Microsoft Corp. executives have kicked off the campaign for the company’s next big Windows push: Windows XP Service Pack 2 (SP2). In a Webcast Tuesday morning, Microsoft Security Business Unit Vice President Mike Nash said to expect the service pack —a major release—to enhance security in four ways. It will remedy open ports, malicious e-mail attachments, malicious Web content and buffer overrun attacks, Nash said.
Still no download on Betaplace though.
Win2k performs better on my k6-2 450, does anyone know if such a SP will be released for 2k?
Well, we can finally clap our hands for MS. According to Google Zeitgeist, XP is running on more Internet-enabled computers than any other OS (38%), and until SP2, MS has not fixed the major Internet-related problems (open ports, “automatic” downloads with IE, and pop-up blocking). IE has not received updates in so long, it’s almost disgusting.
I’ve already begun replacing IE with Firebird as the default browser on all of my newbie friends’ computers. It’s not because I’m an anti-MS zealot, but only for their own well-being. The average XP user has HUNDREDS of pieces of adware/spyware running on their machine, all due to holes and exploits in IE. You simply can’t get something “automatically” installed in Firebird… it doesn’t make any sense for it to be possible. In addition, Firebird has built-in pop-up blocking. And, on one unfortunate friend’s 166Mhz Gateway, Firebird ran 3-4x faster than IE, and started up in about half the time.
One of my friends’ machines was recently compromised while he was on vacation, and lots of damage to his entire network was done. He determined it happened due to an open port (that machine, a notebook, wasn’t connected to a hardware firewall).
I think Microsoft has an obligation to the public to fix up the bugs in IE, and do so with speed and diligence. When you have more than 90% of the browser market, you simply HAVE to fix those bugs, even if it doesn’t make you any money!
You killed Netscape by giving IE away for free. Now take the responsibility for your actions and make IE a secure browser. Until then, I’ll be replacing it with Firebird.
Windows XP Professional runs perfect on a K6-3 400 with 128 ram with no problems. I like it better than W2K, it has more features and is rock solid. There is SP4 available for W2K…
Ok, I hate to burst your bubble, but if you have spyware or adware on your computer then it is your own fault, flat out. There is no flaw in IE that will automatically download this spyware, you have to do it yourself.
Also, it is just plain stupid to not run your system behind a firewall, especially since XP comes with one built-in.
Pop-up blocking is not exactly a critical feature, but it is nice to have, and you can download tools that do it for free. And actually, MSN9 has a really nice pop-up blocker built-in.
looking at the new features that will came with sp2
patches for b overflows and other bugs, and some new policys for internet explorer and outlook like popup blocker and automatic downloading of applications and content
its something we (oss fans) have for about some time and its quite interesting why only now microsoft is patching and disabling all identified sources of the major treats to this OS. The easy abillity to install and run applications from websites and email.
Its like starting to build the house of security from the roof.
With the new firewall, users will not have to choose between turning all ports on or off. Now, they will be able to authorize specific applications to make use of certain ports using an application approval list.
I like the sound of this, because how would users know which ports to open? Therefore they can allow a list of programs to be authorized, and windows xp will know what to do.
Do other firewall apps work like this too?
I have never bothered with a software firewall, because most ports are closed or invisible on my router.
Anyway some people might still say Windows is crap, but the fact remains this is better than the default Windows XP that was shipped in 2001.
Didn’t they said the same thing with Windows Server 2003? Anyway…
I hope this service pack will live up to its hype. It’s a long overdue update that will probably simplify the life of many sysadmins and users. I’m personally immune to most of them (I’m behind a firewall, I read my e-mails only in Linux, I don’t use IE) but it’s still a welcome update. I just doubt it’ll be as good as they claim.
I hope when this is released that OSNEWS can keep us updated on how to slipstream this in the install process, for when performing a fresh install of XP.
What I mean is point us to a website with the correct info on how to do this.
🙂
Well, if you are such a ‘Network Wizard’ there Johnny boy why did you get ‘intruded’ upon….
Whatever, John runalong it is naptime…
Are you talking to me.
I claim to be no expert or anything.
Is there going to be another service pack for windows 2000?
If yes, has there been any announcement by MS when?
thx.
