Slashdot Mirror


Latest SP2 News

Xformer writes "It seems that SP2 for Windows XP isn't as secure as Microsoft touts it to be. Heise Security has uncovered two flaws in SP2's bolstered security measures, both of which may be used to get around the new trusted/untrusted executable origin checks. Of course, who would be surprised by this?" Reader EtherNetFreak writes "Well it appears that at least one hotfix is already available to fix yet another bug in Windows XP, post SP2 application." Reader Finalnight writes "'Microsoft Corp. yesterday delayed yet again its oft-delayed Windows XP Service Pack 2, this time postponing the patch's distribution through the company's Automatic Update service.'"

7 of 483 comments (clear)

  1. Managing large projects by nboscia · · Score: 5, Interesting

    This makes me wonder how Microsoft, as well as many other large software corporations, manage security patches and quality assurance of their software. Is the problem with there being so many people working on different projects that they do not communicate and therefore things get overlooked, or is it due to the complexity of the software, or something else entirely? I couldn't imagine how someone could manage 'security' for Windows (or any similarly large project) and be 100% sure of what all the technical staff do. Does it come down to having more meticulous software engineers and rigorous testers? How would people recommend this be done? I'm sure the typical "make it open source!" answer will be given, but if that is not an option, how do companies who are more successful at this do it?

  2. Execute.me by lastberserker · · Score: 5, Interesting

    How's sending .gif and asking to run cmd on Windows XP system is any different from sending .gif and asking to execute perl on Linux or BSD?

    --
    My other Beowulf cluster is... er...
  3. Only 2 for a new OS release? by OffTheLip · · Score: 5, Interesting

    From my perspective based on the size of SP2 I'd say it's a new OS. Two patches/flaws in a MS OS is darn good. Kudos to Redmond.

  4. SP2 Borks iPODS it seems... by spineboy · · Score: 5, Interesting
    There are many, many reports on iPODLounge (the main iPOD support forum) of people who install SP2, lose their iPOD functionality, and then need to roll back their XP system to pre-SP2 in order to get their iPODS to function again.

    I just got a new 4th gen iPOD, which I can write to on Linux, but can't get to work on my XP-SP2 Windows dual boot machine.

    Guess what I'll be uninstalling next...

    --
    ..........FULL STOP.
  5. Re:Outsourcing a problem? by ggvaidya · · Score: 5, Interesting

    No wonder Windows '95 was so nice and stable, huh? Happened long before the bad new days of outsourcing ...

  6. Enough already... by Ghostgate · · Score: 5, Interesting

    I mean, let's be serious. I'm not defending Microsoft because let's face it, they have allowed some pretty serious security flaws to get into Windows in the past. But the article does mention "social engineering" and I ask you, isn't this at the root of many, many security issues? I'm not saying Microsoft is never to blame - not at all. But what I wonder is how much damage has to be done before the typical user just sits down and LEARNS a little about security. I am honestly appalled at the number of computers I see that are on the internet without ANY form of anti-virus protection - much less a firewall. Computers are certainly much more complex to operate than say, a car - and we make people go through a whole course and take a test before they're even legally allowed to drive one. Why? Because they can end up killing someone, or themselves, if they don't do it right. With a computer, it's not that severe, but you can still do some major damage (or have it done to you).

    Put it this way. If the average user took the time to learn just a little more about this device that is a BIG part of their lives, and how to keep it and their private information secure, would security really be as massive of an issue as it is today? I will say this, though - I'm glad Microsoft has turned the firewall on by default in SP2. I know it's going to cause a lot of headaches, but think about it - a lot of people are hearing about a firewall for the first time thanks to SP2. Hearing about it, and being FORCED to deal with it, is a big step for the average user towards learning more about security.

  7. Re:'Flaws' Not that big of a deal by LiquidCoooled · · Score: 5, Interesting

    I don't know about you, but just being Open Source fan unfortunately does not mean I can stay away from Windows.

    In the real world, we have jobs and PHBs and spouses who don't want to disrupt things or break working apps (Sims for the missus, god help me if I break that one!).

    I think the SP2 stories are required reading at the moment, and at the same time, I am glad the comments are littered with cynical remarks and questions. We need to question the motives of these companies, and we need to test SP2 to breaking point.

    We want Linux to "take over the desktop", but at this point, as a compromise I am happy running Firefox and OO.org.

    I won't try and say I dual boot, I find the thought of having to reboot an entire computer just to run one program absolutely stupendous, but when I get my linux bug I always have a knoppix disk lying around :)

    --
    liqbase :: faster than paper