Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Why Microsoft Shouldn't Patch the XP Internet Explorer Flaw

Soulskill posted about 3 months ago | from the going-to-take-flak-one-way-or-another dept.

Windows 345

Hugh Pickens DOT Com writes: "Sebastian Anthony argues that Microsoft is setting an awful precedent by caving and issuing a fix for Windows XP. 'Yes, tardy governments and IT administrators can breathe a little easier for a little bit longer,' writes Anthony, 'and yes, your mom and dad are yet again safe to use their old Windows XP beige box. But to what end? It's just delaying the inevitable.' Lance Ulanoff argues that Microsoft can't turn a blind eye the security of XP users, even though the company ended support for the 12-year-old operating system on April 8, a fact that Microsoft has been warning about for, literally, years. But this won't be the only vulnerability found in XP, says Dwight Silverman. 'If Microsoft makes an exception now, what about the flaw found after this one? And the next? And the one after that, ad infinitum?' Even though Microsoft has released a patch for the IE flaw, and Windows XP is included, it's time to move on – really. 'I don't want to hear that tired "if it ain't broke, don't fix it" line. Hey, XP IS broke, and it will just get more so over time. Upgrade to a newer version of Windows, or switch to another modern operating system, such as OS X or Linux.'"

cancel ×

345 comments

Idiot (0, Troll)

Tough Love (215404) | about 3 months ago | (#46903413)

Thinks Microsoft's marketing agenda trumps internet security. Well, Microsoft needs more idiots on its side to help it rot faster.

Microsoft Opened Themselves Up for Lawsuits (2)

Jeremiah Cornelius (137) | about 3 months ago | (#46903625)

Now, every 0day that hits, and Microsoft DOESN'T patch XP, after product end-of-life? Deep pockets. Lawsuit. Precedent has been established. :-)

Re:Microsoft Opened Themselves Up for Lawsuits (0)

Anonymous Coward | about 3 months ago | (#46903993)

Not really. I don't think you have a law degree.

Re:Microsoft Opened Themselves Up for Lawsuits (1, Interesting)

Tough Love (215404) | about 3 months ago | (#46904039)

Maybe he doesn't, but I think he's right. What is the chance that nobody will sue Microsoft for, among other things, fraud? Does it say on the package that the product becomes unfit for use at time X? No? Fraud. Lawyers start panting.

Re:Microsoft Opened Themselves Up for Lawsuits (4, Informative)

Anrego (830717) | about 3 months ago | (#46904123)

Does it say on the package that the product becomes unfit for use at time X?

Like just about everything else sold these days, it comes with the classic "we don't guarantee shit" clause:

DISCLAIMER OF WARRANTIES. The Limited Warranty that appears above is the only express warranty made
to you and is provided in lieu of any other express warranties (if any) created by any documentation, packaging,
or other communications. Except for the Limited Warranty and to the maximum extent permitted by applicable
law, Microsoft and its suppliers provide the Product and support services (if any) AS IS AND WITH ALL
FAULTS, and hereby disclaim all other warranties and conditions, either express, implied or statutory,
including, but not limited to, any (if any) implied warranties, duties or conditions of merchantability, of
fitness for a particular purpose, of reliability or availability, of accuracy or completeness of responses, of
results, of workmanlike effort, of lack of viruses, and of lack of negligence, all with regard to the Product, and
the provision of or failure to provide support or other services, information, software, and related content
through the Product or otherwise arising out of the use of the Product. ALSO, THERE IS NO WARRANTY
OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO
DESCRIPTION OR NON-INFRINGEMENT WITH REGARD TO THE PRODUCT.

Re:Microsoft Opened Themselves Up for Lawsuits (2)

amicusNYCL (1538833) | about 3 months ago | (#46904009)

This is not a legal precedent. Read the Windows XP EULA if you want to see how liable Microsoft is for people using Windows XP after the end of life (or at all).

Re:Idiot (4, Insightful)

lgw (121541) | about 3 months ago | (#46903665)

There are a few people out there using XP because they think it's a cool, lightweight OS (mostly for gaming). That's a very geeky crowd who can likely manage on their own, until the "open source XP project" matures the was DOSbox did.

Pretty much everyone else left on XP is a company install needed because some important, expensive, hard to replace thing happens to need XP. If you've got some $50k equipment that's halfway through its 20 year useful life that needs XP, you have a PC somewhere running the XP you need. Microsoft's patching policies won't likely change that, one way or another.

Re:Idiot (1)

khellendros1984 (792761) | about 3 months ago | (#46903955)

Or, you're a grandmother, the computer-box is working like it always has, and you're afraid of changes that an upgrade would bring, don't have money for new hardware, etc.