– d
Yeah pal i feel your disgust for this situation. I too happen to be the more knwoledge of my friends, and about 99% run windows and have all sort of problems. Im sorry for them, if i could and had time and they, the necessary energy and will i would switch them to a free alternative.
Some dont mind beeing raped, others dont even know at all that they have been, what sort of programs they had installed and so on. So usually on my *free* charge suport, the 1st thing i do is to install mozillafirebird, after i run ad-aware and get rid of all sort of small viroses, worms and spyware. Install a good antivirus that i run only 1 time, to catch the lateste popular virus. After i install some sort of firewall, i work with blackice but avs is pretty cool too, only when isnt available i try to atleast enable windows firewall (on xps). Finally i recheck the connection properties, and what services they are providing outside, like netbios and so on.
To the ones that want to listen i give a brief lecture about what they are missing by not switching to something like linux or any bsd flavour. If they want to listen the next step is to appoint a linuxparty for a dual boot installation of a popular distro and point them to a book they should buy and read in their spare time. I give support for a awhile they i let they go from my hand.
For the ones that dont want to hear or just say im advocating, twisting and making their minds. I just thank them for their time, i do not accept nothing for the support provided, but i tell them they will never ever listen nothing from me in the future about virusoes and “how to deal with taht missing important doc file”, or any other kind of windows problems any more.
Looks like SP2 will bring significant improvements to Internet Explorer. As a web developer, I wonder: Does anybody know yet if it will feature support for the Portable Network Graphics (PNG) format with alpha blending?
Point and click firewalls are bad, since you dont know nothing and arent aware about whats happening.
since theres no windows based rules firewalls, afaik, i suggest for the ones that get interested instead of buying an hardware fw, or paying for that software fw they have, find an old box, or join same pc spare parts and install one OS that provides you that functionality. besides what you will learn you are going to end with a better and much more reliable security layer to your private network.
are you talking about the missing Alpha bleeding PNG support of Internet explorer that mozilla happens to have since version 1.0 from 1.5 years ago?
I think isnt for this SP.
Better PNG and Tabs in Internet explorer, will be only supported on IE 7
http://www.ncf.ca/~bh447/pngdemo/
for the ones that dont know what is @stake here, and happen to be running windows, install mozilla suite or mozilla firebird and load up the above link.
Do the same with IE, find the differences and be surprised
Thanks for the advice.
that Internet Explorer never had full PNG support. It’s patent free too.
Does anyone have a copy of the EULA for this service pack, perhaps Microsoft found that “phoning home” isn’t very liked by corporations and governments.
Is there going to be another service pack for windows 2000?
My guess is YES. Windows 2000 already has an EOL date, but there are SO MANY deployments of it, it’s just not reasonable to think that MS will require upgrades to W2K3 to receive updates. More likely is that Windows 2000’s lifespan is increased and a 5th Service Pack comes out.
However, I do not expect a 5th SP to add any functionality, I expect it to be purely security based. Windows 2000 was never intended to be for a home user, and anyone who says it’s faster than XP simply hasn’t loaded XP correctly (or they are running subpar hardware).
Did anyone else read that as “It will remotely open ports…’?
Adam sez, “Windows 2000 was never intended to be for a home user, and anyone who says it’s faster than XP simply hasn’t loaded XP correctly (or they are running subpar hardware).”
That’s bullshit. XP is slower than Win2k on the same hardware. Application launch, switching among applications, disk operations. All slower.
With the new firewall, users will not have to choose between turning all ports on or off. Now, they will be able to authorize specific applications to make use of certain ports using an application approval list.
About the application approval thing, I wonder if ZoneLabs is going to cry foul over this.
That’s bullshit. XP is slower than Win2k on the same hardware. Application launch, switching among applications, disk operations. All slower.
Go here:
http://www.monroeworld.com/pchelp/xptweaks.php
Follow the directions, and then get back to us.
<sarcasm>
A Firewall! A PopUP blocker!! HTML images blocker for outlook!!! Omg, so many “new” features!!!
</sarcasm>
Pity it is at least two years late :/
Don’t you think it’s strange that you have to tweak the OS like a crazy to make it faster?
But hey, bloatness encourage hardware companies… That’s why we have blazing fast hardware nowadays.
Thanks for the link, that’s a pretty amazing demo! (Works great in Konqueror, BTW.)
