Bonum Certa Men Certa

Microsoft Breaks the Law by Not Patching Windows as Per the Agreement

Balance



Summary: Microsoft's legal obligations are hanging in the balance while Windows 2000 does not receive security patches

ABOUT a month ago we showed that Microsoft broke its contract with the customers by refusing to patch Windows XP. As it turns out, Microsoft is doing this with Windows 2000 as well.



Our reader Ryan, who is a former Microsoft MVP and an expert in this area, wrote in IRC: "You should drive home a point that you aren't when talking about Conficker and its brethren. Windows 2000 will be TEN YEARS OLD on February 17, 2010, and still manages to get at least a dozen security patches a month, even now. It's a good way to point out that no matter how many patches you install, there's always more vulnerabilities. Several thousand of them have been patched in Windows 2000 and it's still regularly patched. You would think that the patch rate would have slowed down and the OS would have more or less settled by now, but it's going to be patched from birth to abortion. You should also mention that companies won't necessarily throw out Windows 2000 on their systems just because it's out of support. From Wikipedia: 'On 8 September 2009, Microsoft skipped patching two of the five security flaws that were addressed in the monthly security update, saying that patching one of the critical security flaws was "infeasible".[93] According to the Microsoft Security Bulletin MS09-048, "The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4 to eliminate the vulnerability. To do so would require rearchitecting a very significant amount of the Microsoft Windows 2000 Service Pack 4 operating system, [...] there would be no assurance that applications designed to run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system."' Windows 2000 not only shares all the vulnerabilities in XP, Microsoft has started refusing to patch some while the damned thing is still supported (to try and force an upgrade). It's not the first time that Microsoft has refused a security patch for operating systems still in support, they left some critical Windows 98 and Windows NT 4 vulnerabilities unpatched, with a year left on the support lifecycle.

“In other words, Microsoft can flagrantly violate the hell out of their side of the agreement, but don't you dare to step out of line or install Windows on two systems with one license.”
      --Ryan
"Windows 2000 is supported until July of 2010, meaning that per their support agreement, every security patch should be delivered on until then, so they're violating their own support agreement, but insisting that you obey your obligations under their EULA. This is kind of like the times Microsoft was found violating their side of the privacy agreement in Windows Media Player 7 (they probably still do). In other words, Microsoft can flagrantly violate the hell out of their side of the agreement, but don't you dare to step out of line or install Windows on two systems with one license."

Fewa responds with: "Microsoft has always been an outlaw corporation. They only obey the laws that benefit them and disregard those that would dare limit their greed of monopoly. They even wish to impose on other those laws. It's not just that; of course having the government totally hijacked for 6 years did not help. The democrats got a majority in 2006 (in the house)."

"8 years," insists Ryan, "and I'd argue that they still do. Obama has packed the DOJ with more RIAA mafia types." Here is a collection of references.

Ryan is not optimistic. "They're one of the richest companies and have hundreds of lawyers," he says. "You could sue them, in theory, but they could just stall forever."

To summarise, writes Ryan: "What kind of confuses me is that according to Microsoft, breaking their EULA is "illegal", but when they break their side of the agreement it's OK as long as they can say "It would have been too much work to close that critical patch on Windows 2000." It would be like me saying "Well, I installed the same copy of Windows on ten computers cause it would have been too much of a strain on my finances to buy 9 more licenses"; Same defense they're trying, too much of a strain on limited resources, so it's OK to break the agreement."

In other news, Microsoft's cryptology is broken again.

Microsoft releases fix for crypto patch



[...]

The ocsasnfix.exe (direct download) program is to fix the glitch both in the client and in the server. In a knowledgebase article, Microsoft describes how to run the program and what other actions may need to be taken.


Perhaps Microsoft could not just disable the features this time around [1, 2].

Comments

Recent Techrights' Posts

This is How Microsoft's XBox and Entire Consoles (If Not Gaming) Ventures Will Ultimately Die
Ensure you can blame "Tariffs" (politics)? If not "hey hi", the fashionable go-to excuse when businesses fail?
The Complaint About Brett Wilson LLP - Part II - UK SLAPPs for Americans, SLAPPs for Profit
Brett Wilson LLP has a track record of this kind
Cloudflare Gives Us All Another Reason to Boycott Cloudflare
If Cloudflare wants to use its vast surveillance network (which is what it does as a CDN) to foist paywalls and maybe something worse (like DRM on top), then Cloudflare should be more widely rejected as a company
Someone Expiring Certificates on the Day of the 9/11 Attacks is Not Someone I Would Want Controlling My PC (or Deciding What's Authorised for Booting)
"social justice warriors"
More Microsoft-Red Hat Cross-Pollination as the Company Loses a Managing Director
some people move from Microsoft to Red Hat and some do the opposite
 
