EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

09.15.09

Is Microsoft Making Windows XP Illegal for Use on the Internet?

Posted in GNU/Linux, Microsoft, Security, Vista 7, Windows at 9:01 am by Dr. Roy Schestowitz

Windows XP wallpaper style
Bad firewall

Summary: As ISPs may prepare to require full patching as a precondition to connecting, what does Microsoft’s refusal to patch actually mean?

THE PREVIOUS post showed that Windows is now at risk of being kicked off the Internet if it cannot be properly secured (it hardly can). This gets worse though.

Mentioned the other day was the fact that Microsoft is leaving Windows XP vulnerable with no intention of patching known security bugs. That, by definition, may render Windows XP unsuitable for use on the Internet; it cannot ever be made fully patched and since there is no access to the source code, only one company rules on the matter. As the debate carries on, Slashdot reveals that Microsoft is indeed saying “no” to patching of XP.

Microsoft says it won’t patch Windows XP for a pair of bugs it quashed Sept. 8 in Vista, Windows Server 2003 and Windows Server 2008. The news adds Windows XP Service Pack 2 (SP2) and SP3 to the no-patch list that previously included only Windows 2000 Server SP4. ‘We’re talking about code that is 12 to 15 years old in its origin, so backporting that level of code is essentially not feasible,’ said security program manager Adrian Stone during Microsoft’s monthly post-patch Webcast, referring to Windows 2000 and XP.

Here is the newly-cited report.

Microsoft late last week said it won’t patch Windows XP for a pair of bugs it quashed Sept. 8 in Vista, Windows Server 2003 and Windows Server 2008.

The news adds Windows XP Service Pack 2 (SP2) and SP3 to the no-patch list that previously included only Windows 2000 Server SP4.

[...]

The bugs in question are in Windows’ implementation of TCP/IP, the Web’s default suite of connection protocols. All three of the vulnerabilities highlighted in the MS09-048 update were patched in Vista and Server 2008. Only two of the trio affect Windows Server 2000 and Windows XP, Microsoft said in the accompanying advisory, which was refreshed on Thursday.

[...]

During the Q&A, however, Windows users repeatedly asked Microsoft’s security team to explain why it wasn’t patching XP, or if, in certain scenarios, their machines might be at risk. “We still use Windows XP and we do not use Windows Firewall,” read one of the user questions. “We use a third-party vendor firewall product. Even assuming that we use the Windows Firewall, if there are services listening, such as remote desktop, wouldn’t then Windows XP be vulnerable to this?”

Amazing!

Does that mean that Microsoft intends to stop sales of XP on all machines? What about the fact that Vista 7′s principal feature is virtualisation of XP? How can that be secured? What about the many existing users?

“What about the many existing users?”“Since Linux is faster and easier to use on the netbooks,” tells us a reader, “Microsoft is still shipping XP in order to hang on to the OEM monopoly. Yet at the same time the official party line is that there will be no patches for XP.

“Do you suppose Microsoft employees managed to lose or erase the source code for that part of XP?”

Could Microsoft be trying to urge people to abandon XP? If so, Vista 7 sure seems like a problem because not only does it rely on XP but it is already a problematic downgrade/upgrade (no genuine consensus or verdict on whether it’s an “upgrade” yet). Ars Technica claims that it can take an entire day just to move to this operating system, even on a fast machine. The source of the claim is Microsoft Corporation.

Microsoft: Windows 7 upgrade can take nearly a day

[...]

The biggest thing that stands out about this chart is the very broad range of the upgrade time: from 30 minutes to 1,220 minutes. That second extreme is not a typo: Microsoft really did time an upgrade that took 20 hours and 20 minutes. That’s with 650GB of data, 40 applications, on mid-end hardware, and during a 32-bit upgrade. We don’t even want to know how long it would take if Microsoft had bothered doing the same test with low-end hardware.

Assuming a wage of roughly $100 per day, the price of Vista 7 sure is higher than the price tag suggests. And what about the cost of insecurity?

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. IRC Proceedings: Wednesday, June 03, 2020

    IRC logs for Wednesday, June 03, 2020



  2. Social Engineering of Free Software, Based on Corporate Criteria

    What "professional" nowadays means in the context of coding and honest assessment of technical work



  3. Weakening GNU/Linux by Disempowering Its Leaders and Founders, Replacing Them With Microsoft Employees and GNU/Linux-Hostile Moles

    The coup to remove (or remove power from) Stallman and Torvalds, the GNU and Linux founders respectively, is followed by outsourcing of their work to Microsoft’s newly-acquired monopoly (GitHub) and appointment of Microsoft workers or Microsoft-friendly people, shoehorning them into top roles under the disingenuous guise of "professionalism"



  4. Sword Group Violates Its Own Commitment by Working for the EPO

    The European Patent Office (EPO) keeps outsourcing its work to outside contractors (for-profit private entities) to the tune of hundreds of millions if not billions — all this without any oversight



  5. In 2020 Canonical No Longer Fights for Freedom

    Freedom requires a GNU/Linux distro other than Ubuntu, which seems unwilling or unable/incapable of speaking about and promoting the ideals of GNU/Linux