A Firewall! A PopUP blocker!! HTML images blocker for outlook!!! Omg, so many “new” features!!!
Actually both Outlook & Express already have the ability to block HTML images. Both have the ability to block HTML outright (killing the images) and Outlook 2003 lets you download the HTML without imagines, and then letting you download them if you want.
Don’t you think it’s strange that you have to tweak the OS like a crazy to make it faster?
Not really. All Linux distros with their default KDE/Gnome configurations feel just as bloated to me. So, I would guess that both require a bit of pruning, I just don’t know how to do it well with Linux yet (Would be interested to know if there are ways to speed up the damn file managers in KDE/Gnome or get a Xandros-like FM in a non-Xandros distro.)
Heh okay. Anyway, thanks for the link.
Win XP Professional is amoung the best operating systems on earth.
In some areas I found XP to be faster.
But you no how some being recommend using a ligher WM for Linux, it is the same thing with XP and 2000. System response feels better in 2k.
I use to run 2k on a P120 with 96MB RAM and it felt fine.
The particular area I found XP to be slow is with video, eg. Running the exact same DivX file in both OSes on the same hardware.
XP has 100% CPU, and can’t playback in fullscreen. It gets choppy and then it halts.
2k gives me enough CPU usage to be able to play fullscreen.
I do have subpar hardware but it is adequate for 2k, this shows XP is now slower in some things.
What is the minimum requirement for a video card for XP? Was it 16MB.
I only got a 4MB PCI Matrox Millenium II. It may be upgraded soon.
Don’t you think it’s strange that you have to tweak the OS like a crazy to make it faster?
This is no more accurate to reflect the sad fact of Linux/GNU desktop
kernel swithces, preempt patch, mozilla/firebird, idebus=50
“With the new firewall, users … will be able to authorize specific applications to make use of certain ports using an application approval list.”
Gee, sounds like every free personal firewall that I have used so far. ZA Pro sucks, I have found Tiny Personal Firewall 2.0.15 to be the best firewall for my system. Unless XP’s new default firewall is more resistant to intrusion attempts, I will stick with TPFW. With the XP firewall tell you exactly which service is attempting to connect to what outside IP, the port used in communications, IP banning, port blocking, remote port connections, detailed logs, et cetera? If not, i will not use the XP default firewall, and will remain with TPFW.
Dula booting Xp and 2K on excellent high quality hardware and drivers.
2K always feels more responsive and exectutes task faster even if you turn off XPs eye candy. Also 2k has been more reliable for me. XP always develops mystery problems for me – losts settings, apps no longer working, lost functionality. 2k is bullet proof.
I use to run 2k on a P120 with 96MB RAM and it felt fine.
The particular area I found XP to be slow is with video, eg. Running the exact same DivX file in both OSes on the same hardware.
XP has 100% CPU, and can’t playback in fullscreen. It gets choppy and then it halts.
2k gives me enough CPU usage to be able to play fullscreen.
A P120 is not quick enough to play DivX no matter which OS you use, the processor is simply not fast enough to decode it in real time let alone show it in full screen.
I’m expecting at the least an XP SP3 (and probably an XP SP4) before Longhorn
Me too :B
A P120 is not quick enough to play DivX no matter which OS you use, the processor is simply not fast enough to decode it in real time let alone show it in full screen.
Sorry I should have referred to my earlier post (second from the top) to make it more obvious that the computer I am now using is a k6-2 450Mhz.
🙂
http://www.sygate.com, and it has both rules and “Point and click” app selection.
thanks for the point Sagres, used sygate long long time ago, and didnt know they provided that feature now.
Sygate is/was always a good firewall, thats why Diebold is now shipping with their Win based atm’s
http://www.securityfocus.com/news/7517 (funny read btw)
In response to the problem, and to meet their customer’s IT requirements, Diebold next month plans to begin shipping all new Windows-based ATMs preinstalled with a software-based firewall, made by Sygate Technologies.
me wonders if diebold will disable the firewall (or make rules!) for Windows Update and SP2
I have no way to try it right now, but i will give a look to it soon, to catch with the features im missing.
btw,
im more a superbock.pt guy #)
>>I have found Tiny Personal Firewall 2.0.15 to be the best firewall for my system. Unless XP’s new default firewall is more resistant to intrusion attempts, I will stick with TPFW.
