Microsoft has promised to patch a serious flaw in newer versions of its Windows operating system after hackers released exploit code that allows them to take complete control of the underlying machines.

Windows is insecure. That's a given. But, Microsoft does issue monthly security patches-the first Tuesday of every month on Patch Tuesday-for many of Windows' security problems. Now, however, there's a new security problem in Windows XP's TCP/IP networking that Microsoft has deliberately decided to leave unfixed.

According to Microsoft's Security Bulletin MS09-048, Microsoft has released a patch for "several privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. The vulnerabilities could allow remote code execution if an attacker sent specially crafted TCP/IP packets over the network to a computer with a listening service."

[...]

But, XP, excuse me, Microsoft is still selling XP, and it's used by not quite 72% of all Web-browsing users. Aren't a few hundred million users worth protecting?

I have no idea whether or not this is true, but all I can ask is "why?" As has been documented time and time again, ES&S's e-voting code has a ton of problems. Remember, these are the machines that have been found to have serious security vulnerabilities, with some serious bugs, such as adding votes to the wrong election, calibration problems that lead to people voting for the wrong candidate, and bugs that resulted in phantom votes.