Bonum Certa Men Certa

Microsoft Breaks the Law by Not Patching Windows as Per the Agreement

Balance



Summary: Microsoft's legal obligations are hanging in the balance while Windows 2000 does not receive security patches

ABOUT a month ago we showed that Microsoft broke its contract with the customers by refusing to patch Windows XP. As it turns out, Microsoft is doing this with Windows 2000 as well.



Our reader Ryan, who is a former Microsoft MVP and an expert in this area, wrote in IRC: "You should drive home a point that you aren't when talking about Conficker and its brethren. Windows 2000 will be TEN YEARS OLD on February 17, 2010, and still manages to get at least a dozen security patches a month, even now. It's a good way to point out that no matter how many patches you install, there's always more vulnerabilities. Several thousand of them have been patched in Windows 2000 and it's still regularly patched. You would think that the patch rate would have slowed down and the OS would have more or less settled by now, but it's going to be patched from birth to abortion. You should also mention that companies won't necessarily throw out Windows 2000 on their systems just because it's out of support. From Wikipedia: 'On 8 September 2009, Microsoft skipped patching two of the five security flaws that were addressed in the monthly security update, saying that patching one of the critical security flaws was "infeasible".[93] According to the Microsoft Security Bulletin MS09-048, "The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4 to eliminate the vulnerability. To do so would require rearchitecting a very significant amount of the Microsoft Windows 2000 Service Pack 4 operating system, [...] there would be no assurance that applications designed to run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system."' Windows 2000 not only shares all the vulnerabilities in XP, Microsoft has started refusing to patch some while the damned thing is still supported (to try and force an upgrade). It's not the first time that Microsoft has refused a security patch for operating systems still in support, they left some critical Windows 98 and Windows NT 4 vulnerabilities unpatched, with a year left on the support lifecycle.

“In other words, Microsoft can flagrantly violate the hell out of their side of the agreement, but don't you dare to step out of line or install Windows on two systems with one license.”
      --Ryan
"Windows 2000 is supported until July of 2010, meaning that per their support agreement, every security patch should be delivered on until then, so they're violating their own support agreement, but insisting that you obey your obligations under their EULA. This is kind of like the times Microsoft was found violating their side of the privacy agreement in Windows Media Player 7 (they probably still do). In other words, Microsoft can flagrantly violate the hell out of their side of the agreement, but don't you dare to step out of line or install Windows on two systems with one license."

Fewa responds with: "Microsoft has always been an outlaw corporation. They only obey the laws that benefit them and disregard those that would dare limit their greed of monopoly. They even wish to impose on other those laws. It's not just that; of course having the government totally hijacked for 6 years did not help. The democrats got a majority in 2006 (in the house)."

"8 years," insists Ryan, "and I'd argue that they still do. Obama has packed the DOJ with more RIAA mafia types." Here is a collection of references.

Ryan is not optimistic. "They're one of the richest companies and have hundreds of lawyers," he says. "You could sue them, in theory, but they could just stall forever."

To summarise, writes Ryan: "What kind of confuses me is that according to Microsoft, breaking their EULA is "illegal", but when they break their side of the agreement it's OK as long as they can say "It would have been too much work to close that critical patch on Windows 2000." It would be like me saying "Well, I installed the same copy of Windows on ten computers cause it would have been too much of a strain on my finances to buy 9 more licenses"; Same defense they're trying, too much of a strain on limited resources, so it's OK to break the agreement."

In other news, Microsoft's cryptology is broken again.

Microsoft releases fix for crypto patch



[...]

The ocsasnfix.exe (direct download) program is to fix the glitch both in the client and in the server. In a knowledgebase article, Microsoft describes how to run the program and what other actions may need to be taken.


Perhaps Microsoft could not just disable the features this time around [1, 2].