Re:Idiot (0)

Anonymous Coward | about 3 months ago | (#46904051)

Or, someone like me, an individual user with software (Orcad Capture 9) that won't install on newer operating systems, and whose replacement costs on the order of $2000. Not something that I want to buy for occasional use, nor do I want to give up the schematics and component libraries that I've created over the years. I'm keeping an old netbook going, with the wifi turned off and the ethernet port unconnected. Most of my other computers use either Linux, FreeBSD, OSX, or a much more modern version of Windows.

Re:Idiot (1)

Tough Love (215404) | about 3 months ago | (#46904053)

There are a few people out there using XP because they think it's a cool, lightweight OS (mostly for gaming).

Doesn't that just make you shudder? I remember when things actually had to be cool and lightweight to be considered cool and lightweight.

Fuck Beta (0, Offtopic)

Anonymous Coward | about 3 months ago | (#46903427)

It's awful.

Is This Friday's Troll Topic? (2)

Bing Tsher E (943915) | about 3 months ago | (#46903435)

Guy on the Internet says "Shut Down XP."

Where are the crickets when we need them the most?

Re:Is This Friday's Troll Topic? (0)

Yahooti (3401115) | about 3 months ago | (#46903487)

Just gave up three mod points and have five more which I will abandon. This pop up crap has driven me away from this site. AMF

Re:Is This Friday's Troll Topic? (2)

CheshireDragon (1183095) | about 3 months ago | (#46903561)

I have over 200 I can loan for the moment...after that my Bearded Dragon and Chameleons will have a massive feast.

Re:Is This Friday's Troll Topic? (1)

MightyMartian (840721) | about 3 months ago | (#46903619)

I'm a guy on the Internet saying "Shut down XP", you insensitive clod!

Re:Is This Friday's Troll Topic? (0)

fustakrakich (1673220) | about 3 months ago | (#46903911)

Hey, no problem. You can have my XP when you ship me a free replacement, and it has to run Autocad.

Re:Is This Friday's Troll Topic? (2)

amicusNYCL (1538833) | about 3 months ago | (#46904027)

You paid for XP, why wouldn't you pay for the replacement?

Re:Is This Friday's Troll Topic? (0)

Anonymous Coward | about 3 months ago | (#46904035)

You can keep your outdated OS, just don't complain about how evil Microsoft is when you stop getting updates, especially when you had more than ample time to plan an upgrade. If you can't afford a new computer capable of running anything better, then go get a job at McDonald's for a month.

I would agree that releasing this to those who don't have a support contract this is a bad move on MS's part. They need to learn that MS is not always going to be there to breast feed them.

If they didn't they could be accused of sitting (1)

Anonymous Coward | about 3 months ago | (#46903439)

If they didn't they could be accused of sitting on it until past the cutoff date...

Besides, they had to develop the patch for 2008 (which is still supported) so there was no PR lost by not releasing it for XP which uses the same base system.

Re:If they didn't they could be accused of sitting (1)

Jody Bruchon (3404363) | about 3 months ago | (#46904037)

2008 before R2 is based on Vista. 2003 is based on XP.

Microsoft Has These Patches (5, Insightful)

Anonymous Coward | about 3 months ago | (#46903441)

Microsoft is already contractually obligated to program these patches for its thousands of paid XP support customers. It has the right to decide whether the bug is critical enough that the situation warrants releasing the patch to the general XP userbase for free.

Rest assured that Microsoft is not doing an iota of extra work on this front. It already has the patch. It will also have patches for every XP bug discovered for the next few years. It's just a question of how widely it wants to distribute each one.

Re:Microsoft Has These Patches (1)

mark-t (151149) | about 3 months ago | (#46903667)

Of course... the problem is that by having this patch available for XP users after the date that they supposedly weren't going to support XP anymore, they've set a precedent that people are going to *expect* microsoft to continue to issue patches for XP whenever security is involved.... forever.

Re:Microsoft Has These Patches (1)

ComputersKai (3499237) | about 3 months ago | (#46903747)

No one is going to take their warnings anymore.
Simply removing the support for XP without any exception, may force companies to actually begin paying attention to their security issues. However, Microsoft seems to fear for its own profit too much to force customers to go "cold turkey"

Who even uses IE on Windows XP anyways?

Re:Microsoft Has These Patches (1, Informative)

Jody Bruchon (3404363) | about 3 months ago | (#46904073)

Ford's Dealer Connect software requires Internet Explorer, as does Chrysler StarParts, so Ford and Chrysler dealers, for one. DIS [dis-corp.com] software requires IE too. None of these applications are cheap or easily replaceable. If the computer in use is still running XP, it'll be running IE on XP. (This of course raises the question: why haven't you replaced those boxes if you're running a multi-million-dollar business?) I recently replaced ten XP boxes in a business that uses DIS. IE on XP will be with us for a while yet.

