Microsoft has officially released the patch that fixes the WMF flaw. The patch can be download individually here, but it is advised to simply use Windows Update. Yesterday, Microsoft said it would not release it until next Tuesday, but two (1 | 2) third party fixes were already available. And to make matters worse, Microsoft accidentally leaked their own patch to the Net yesterday.
To read all comments associated with this story, please click here.
Member since:2005-12-15
But, the icing on the cake is this one.....
"Extended security update support for Microsoft Windows NT Workstation 4.0 Service Pack 6a and Windows 2000 Service Pack 2 ended on June 30, 2004. Extended security update support for Microsoft Windows NT Server 4.0 Service Pack 6a ended on December 31, 2004. Extended security update support for Microsoft Windows 2000 Service Pack 3 ended on June 30, 2005. I’m still using one of these operating systems, what should I do?
Windows NT Workstation 4.0 Service Pack 6a, Windows NT Server 4.0 Service Pack 6a, Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their support life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities."
In laymans terms... You guys are screwed unless you update.
Well, yeah. Is it practical and reasonable to support an OS for more than 10 years? Not really.
For comparison purposes:
Redhat - 7 years - http://www.redhat.com/en_us/USA/rhel/
Novell - 5 years (+2 extended if you pay) - http://support.novell.com/lifecycle/index.jsp
Sun - 7-8 years (hard to tell) - http://www.sun.com/software/solaris/releases.xml
NT 4.0 has had a good run, time to move on. Not running SP4 on 2000? Update, it's free. Using Win98? Patching is pointless, it's not a secure OS anyways, move on for your own good.
Member since:2005-07-06
Member since:2005-07-06
Windows 2000 is 10 years old ?
how many business have you worked in ? The majority of the ones I seen have data centres running Windows 2000 SP2 or SP3. The logistics of upgrading 4000 computers at once is a nightmare.
However, that was not the point I was making.
The point was this...
Microsoft should fix exploits in ALL versions of software it produces. Not just ones it wants you to use.
Member since:
2005-07-06
from the FAQ....
[/i]"How does the extended support for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition affect the release of security updates for these operating systems?
For these versions of Windows, Microsoft will only release security updates for critical security issues. Non-critical security issues are not offered during this support period. For more information about the Microsoft Support Lifecycle policies for these operating systems, visit the following Web site"[/i]
ALSO...
[/i]"Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by one or more of the vulnerabilities that are addressed in this security bulletin?
No. Although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, the vulnerability is not critical because an exploitable attack vector has not been identified that would yield a Critical severity rating for these versions."[/i]
yeah right, it affects ALL versions of Windows.
But, the icing on the cake is this one.....
"Extended security update support for Microsoft Windows NT Workstation 4.0 Service Pack 6a and Windows 2000 Service Pack 2 ended on June 30, 2004. Extended security update support for Microsoft Windows NT Server 4.0 Service Pack 6a ended on December 31, 2004. Extended security update support for Microsoft Windows 2000 Service Pack 3 ended on June 30, 2005. I’m still using one of these operating systems, what should I do?
Windows NT Workstation 4.0 Service Pack 6a, Windows NT Server 4.0 Service Pack 6a, Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their support life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities."
In laymans terms... You guys are screwed unless you update.
Edited 2006-01-05 21:58