Comments

Recent Techrights' Posts

If You Don't Control Your Online Platform, Then Someone Else is Controlling You
be (or become) independent
The Solicitors Regulation Authority (SRA) Has a Policy on Racism and Sexism
In then future we'll show the misogyny and racial slurs
Links 22/09/2025: Murdochs Might Join Fentanylware (TikTok) 'Investors' (Masters), United Kingdom Recognises Palestinian Statehood
Links for the day
The 50-Pound Note Experiment and the "War on Cash"
Britain is actually seeing a rebound in cash payments, and it's not a temporary phenomenon
 
What Scares Them the Most is Independent News Sites That They Cannot Control and Censor
Wikileaks was a good example of this
Oracle Started This Year With Slop. Then It Stopped.
Passing fads are like this
Distros That Run on PCs Made 20 Years Ago and Don't Use Systemd
Betas for now
The Complaint About Brett Wilson LLP - Part I - Abusing British Women on Behalf of American Men Who Abuse American Women
Transparency is important to us, so we've decided to make this series
Slopwatch: Google News and the Evident Slopfarm Infestation
This is what people get about Linux when they query Google for Linux
Gemini Links 22/09/2025: Esperanto Music History and Apps For Android
Links for the day
Links 22/09/2025: More American 'Censorship' (Retaliation for Journalism), Cheeto "Might Be Losing His Race Against Time"
Links for the day
The Blob Slop
Give me more words, give me some text
Slopwatch: Blaming the Victims for Microsoft's Failures and Plagiarising Phoronix
That's what Google has been reduced to: slop and slopfarms
Links 22/09/2025: Breaches, Windows TCO, and Arrests
Links for the day
Gemini Links 22/09/2025: Rabbit Hole and DeGoogling Fairphone
Links for the day
Links 22/09/2025: Russian War Planes Invade NATO Airspace While Dihydroxyacetone Man Escalates Attack on Free Speech Because of Critics
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 21, 2025
IRC logs for Sunday, September 21, 2025
Links 21/09/2025: "Hey Hi" (Hype) Under Fire, Fakes Identified; Tesla Burns Family
Links for the day
Google's Software is Malware and Malware in Mobile Devices
Originally posted by Rob Musial
Links 20/09/2025: Hegemony Coming to a Close, Luigi Mangione Ruled Not Terrorist
Links for the day
Gemini Links 21/09/2025: "Charlie Kirk Was a Hateful Piece of Shit" and Slop Code Attempted by Microsofter
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 20, 2025
IRC logs for Saturday, September 20, 2025
Gemini Links 20/09/2025: Snowy Photos and utism is a Spectrum
Links for the day
Microsoft-Sponsored Xenophobia and Nationalism
IBM is very similar in this regard
Vintage is Sometimes Better
Why can't we get back to "simple" if (or where) "simple" means better?
Climate Breakdown Means We'll be Publishing More, Not Less
Press freedom will be a common, recurring theme
Our 5-Year Geminispace Anniversary is Coming Up
I still remember when Gemini Protocol was quite new
It's Right to Point Out Violence From the Right
Violence is a recurring theme
Tentative Summary of Things to Publish in Project 2030
I'll still be in my forties by then
Web Browsers That "Do Hey Hi" (AI)
State-of-the-art plagiarism or "autocomplete on steroids" (not coined by us, nevertheless a nice description) don't have much/any prospect
Links 20/09/2025: Hardware Projects in View, Some Independent Publishers About Russia Prosper After Cheeto Cuts Funding
Links for the day
Gemini Links 20/09/2025: Options and TV Time Machine
Links for the day
Links 20/09/2025: Retrocomputer, Antique Phone Experience, and More
Links for the day
Links 20/09/2025: Internet Shutdowns, Media Censorship, and Climate Worries
Links for the day
About 700 New Gemini Capsules in 13 Months (or 54 Per Month)
4.8K would represent a 20% increase
Rust People: Drain the Swap, You're Holding It Wrong
Does Rust make sense?
Techrights the Name Turns 15
About 6 weeks from now we turn 19
Microsoft is Running Out of Time and Floating Fake Figures, Fake Projects, Fake Narratives, Fake Excuses
Also, a lot of Microsoft's "revenue" claims are circular financing (i.e. Microsoft buying from itself, which means Ponzi-like fraud)
Slopwatch: LinuxSecurity, linuxconfig.org, and Plagiarised Phoronix
Many articles out there are nowadays fake
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 19, 2025
IRC logs for Friday, September 19, 2025
Gemini Links 20/09/2025: Navigating the Pressures of Modern Life and SpellBinding Accidentally Wrote Another Gemini Server
Links for the day