Home > Microsoft > Microsoft Details New Security Plan Microsoft Details New Security Plan Eugenia Loli 2003-10-09 Microsoft 12 Comments The software giant will focus on adding new security technologies to its products, educating its customers and improving its process of releasing patches, CEO Steve Ballmer says. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 12 Comments 2003-10-09 7:31 pm The article talks about Windows XP and 2003 – what about Windows 2000? That being left out in the cold? 2003-10-09 7:48 pm Haven’t we been hearing this approximately every three months for the past couple years?? These promises sound like vaporware to me after all this time. But, what do I care? My job’s repairing hosed Windows installs, viruses, etc. That doesn’t mean I actually have to RUN their (marginally better than mediocre) software anyway. 2003-10-09 9:08 pm Haven’t we been hearing this approximately every three months for the past couple years?? Exactly, sound familiar? I bet Microsoft will secure windows about the same time that Linux takes the lead in market share across the board. 2003-10-09 9:31 pm “The article talks about Windows XP and 2003 – what about Windows 2000? That being left out in the cold?” Windows 2000 before SP2 is EOL( End Of Life), and all versions will be EOL soon. Once MS decides something is EOL they stop support for it, so most likely it will be left out. 2003-10-09 9:50 pm “The company has also pledged to continue support for users of Windows NT4 service pack 6a and Windows 2000 service pack 2, both products for which the company had previously halted support.” 2003-10-09 10:51 pm The only way Windows will ever be secure, is if they drop backwards compatibility to DOS/Win16, start to force users to run as users, and not as root, and provide the OS in a secure state out of the box (which Win2K3 does for the most part). However there is another side to this: Application developers… Once they get off their a*ses and actually play nicely with the security model, things will improve as well, (Being a sysadmin, I’m stick of users having to be an local administrator just to run some software, and I’m not talking old-leagcy type stuff, but current release stuff). 2003-10-10 6:37 am Why are there people who insist on not installing service packs and quick-fixes when made available? SP4 has been made available for a long time, yet, we have people insisting that they should continue running SP2. As for the law suite, I would love to know what he/she ran and whether he/she downloaded any of the updates that have been made available. If this persons “identity” was stolen and it could be put down to a date, then for logical reasons one could compare this date with Windows Updates. If the person has failed to install an update when made available, the whole suite should be thrown out. There is a fine line between a persons identity being nicked because of a poor quality product and a persons identity being nicked because they were too bloody lazy to install an update. It would be like Ford putting a notice out that all Foobah models have a flaw and that they should be returned to their dealer ship to get this flaw corrected. If a person IGNORES this warning and is injured, who is responsible? the car manufacturer of the consumer who DELIBERATELY IGNORED the recall? 2003-10-10 7:25 am Why are there people who insist on not installing service packs and quick-fixes when made available? SP4 has been made available for a long time, yet, we have people insisting that they should continue running SP2. Because some of the service packs have a bad habit of breaking things, or not playing nicely with certain combinations of patches to other MS products, etc. 2003-10-10 9:27 am Because some of the service packs have a bad habit of breaking things, or not playing nicely with certain combinations of patches to other MS products, etc. 1) Inform third parties that their product doesn’t work with that respective service pack; if you company is big enough, threaten them by saying that you’re prepared to move to the competition, even if it means needing to spend money converting things over. 2) I’ve never seen a bad combination between MS products and Windows. I have seen bad combinations between Windows and third parties due to the third party refusing to take part in the service pack beta process. Had these organisations taken part, they would be able to test and correct and issues with their products so that once the problems are fixed, they can release a patch for *THEIR* product as Microsoft releases a patch for Windows. It isn’t up to Microsoft to constantly chance organisations who produce crappy products. It is up to the organisations to utilise the Windows beta seeds that are made available and to air any concerns they have with Microsoft if they uncover an issue. Microsofts responsibility is to ensure that their products work nicely, it is up to the third parties to test their product and supply patches. 2003-10-10 10:42 am <em>1) I’ve never seen a bad combination between MS products and Windows.</em> I’ve had XP totally crashed into a non-bootable state after installing a lot of patches and service packs at the same time. And, yes, I rebooted everytime Windows prompted me to do so. This was directly after a clean install of Windows XP. The exact same syndrome happened for a friend of mine. So, please CooCooCaChoo, I advice you to go read some windows help forums get and idea on how many people experienced these issues. That may help you get a foot back into the real world. 2003-10-10 11:10 am You must be doing something REALLY WRONG. Having installed SP1 + the hundreds of patches/updates/tweaks and other crap Microsoft has released, I have NEVER seen a system get to such state. My advice, uninstall all that tweaking/speed increases/utilities and other crap, and use the provided tools. The number of people I have seen, who have computers, load them with crap like Nortons Utilities, they can be pointed out as the WORST possible thing to install on Windows. You want your whole system to be rooted instantly, install that crap. When I ran Windows 2000 for around 6 months, I had Office 2000, Studio MX, Netbeans, Corel Graphics Suite, a couple of games. I installed EVERY update that was made available and *AMAZINGLY* everything worked perfectly. I have now moved to the Mac, and again, I have no problems. People who have problems with their computers suffer from what I call “tweakaholic” addicition. They stuff around with every part of the OS until the whole thing is rooted then complain on zyx forum about their tale of wowes without even *ACCEPTING* they’re the source of their own missery. 2003-10-11 11:35 am Reading stuff about Microsoft and security is like doing something while someone is chanting “Hare Krishna” in my ears. At first, it’s amusing, then it becomes irritating. Instead of rehashing propaganda, maybe Microsoft should take a look at how other groups really solve security problems and get a clue from them (FreeBSD 4.9 RC2, anyone ?). I don’t need to be educated by Ballmer and his pals. To that end, I read books, manual pages, FAQs, articles and so on. There is no place in my life for a corporate version of Mao’s Red Book. Yesterday, at work, I installed a fix for Internet Explorer on Windows XP, as suggested. It wasn’t necessary to reboot after that. Guess what : MS Office was almost brought to a halt. Apart from Norton antivirus, we don’t use any tweaking/speeding/whatever applications. We, poor ignorant users, are blamed for our inability to properly apply patches. If that were true, why is it that on many occasions, it has been reported that Microsoft itself kept unpatched servers in its network ?