I have used this firewall since it came out. Minimalist install, 2.5 mb in total, simple to configure and extremely reliable. The XP firewall is faster, as all of the commerical firewalls take a while to start up with your computer, but Tiny is the best for people who love simple, efficient tools.
Having said all of that, even as a dedicated microsoft fan, I am slowly migrating my main applications away from bloated IE, Outlook, and anything else that sucks more than its worth.
I’ll continue using office xp for a while until probably the next release of open office, however I did install open office 1.1.x.x and its quite impressive and very useable.
Long live microsoft! In whatever form it may take
– Microsoft Fan
I like the sound of this, because how would users know which ports to open? Therefore they can allow a list of programs to be authorized, and windows xp will know what to do.
Do other firewall apps work like this too?
I’m not sure how many do, because I haven’t used all of them, but I know that Norton’s software firewall works this way.
Still, I won’t give up the firewall capabilities on my cable router. I like knowing that certain things won’t even get to my box for the software to decide whether or not it will let it through. I’d do the same regardless of what operating system my desktop box was running.
Personally, although I think it’s sad that Microsoft’s taken so long to even start to catch up with the competition in this area (web browsers), I also think there are other ways to look at it. Microsoft’s always given developers the ability to use the IE controls in their own applications. It should have been relatively easy for a developer to build a new front-end for IE that had things like tabs and pop-up blockers, or even, like google did, to develop toolbars for IE that offered these features. IE itself is a very small wrapper that hooks into a set of controls and APIs that should be relatively easy to use for anyone, and the simple question is whether or not someone could replicate the existing functionality and add to it without bloating the code (in other words, make a new interface for IE with the same features without it being bigger and more CPU/RAM intensive than IE itself, and then add to it without significantly increasing the overhead).
Personally, I’ve never even tried, but then that’s probably because I was using Firebird before I really thought that tabbed browsers mattered. Now, whenever I’m in IE I find myself hitting CTRL+T or looking for the ‘Open in New Tab’ option in the context menu when I right-click on links, only to find that I’m in the wrong browser. Microsoft will now have to play catchup, and then surpass Firebird, before I will use and recommend IE again for anything but the most flawed websites that I absolutely must visit. The latest installer for Firebird also goes onto my ‘bag-o-tricks CD’ that goes with me for every installation or troubleshooting trip to a friend or relative’s house.
I’ve already fixed the “malicious e-mail attachments, malicious Web content” problems on my XP systems by not using Outlook, Outlook Express, or Internet Explorer…
Three cheers for Thunderbird and Firebird!
– chrish
Win XP Professional is amoung the best operating systems on earth.
except for mac os x, which is better in literally every way.
Lets look at microsoft’s minimum system requirements
Windows 2000:
133 MHz or higher Pentium-compatible CPU.
At least 64 megabytes (MB) of RAM; more memory generally improves responsiveness.
Windows XP:
PC with 300 megahertz or higher processor clock speed recommended; 233 MHz minimum required
128 megabytes (MB) of RAM or higher recommended (64 MB minimum supported; may limit performance and some features)
ok. you tell me which is slower then.
Lets look at microsoft’s minimum system requirements
If you cut XP down to 2k standards graphically and tweak it to cut down on the CPU and RAM overhead you should find that you can get the system running quite well on a below-minimum system. That being said, I, personally, wouldn’t actually run either OS on anything below XP’s recommended system requirements.
Once you get to more modern hardware specs, you can run XP with all the graphical candy you want, and, with the right performance tweaks, have a system that’s just as fast as 2k and feels more responsive (not to mention starts up 4-10x faster from a cold boot). Of course, many of the ‘right’ tweaks for XP are the exact same tweaks you would make on a 2k machine if you were using it for the same purpose. These two versions of NT (2k (5.0x) and XP (5.1x)) are roughly the same underneath the gloss, and some of the changes in XP do lead to an overall faster system.
A late response, but required.
Ok, I hate to burst your bubble, but if you have spyware or adware on your computer then it is your own fault, flat out. There is no flaw in IE that will automatically download this spyware, you have to do it yourself.
So what you’re telling me is that all these people who I help out who have 70-250 pieces of Spyware on their computers according to Adaware or Spybot S&D, downloaded each piece on their own?