  6. We Need to Use the F Word (Freedom) to Promote Adoption of GNU/Linux

    "People get the government their behavior deserves. People deserve better than that." -Richard Stallman



  7. People Who Want to Explore GNU/Linux With Ubuntu See This Today

    "Wait, am I in a GNU/Linux blog or another Windows blog," a visitor might think... or, is Microsoft 'taking over' messaging at Canonical? (Same with code)



  8. Links 4/6/2020: Septor 2020.3, Nextcloud and Blender 2.83

    Links for the day



  9. Hey, Where's Red Hat (IBM)?

    Red Hat is conspicuously silent at these critical times (in its home country); Must be too busy hailing and cashing in on Trump's military (state) while dishing out shallow and self-contradictory diversity PR/fluff…



  10. Microsoft's Latest Vapourware About Supercomputers

    Microsoft has spent almost two decades dropping supercomputers vapourware on the media, but those misinformation dumps always turn out to be 100% hot air, no substance



  11. 2020: A Time for Resolutions or Revolutions?

    There are nonviolent means by which the current system can be corrected; we need to convince peers and relatives to change the way they behave and not cooperate with unjust elements of the system



  12. IRC Proceedings: Tuesday, June 02, 2020

    IRC logs for Tuesday, June 02, 2020



  13. The Gates Press (GatesGate) -- Part I: Lost the Job After Writing an Article Critical of Bill Gates for Attacking Some Actual, Legitimate Charities (Because They Had Spread GNU/Linux)

    The sociopaths from the fake 'charity' of Bill Gates would go to great lengths to squash criticism and also to eliminate critics; this series tells the story of some of those personally affected



  14. Don't Fall for the Spin, Microsoft is Laying Off Workers and It's Not Just Because of the Pandemic





  15. All They Want is Litigation, Not Innovation

    It's getting difficult to ignore or to overlook the fact that the 'litigation lobby' (the likes of Team UPC and today's EPO management, guided by groups like the Licensing Executives Society International) doesn't care about innovation and is in fact looking to profit by crushing innovation



  16. Reminder: Microsoft Profits From Crushing Protesters for Donald Trump

    Don't lose sight of the fact that what's going on in the United States right now is very profitable to Microsoft



  17. No, GNU/Linux Isn't at 3% and Windows Isn't at Over 90%, Either

    This ludicrous idea that "Linux" (however one defines it) enjoys just 3% of the "market" is false and it should be treated as laughable spin (it is being widely promoted this week, often by Microsoft boosters looking to make charts where Windows stays at above 90% and Vista 10 is 'gaining'... at the expense of Windows)



  18. Links 3/6/2020: Devuan Beowulf 3.0.0 and Tails 4.7 Released

    Links for the day



  19. Links 2/6/2020: New Firefox Release (77), Debian-based MX Linux 19.2, KDevelop 5.5.2, GNU/Linux Growth on Desktops/Laptops

    Links for the day



  20. Techrights Can Figure Out Source Protection/Anonymisation Whilst Operating Very Transparently

    We're still quite radically transparent whilst at the same time enjoying 100% source protection record; we're also improving the software we use to publish more quickly and efficiently



  21. IRC Proceedings: Monday, June 01, 2020

    IRC logs for Monday, June 01, 2020



  22. This is How GNU Finally Dies

    "Brace for when GNU falls the way that OSI, FSF, FSFE, Mozilla, and the Linux Foundation did."



  23. Latest Microsoft Layoffs Spun as 'Innovation' (There's Always a Positive PR Angle)

    The public is expected to simply ignore the fact that Microsoft is laying off employees (again); instead we're expected to think it's all about Microsoft being very brilliant and innovative



  24. Microsoft Playing the Victim, Irrationally 'Hated' by Victims of Its Abuse

    We're meant to believe that those whom Microsoft bribes against are the opinionated 'haters' and Microsoft is a victim of 'hate'



  25. Links 1/6/2020: Linux 5.7, FOSSlife Born, LibreOffice 7.0 Beta1, Linux Mint 20 Making Early Promises

    Links for the day



  26. Linux Without Linus

    The Linux Foundation seems to be acting like Linus (Linux founder) is somewhat of a liability (forcing him to take a ‘break’ from his own project) while taking even the most notorious proposals from corporations, including those that called Linux a “cancer”



  27. What It Would Take for Linus Torvalds to Leave Linux Foundation Without the Linux Trademark and Without Linux

    It's nice to think that the founder of Linux can just take his project and walk away, moving elsewhere, i.e. away from the Microsoft-employed executives who now "boss" him; but it's not that simple anymore



  28. The Past Does Not Go Away, Except From Short-Term Memories

    People who are drunk on power and money (sometimes not even their own money) like to portray themselves as the very opposite of what they are; but in the age of the Internet it's difficult to make the general public simply forget the past and "move on..."



  29. IRC Proceedings: Sunday, May 31, 2020

    IRC logs for Sunday, May 31, 2020



  30. Links 1/6/2020: OpenMandriva Lx 4.1 2020.05, Linux Lite 5.0 Release, FreeBSD 11.4 RC2

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts