Home > Windows > Microsoft putting final touches on Windows update Microsoft putting final touches on Windows update Eugenia Loli 2004-07-02 Windows 33 Comments Microsoft junkies have been waiting and waiting for Windows XP Service Pack 2, but it seems the end is finally in sight. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 33 Comments 2004-07-02 6:08 pm http://v5.windowsupdate.microsoft.com/v5consumer/default.aspx?ln=en… Advanced Show beta products and related updates Windows Update can offer you pre-released “beta” versions of products as they become available. 2004-07-02 6:15 pm They said in June that it would be out in July, here we are in July and the deadline is “within the next two months” 2 months from now is September, by then virus writes will have better things to do than make swiss cheese of XP’s default services, like attend school. 2004-07-02 7:51 pm “Microsoft junkies…” will soon be getting their fix! Pun totally intended For us power users who know how to lock down Windows as it is, SP2 is more of an inconvenience than anything else. 2004-07-02 10:49 pm it’s a lot easier to dload firefox than IE sp2…especially on dialup…and you get much more than a popup blocker 2004-07-02 10:51 pm I’m afraid that we’re no longer dealing with amateurs but rather mafias (such as coolwebsearch) with lots of money and sophistication 2004-07-02 11:00 pm I personally love firefox but I really like the way IE works when opening an new window such as when you press Ctrl+n. The reason is that IE takes you to the same current page and then copies the stack for the forward and reverse functions. It is really handy for me. I’m kinda excited to see what changes are in this service pack, if it makes configuring security locally and on a network better and easier I will be very happy. Also fixing the fact that you can’t rename your user or copy user profiles around is annoying, I’d like to see that fixed. 2004-07-02 11:50 pm The term “microsoft junkies” was used to both pimp microsoft as well as generate page hits. A company like Microsoft is not above paying people or companies to pimp them(and attack microsofts enemies as history has shown). Also keep in mind that the os news people worship page hits. If they do not have them then os news is in trouble. That is why alot of times you see trolls making thread starters… 2004-07-03 12:22 am Screw that! Ctrl+T gives me a new tab in Moz and I don’t clutter my workspace. 2004-07-03 12:34 am “I personally love firefox but I really like the way IE works when opening an new window such as when you press Ctrl+n. The reason is that IE takes you to the same current page and then copies the stack for the forward and reverse functions. It is really handy for me” Firefox does that too as it is an option. Go to Tools->Option->Navigator->Last Page visited. Default is blank page. 2004-07-03 3:10 am Hey Jeff, I think the “Clone Window” extension does what you’re looking for. You might want to check it out. http://www.pikey.me.uk/mozilla/?extension=cw There’s also a “Duplicate Tab” extension that does the same for tabbed browsing. http://www.twannos-extensions.tk/ I know it’s off the subject of Windows Update, but I’ve got to evangelize Firefox when I can. I hope this helps! 2004-07-03 1:22 pm Opera has the “Duplicate Window” feature. 🙂 2004-07-03 3:07 pm The new version of windows update blocks pirated windows to get updates 2004-07-03 4:01 pm The price of Windows Update service is included into the purchase price of the Windows. If a person did not pay for the service, Microsoft as a service provider has a full right not to provide Windows Update service to that person. 2004-07-03 4:22 pm I doubt it. Microsoft still seem to be under the impression that you can perform production line programming, throw money at the problem and do everything in-house. When you are doing a security review, and acting on it, you can’t do that. I’m sure we’ll see holes picked in these modifications to Windows within a few weeks, and all the application incompatibilities will have been for nothing. 2004-07-03 5:27 pm I’m sure we’ll see holes picked in these modifications to Windows within a few weeks, and all the application incompatibilities will have been for nothing. This statement just goes to show how ignorant you are of what’s going on. It’ll take a month or two. 2004-07-03 6:01 pm SP2 will not make Windows much more secure: for most of us it just enables common sense security settings and features currently present in Windows XP SP1. These features work for me. I know how to turn them on and I know what I am doing on the Internet. These features can not stop home user from downloading software spiced with spyware and installing it. They can not prevent user from installing porn browser accelerator that came as email attachment, promising to deliver porn many times faster. They can not stop home user from giving personal details when email from US CitiBank asks them to and points to Web site located in China to fill the form. They can not stop home user from opening ports in a firewall so that file sharing software works again. There are so-called experts recommending not to turn even Windows XP SP1 firewall on, if user follows their advise- Microsoft can’t do anything about it. They can not tell the truth about where really email came from: your friend or a worm abusing SMTP protocol. They can not force home user to install updates for Windows if user listens to so-called experts recommnding to disable automatic Windows Updates service. They can not protect user from viruses if user follows recommendations from so-called experts not to install Antivirus because it could degrade computer performance. +++++++++ Nope, security features from SP2 can not make Windows more secure than it is today. 