Of course, there is no flaw to “automatically” download Spyware. You don’t just startup IE and *boom,* Spyware’s on your computer. But there are lots of tricks that web designers can use to install Spyware on your computer–IF IT’S RUNNING IE–simply by visiting a website. Porn/Warez sites are notorious for this, but many other sites do it as well. A web designer shouldn’t have the ability to install something on your computer without you knowing. But IE gives web designers that ability, through a variety of bugs and explots.
Case in point: I went to a site to find a NO-CD crack for Warcraft III when I was at a LAN party and didn’t have enough CDs to go around. When I went to this website I found on Google, I’d notice IE would freeze up. I had a feeling Spyware had been installed. I did a search on my computer for recently changed files and found some folder in my Program Files directory with a proggie called “msbb.exe.” (Search Google, it’s a nice piece of spyware). After I used Adaware to remove it, I went back to the same site MONITORING my Program Files directory, and I literally saw the folder being created without any information from IE. This is not how a fucking WEB BROWSER should work.
So, not to be trollish in my response, but CPUGuy, you really don’t understand anything if you think IE is not at least a bit at fault for these kinds of capabilities for spyware/adware delivery. And the fact is, I’ve found spyware/adware on EVERY SINGLE Windows computer I’ve encountered. I’ll take my conclusion over yours because at least mine is substantiated, while yours is just some Microsoftie nonsensical defense.
CPUGuy == wrong.
There are many many undocuments exploits in IE.
There were over 30 IIRC at http://www.pivx.com/larholm/unpatched/, however PivX decided to not list them anymore (read more at the site).
So CPUGuy, you are misinformed. Do not trust Microsoft, especially their insecure software.
im am with CPUGUY,
you would have spy/blow/worms/viroses/stealingware only if you want. Shouldnt be Microsoft the responsible and eligeble for that. They are the vendor, they just make their right profit from what they sell, its users matter to deal and disable the outof the box enabled features. Theres no way that stuff can be installed on your puter without your consent.
Its my and this dude’s opinion too :>
http://irc.evtek.fi/urllog/2003/12/15/ilmainen_softa_on_parasta_net…
macgeek: I didn’t say IE had no flaws in it, but simply put, IE will not allow an application to install without user knowledge, unless of course you manually turn down all the security settings.
Also, PivX does not list them anymore because most were fixed with IE6.
The pivx list was outdated, many of the vulnerabilities have been patched a long time ago — but pivx never updated that fact.
That’s why the list was pulled.
pixelmonkey,
What do you expect? You went into a game hacker’s website. That’s like downloading kazaa and then blame Microsoft for the spyware.
After I used Adaware to remove it, I went back to the same site MONITORING my Program Files directory, and I literally saw the folder being created without any information from IE.
I have to wonder a couple of things here:
1) If had previously downloaded some ActiveX control (clicking ‘Yes’ on the dialog) that allows these morons to install stuff on your machine everytime you hit the site, or …
2) If this was a result of some exploit that had already been patched.
I would be interested to know if you installed WinXP clean and downloaded all the latest patches and then hit the site, if the same thing would happen.
“I would be interested to know if you installed WinXP clean and downloaded all the latest patches and then hit the site, if the same thing would happen.”
Yeah, and I’d like to know why it’s necessary to keep patching closed source software which is theoretically more secure because it’s closed source. I’d also like to know why a company that hires only from select schools, finds some of the brightest programmers out there, pays them well and expects them to put in ungodly hours can put out software which is constantly being invaded by “script kiddies”, spammers and spyware companies.
People who are on broadband, no doubt, don’t mind all this downloading, but for those burdened with dial up, it is much more tedious.
Yeah, and I’d like to know why it’s necessary to keep patching closed source software which is theoretically more secure because it’s closed source.
The original poster was attempting to claim that a company could use an unpatched exploit in IE to install software on your machine without you having willfully accepted an ActiveX control that allowed this to happen. And then to counter, you bust out with the usual political tripe.
Not that your points are not valid, but they have absolutely nothing to do with what I was talking about.
“And then to counter, you bust out with the usual political tripe.”
First of all, the thread is about patches. Second of all, you didn’t really have to answer, it was basically a rhetorical question.