Punching People Doesn't Work
It makes nobody any safer
Look Ma, No "Cloud"
So far this year we've had an almost perfect uptime
Links 24/09/2025: Autism Blame-Shifting and Typhoon Ragasa Enters China
Links for the day
Buying From Oneself is Not Business Success
This isn't at all a joking matter even if you already laugh at the whole thing because your pension, savings etc. are tied to this scam at some level
What They Really Hate David Heinemeier Hansson (DHH) for
Nothing to do with code
Smart People Won't Buy 'Smart' Cars
Imagine trying to sell someone a house (proper home) while insisting that it'll need to be demolished 5 or 10 years later, then rebuilt again from scratch on the same vacant lot
The Relationship Between IBM Red Hat and Microsoft, Visualised
This metaphor goes a long way (projects, collaborations, and outsourcing
The Complaint About Brett Wilson LLP - Part III - Spying on Reporters' Families, Chaining Cases for Microsoft Employees Who Demand Censorship of Facts (Even Politely Expressed)
the time seems right to wrap up this introductory series
Links 24/09/2025: "NASA Moving Out of Entire Buildings as It's Gutted" and Purge of Online Critics (Opposing Fascism Becomes Unlawful)
Links for the day
Science is Under Attack
Oligarchy prefers a dumbed-down population
The Solicitors Regulation Authority (SRA) Has Reportedly Failed People With Wrong Advice
At the moment the SRA has a PR blunder
The Man Suing Brett Wilson LLP and Gervase de Wilde (5RB)
Now he's probably using the (almost) 200,000 pounds he's supposed to receive to sue Brett Wilson LLP and former colleagues/partners
Slopwatch: A World Wide Web That's Rotting for Companies That Won't Even Exist in a Few Years
some of the junk Google News is promoting
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 23, 2025
IRC logs for Tuesday, September 23, 2025
Links 24/09/2025: Qt Creator 18 Beta, Microsoft Cannot Bail Out "ChatGPT" Anymore, China and US Intensify Censorship
Links for the day
Gemini Links 24/09/2025: Gemlogs and Politics
Links for the day
Links 23/09/2025: Japan Limits Uses of Skinnerboxes ('Smartphones') With Toxic "Apps", Fentanylware (TikTok) Tapped by "MAGAts"
Links for the day
Brett Wilson LLP Has Just Been Sued (by Their Own Clients!)
Vladimir and Alla Yanpolsky sued Brett Wilson LLP in BL-2025-001167 at the end of last week
Mayday: Optus emergency calling crisis
Reprinted with permission from Daniel Pocock
Links 23/09/2025: Massive Data Breach, Slop Versus Productivity, and Vista 11 Update Breaks Things Again
Links for the day
Code of Censorship
Extortion is peace
The Free Software Foundation (FSF) Has Un-cancelled the Best People, Just in Time for the Big 4-0
Mr. Oliva should have been there all along (since 2019)
Most "Modern" Technology Makes You Slower and Dumber
Because proprietary software makes you worse off
"What Comes After Free Software?" Wrongly Insinuates We've Reached the Goal (Prison is Not the Goal)
The oil tycoons use similar tactics against environmentalists, giving them fake "wins"
Making More Work Space
I learned the hard way that less is more in circumstances where more means distraction
MAHA is a Lie, Public Officials Never Valued Citizens' Health (They Still Value Private Businesses, Their Sponsors)
Reject demagogues
Free Software Foundation (FSF) Has a New Press Kit for the Weekend After Next Weekend (40th Anniversary)
miles better than social [sic] media [sic] quips, moderated by narcissists and oil tycoons.
Microsoft Had Two Waves of Mass Layoffs This Month (That We Know of) and It'll Get Worse for Microsoft Soon
Will the axe fall again by month's end?
Gemini Links 23/09/2025: Happy Equinox, Photronic Arts, and Perception Cognition
Links for the day
Lessons We've Learned After 17 Years of American Hosting
GAFAM is "all-in" with the "Trump agenda"
Back to Normal Now, We Plan to Do More In-Depth Series (or Multi-part Stories)
Articles (or series thereof) that contain philosophy are important to us
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 22, 2025
IRC logs for Monday, September 22, 2025
Microsoft Media is Panicking Amid Mass Layoffs Every Month, H-1B Fees, and "Seattle’s Tech Scene in Trouble"
In "late stage Microsoft", copyleft becomes proprietary
The Next Wave of IBM/Red Hat Layoffs Being Discussed Already
Red Hat is sort of disappearing the way Tivoli did
New Techrights Turns 2
Today starts the third year of the SSG-based Techrights
What Scares Them the Most is Independent News Sites That They Cannot Control and Censor
Wikileaks was a good example of this
If You Don't Control Your Online Platform, Then Someone Else is Controlling You
be (or become) independent
Oracle Started This Year With Slop. Then It Stopped.
Passing fads are like this
Distros That Run on PCs Made 20 Years Ago and Don't Use Systemd
Betas for now
The Solicitors Regulation Authority (SRA) Has a Policy on Racism and Sexism
In then future we'll show the misogyny and racial slurs
The Complaint About Brett Wilson LLP - Part I - Abusing British Women on Behalf of American Men Who Abuse American Women
Transparency is important to us, so we've decided to make this series
Slopwatch: Google News and the Evident Slopfarm Infestation
This is what people get about Linux when they query Google for Linux
Links 22/09/2025: Murdochs Might Join Fentanylware (TikTok) 'Investors' (Masters), United Kingdom Recognises Palestinian Statehood
Links for the day
Gemini Links 22/09/2025: Esperanto Music History and Apps For Android
Links for the day
Links 22/09/2025: More American 'Censorship' (Retaliation for Journalism), Cheeto "Might Be Losing His Race Against Time"
Links for the day
The Blob Slop
Give me more words, give me some text
The 50-Pound Note Experiment and the "War on Cash"
Britain is actually seeing a rebound in cash payments, and it's not a temporary phenomenon
Slopwatch: Blaming the Victims for Microsoft's Failures and Plagiarising Phoronix
That's what Google has been reduced to: slop and slopfarms
Links 22/09/2025: Breaches, Windows TCO, and Arrests
Links for the day
Gemini Links 22/09/2025: Rabbit Hole and DeGoogling Fairphone
Links for the day
Links 22/09/2025: Russian War Planes Invade NATO Airspace While Dihydroxyacetone Man Escalates Attack on Free Speech Because of Critics
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 21, 2025
IRC logs for Sunday, September 21, 2025