2004-07-03 6:11 pm “I personally love firefox but I really like the way IE works when opening an new window such as when you press Ctrl+n.” Yeah, or in Opera hit Ctrl-Alt-Shift-N 2004-07-03 6:14 pm You bring up some good points in your post. However, the deal here is that this will happen regardless of what OS the user if running. Unfortunately, since the majority use Windows, we see most of the spyware issues with downloaded programs on Windows itself. Convert everyone to Linux or Mac OS, and we will see spyware become a problem on either OS. From my experience in ridding computers of spyware, I have found the majority of it comes from programs the user installed and downloaded themselves. This isnt a security issue since the user ALLOWED it to happen. There is a difference between the user knowingly executing a program with hidden spyware and one just making itself onto your computer behind your back. 2004-07-03 7:38 pm “Yeah, or in Opera hit Ctrl-Alt-Shift-N” man. thats going to hurt my arm 2004-07-03 10:18 pm man. thats going to hurt my arm Funny. I’d have though that you’d be used to it by now 2004-07-04 2:00 am I suppose that most people who are inclined to download, intall and put up with any incompatibilities of SP2 already have a firewall. The first thing I did after installing SP2 was disable Windows firewall so that I could still use zonealarm which is still superior. And yes I firewall off IE6SP2 (one good reason to use zonelalarm!) and only use firefox 2004-07-04 8:31 am Actually what you are listing is USER events. There are some OS events that SP2 will stop. Just a few… NX bit. If a memory page is marked NX it will not be possible to use for buffer overflow attacks. The user have nothing to do with this. Windows Firewall, will now, by default, stop outgoing connections and thereby be useful for even “prosumers” that today have other firewalls installed. Less services on by default and less dependencies on other services. Sure you can (and should) turn off some services but it is hard to change the dependencies. Don’t say that these things won’t make WinXP more secure, because that’s simply not true. WinXP can quite easily be made extremely secure for online use but the user will have to know what to do. Now, more secure default settings will do it for all users and thereby raising the bar for compromises and future worm-attacks. This is what XP should’ve been like from day 1. Better late than never. 2004-07-04 10:10 am NX bit is only available on the new x86-64 processors however. The problem for is that making IE more secure often means braking parts of webpages. I hope SP2 works better at this. 2004-07-04 3:13 pm NX bit Only available on AMD64 architectures currently. However, most of the software in SP2 has been compiled with Microsoft’s equivelant of Propolice, meaning that there is some addition stack smashing protection in there that users have nothing to do with. Windows Firewall, will now, by default, stop outgoing connections This isn’t true, from what I’ve seen. By default it runs on all network interfaces, it starts earlier in the boot sequence, and by default blocks all incoming traffic, but does nothing against outgoing packets. Less services on by default and less dependencies on other services. I have noticed that there are a few less services running out of the box, but I have also noticed that the number of dependancies has increased instead of decreasing. Also, RPC and dependant services like DCOM have been locked down (although are still required by Windows, in the case of RPC anyway), which along with the fireall and compiler changes will greatly reduce the risks associated with future slammer type attacks. In addition to things like IE’s spiffy new (and long overdue) popup bloacker (which is enabled by default), and tighter security settings (ActiveX controls no longer silently get downloaded and installed without the users knowledge), this certainly is a big step forward for the security of the Windows platforms. People who say that this will not significantly help the security situation for Windos XP, or who say that this service pack will only hinder their god-like abilities to secure their machines are pretty clueless, and are spouting uninformed non-sense. Security has not traditionally been one of Microsoft’s strong points, but this service pack is a tremendous step in the right direction, and from where I’m standing, the only (generally available) operating system that does better (and always has) is OpenBSD. Although desperately needed in Windows, this service pack is doing things that not many free UNIX-like OSes are doing to be secure out of the box, and it’s a shame that so many of you are willingly blinding yourselves to these facts. 