Thirdly, I would like to know why a complaint about Microsoft’s products always gets this kind of response. Tripe, you say? Why? It’s not fair to question Microsoft’s products in a Microsoft thread? I keep seeing people apologizing for Microsoft in here, and I don’t understand why. A company with that much money and that much marketshare shouldn’t need people to come to its rescue, but people still feel compelled to do so. I don’t come in here trolling, and I’m not a zealot, I ask questions that I think are fair and yet time and time again, I get the same response from Microsoft people. I see you defending Microsoft so I figure maybe you can answer my questions. That’s all there is to it.
First of all, the thread is about patches. Second of all, you didn’t really have to answer, it was basically a rhetorical question.
The reason why I answered is because you quoted me directly.
Thirdly, I would like to know why a complaint about Microsoft’s products always gets this kind of response.
The reason why I gave you that response is because you quoted me directly, but your response had absolutely nothing whatsoever to do with what I asked. What I wanted to know is if he could reproduce the same behavior on a clean system that was fully patched, and you went on this whole anti-MS tirade that had nothing to do with what I am talking about.
Personally, I don’t defend MS. I think they’re about as ethical as the rest of Corporate America – I just get tired of people using political arguments in such a way as to delibeerately distort the facts or completely change the subject when they hear something they don’t like.
there absolutely no evidence that open source software is secure than closed source. frequently people cite one vendor (microsoft) as representative of all closed source software. i’d like to cite sendmail as representative of all open source software than. what makes software more secure is a combination of resource, critical mass, technical talent and a swathe of points you find in both worlds.
IE is much faster than Firebird…
Give it up! No matter how many updates they do, it will be as secure as a bank without a vault!
My security settings were at the Microsoft default. I think it was a bug that was later patched. This exploit occured/was witnessed last summer, iirc. I think lots of IE patches have come out since then, most of them with descriptions like “Prevents malicious programmer from gaining complete control of your computer.” *cough* Let me just clear my throat. Let me respond to a couple of claims:
(1) Going to a “game hackers” website and then being victim of an exploit != in any way, shape, or form, installing Kazaa on my computer and complaining to Microsoft. Delivery of programs OVER the web without me EXECUTING a file (i.e. an exe) as an Administrator is only MADE POSSIBLE by Microsoft’s wonderful “technology” in IE. These are bugs. If I’m a web surfer, and it can happy to me at Mr. Game Hacker’s website, then it can happen to me at ANY website.
(2) meep: I agree that Firebird is slower than IE on newer machines. But it is actually faster than IE on old machines, like those in the 166-233mhz range. Also, don’t confuse speed with startup time (although I agree with you, on my 2Ghz monster, IE starts faster and runs faster). On the 166 I’m talking about, IE took about 20 seconds to start and would constantly freeze. Firebird took about 5 seconds to start and worked solidly.
(3) MOST IMPORTANTLY…regarding “political” arguments. I have great respect for various MS technologies (.NET and VS.NET come to mind immediately). And I like the progress MS has made in stability and security with Win2K/XP. But I simply find it repulsive that Microsoft has neglected to take care of its web browser, Internet Explorer. Let’s all go back in history and remember that Microsoft’s browser BEAT Netscape’s not because Netscape had a worse browser but because Microsoft gave its mediocre web browser away for free. Let’s also remember that Microsoft repeatedly violated W3C standards so that nowadays the W3C has to sometimes _morph_ standards TO IE, not the other way around (as it should be). Microsoft makes no money off IE, and so all you brainless MBAs say, “it makes sense they don’t maintain it.” No, it doesn’t make sense. It’s unethical. It’s not a matter of politics, it’s a matter of social responsibility.
If I give a car away for free, and advertise it as a free car one can drive safely, and then lots of people get into accidents because after 10,000 miles your tires explode, I do not AVOID the responsibility for those cars simply because I gave it away for free.
A company as rich as Microsoft not only has the responsibility to maintain IE properly, but it has the capability to do so easily. This is what is so disgusting. And if I were a web surfer, I’d stop defending Microsoft and start asking for some changes. Why am I the enemy? I just want the browsing experience of 90% of this EARTH to be better. Don’t you?
its about time internet explorer had an update. I use netscape at the moment (7.1) and its got an excellent intergrated pop-up blocker. It really does make browsing the net more convenient!