Mr. Ballmer, how does this delay affect your company's efforts to ensure the security of your customers? What does this mean in your plans to release the Longhorn operating system?
"Well, Stan, we here at Microsoft have been long at work making things safe and secure for every single person, and we don't plan to change that now. As for Longhorn, that will be put on delay until we can secure what we have now. Beyond that, I can't comment."
Do you give any credence to the rumors that more and more of your customer base might be slipping to Windows?
"Yes, but they'll be back, when they discover that the costs of going to Linux is higher than staying with us. Our plans of world...
Thank you, Mr. Ballmer. Back to you, Charlie.
*cut to Charlie*
Thank you, Stan. When we come back, a look at your money, and a surprising look at SCO's evidence, proving once and for all, it's ownership of UNIX and Linux...
*cut to MSN Ad*
Darl McBride, CEO of the SCO Group, uncovers an amazing discovery that could turn the tables in their court case against IBM, who they allege had taken UNIX code, the recipe for a computer to work, as they provided this evidence this afternoon in court...
*cut to scene where Darl is in a straitjacket, screaming that Linux is his and if he can't have it, no one will*
*cut to scene where SCO lawyers present the Chewbacca Defense*
No question, IBM's claims make no sense. So, here we have conclusive evidence that Linux rightly belongs to the SCO Group.
In an unrelated incident, Darl McBride, surprised at the effectiveness of the maneuver, lost his sanity, and shouted about his ownership of Linux.
*whisper: Do you think they'll buy that? What?* *looks at camera* Oh, when we return, we'll cover your money, and it's safety in MS-backed stocks.
The Penguin Producer
After installing SP2 i received an email from a person i don't really know, but he somehow had found a Word document with a lot of personal information about me online and was worried i might have misplaced it. He was so nice to send it to me, so i tried to open the document to see what was in it but Word wouldn't start properly and nothing seemed to happen. So it seems SP2 breaks Word. And on top of that my computer is really slow lately and sometimes messages appear on my screen like, 1 0wn j00! WhaAHAHa 5uck3R!!
kinda funny but i don't remember installing that...
seriously, if a user is dumb enough to follow instructions to do something he never asked for from somebody (he probably doesn't even know) he got an email from, you might just as well ask them to install backdoor.exe because it will make their computer faster.
if(Lucasarts)
...
post.replace("SP", "EP", 0);
Look, SP2 sucked, noone liked it, we are all waiting for SP3, although most of us have this feeling that it will be more of the same.
It gets complicated with SP4-6 due to something called the time-space continuum.
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
+5 REDUNDANT
actually, this is slahdot
"There is nothing more frightful than ignorance in action." Johann Wolfgang von Goethe
This trash should be modded down as the author of this post is completely misinformed and should be shot on sight.
But hey, they mentioned SCO and MS in the same post!
Pretty soon we'll have Longhorn exploits coming out.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
It's not a new OS in any way, shape, or form. Go to the Run command on an XP SP2 box, type in "winver" and you'll see this is still Windows NT 5.1, just as all versions of Windows XP have been since they first came out. This is one of those many cases where size does not matter.
Yes - agreed - to be exact; "With Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet. There are two flaws in the implementation of this feature:
1. It doesn't work
2. It doesn't work
Now, I know technically speaking this is just one flaw, but it was such a big one I thought it was worth mentioning twice.
(Thanks Red Dwarf!)
Actually, what REALLY happened was:
Evil Hackers: Hmmm take a look at this. MUAHAHAHAHAHAH!
All the world's hobbits, ignorant of their approaching doom (singing): *La la la la la!*
Whitehat guys: Hey, there's a security vulnerability here!
Microsoft: *whistling* what? I didn't hear you!
Whitehat guys: I TOLD YOU THERE'S A VULNERABILITY!
Microsoft: It's not a vulnerability. You're exaggerating.
White hat guys (screaming): HEY EVERYONE! THERE'S A VULNERABILITY IN WINDOWS!!!
The Media: We've heard some rumors of some vulnerability in Windows...
Microsoft: It's just rumours. Anyway, it's those linux cheapstakes, would you believe them?
Evil Hackers: MUAHAHAHAHAHAH!!!!
(couple of months later...)
All the world: My computer's been infected!
Evil Hackers: MUAHAHAHAHAHAH!!!!!!
Microsoft: OK, OK, so there WAS a vulnerability! But now's been fixed!!
All the world: Yay!! Hooray for Bill Gates! (they put him in a pedestal, and proclaim him savior of the universe)
(Two weeks later...)
Evil Hackers: Hmmm take a look at this. MUAHAHAHAHAHAH!
Whitehat guys: Hey, there's a security vulnerability here!
Microsoft: *whistling* what? I didn't hear you!
Billy Joel (singing): *We didn't start the fire...*