2004-07-04 3:50 pm I, for one, would recommend to install SP2. No question about it. The problem is, security is the user problem, it is not resolved by the next Service Pack or by switching to the different OS. NX bit: good for servers running services exposed through open ports to the Internet, and for multiuser machines where non-priviledged user would try to become root/administrator through buffer overflow. Not very relevant to single user computers of home users. Windows Firewall: monitoring outgoing connections is for paranoid people. Most likely you are about to spot innocent application trying to do its job, like Windows Updates or Norton Antivirus “phoning home” to check for the list of updates available. If you already installed rogue software that wants to get out- you have a bigger problem. There are ways for rogue software running under Administrator account to force firewall open outbound port without user noticing. As soon as SP2 out: they all will try to do that. Less services on by default and less dependencies on other services: that one is cosmetic. With Windows Home SP1 firewall enabled, you need to run rogue software on your box to abuse services running. If you already have rogue software installed, you have a bigger problem. My point is: don’t expect miracles. Yes, SP2 would help those folks who are very unfamiliar with computers, unfortunately these same folks will be the first victims of scammers trying to bypass additional security. Finally, for Kingston: Pop-up blocker. I don’t have SP2 installed yet, but I have pop-up blocker. ActiveX controls: I doubt they are silently get downloaded and installed without the users knowledge. Not with the default Internet Zone settings. 2004-07-04 4:04 pm Pop-up blocker. I don’t have SP2 installed yet, but I have pop-up blocker. Now you’ll have a built in one (while using IE) that doesn’t further bloat the UI. ActiveX controls: I doubt they are silently get downloaded and installed without the users knowledge. Not with the default Internet Zone settings. Pre-service pack 2, the sure do. It’s a little problem jokingly refered to as “drive-by downloads,” and the new default settings in SP2 do fix them. 2004-07-04 5:56 pm well actually, allow of those user events are magnified by the Registry of windows. Spyware, Adware, malware, etc. all rely on the fact that the binary registry in windows is not searchable by mortals and is certain keys are not registered by a program, the program does not show up in add-remove so the user is left to wonder what the heck is going on. that kind of invasion is almost impossible in a Nix based system like Linux or OS X. 2004-07-04 7:01 pm I was so surprised by my lack of knowledge in respect to ActiveX controls settings that I went to my IE browser on XP Home SP1, to Security settings, changed it from Custom (which I have for extra security) to Default, and it says right on the screen: “Unsigned ActiveX controls will not be downloaded.” I also opened actual settings and find “Download signed ActiveX controls:” it is set to “Prompt.” IE can only download signed ActiveX controls silently if Web site belongs to the trusted zone (you must put it there manually) or there is a cross-zone bug in IE or you agreed to trust all content from a vendor who signed its controls. There are no drive-by downloads if default Internet Zone settings in IE are used and used does not agree to “trust all content” from some vendor. I am not sure how SP2 is going to improve that. By changing Download Unsigned Control setting in a Trusted Zone to “Prompt?” Cool, and might help, but I’ve seen people clicking OK on every prompt and dialog box just to get rid of them faster. SP2 sure won’t protect them. 2004-07-04 7:03 pm One word: rootkit. One statement: try to get rid of it if you can found it. One conclusion: clever hackers write code for NIX systems that can invade, can hide and can run. 2004-07-05 12:23 am Cool, and might help, but I’ve seen people clicking OK on every prompt and dialog box just to get rid of them faster. SP2 sure won’t protect them. Unfortunately true. 2004-07-05 4:17 am One word: rootkit. One statement: try to get rid of it if you can found it. One answer: rkhunter. http://www.rootkit.nl/ 2004-07-05 11:27 pm Right: even if you can find rootkit on your computer, this is what they tell you how to get rid of it: If your system is infected with an rootkit, it’s almost impossible to clean it up. Never trust a machine which has been infected with a rootkit, because hiding is his main purpose. A clean install of the system is recommended after backing up the full system. http://www.rootkit.nl/articles/rootkit_hunter_faq.html RTFM. No, really. 2004-07-07 1:12 am You’re such a fucktard. Linux distributions in general (as in admittedly not all of them) come “out of the box” with more services running than Windows HAS, and Linux users have indeed been hit by really nasty worms (eg. Lion worm). No viruses yet, sure, but patches can and do screw up people’s Linux boxes every bit as often as Windows patches bork Windows user’s machines. pritty Learn to spell.