Re:Microsoft Has These Patches (1)

Noah Haders (3621429) | about 3 months ago | (#46903761)

and maybe they should? this is an unprecedented case in the history of world computers or technology. who is to say what the right thing is?

Re:Microsoft Has These Patches (1)

Anonymous Coward | about 3 months ago | (#46903803)

People are not entitled to their noncontracted expectations.

Anyone can expect anything. I can expect a night of passionate lovemaking with Natalie Portman and Scarlett Johansson.

Doesn't mean I'll get it.

Re:Microsoft Has These Patches (3, Insightful)

Xeno man (1614779) | about 3 months ago | (#46903871)

My god, it's barely been a frigging month since support ended and now they have set a president? I don't think so. It's no different than any other company that makes exceptions for just out of warranty.

It's like having a car with 100,000km warranty and at 100,500km the gas tank falls out. They have every right to tell you its not covered but most decent dealers will cover you because it's either a know issue or because they want to treat you right as a customer.

This is no different, the patch was being made regardless and the seriousness of the problem warranted a release. It just happen to fall just on the other side of an arbitrary date. Nothing special has occurred here.

Re:Microsoft Has These Patches (2, Informative)

Stormy Dragon (800799) | about 3 months ago | (#46904121)

If I invite you over to my house for dinner, that doesn't create an obligation to feed you every night.

Re:Microsoft Has These Patches (1)

LVSlushdat (854194) | about 3 months ago | (#46903711)

yup.. and I *strongly* suspect there will be a "leakage" of these patches, probably into a downloadable disk image that those who stay with XP will be able to obtain fairly easily.. of course, mom+pop XP user, likely not so much.. but for those in the know, who, for whatever reason, hasn't dumped MS for something better (hint: Linux)... They'll be able to find these patches fairly easily. Of course, MS will slap any site down that carries these "unauthorized" patches, but then the game of
"Whack-A-Mole" comes to mind...

Re:Microsoft Has These Patches (1)

amicusNYCL (1538833) | about 3 months ago | (#46904061)

You think there is going to be an active community of people fixing flaws in Windows XP? Why would anyone do that? Moreover, how would anyone do that? It's not like they have the original problematic source code for core files, how can they patch things without knowing that they aren't breaking something else?

Re:Microsoft Has These Patches (1)

Noah Haders (3621429) | about 3 months ago | (#46903741)

I think the issue is a little more different than you suggest. ms made a patch for win 2008 anyway. can you imagine if ms decided not to release it and there was xp havocs from a viruss? there would be horrible press.

IE or XP (1)

magarity (164372) | about 3 months ago | (#46903449)

I thought it was an Internet Explorer patch made available to XP users through XP's auto-update. This is a big difference from an XP system patch.

Re:IE or XP (1)

jonwil (467024) | about 3 months ago | (#46903743)

Except that (as Microsoft argued at the various anti-trust proceedings) Internet Explorer is part of the OS and cant be separated from it. So this IS a "system patch". Also, this is not really a patch to "Internet Explorer" but (from a quick look at the patch exe) a patch to mshtml.dll (the HTML rendering engine used by Internet Explorer and other things) which is very much part of the OS.

Re:IE or XP (0)

Anonymous Coward | about 3 months ago | (#46903751)

Exactly. This is not a Windows XP patch, it's an application patch. The two are not connected.

Re:IE or XP (1)

Billly Gates (198444) | about 3 months ago | (#46904113)

XP

MS should fix IE for Windows Vista and higher. There are repurcussions for not following manufacture guidelines. MS was more than fair with XP

just can't win... (0)

Anonymous Coward | about 3 months ago | (#46903451)

Microsoft ends support for Windows XP, Microsoft gets criticized for abandoning an aging OS that is still used by many people.
Microsoft decides to help XP users one final time, they get criticized for still supporting an aging OS. Damned if you do, damned if you don't.

Re: just can't win... (1)

cyber-vandal (148830) | about 3 months ago | (#46903579)

Given that their monopoly abuse is what led to this clusterfuck they should provide patches until the end of time.

Re: just can't win... (-1)

Anonymous Coward | about 3 months ago | (#46904093)

Enough with this "monopoly abuse" shit. No one cares. It was just a delusion by 90's geeks who needed a big evil to fight against. Only a retard would think that releasing crappy software (of which they are definitely guilty!) is evil. I cannot think of anything that is more pathetic than getting pissy at a company that arranges fucking numbers around getting more people to use it's numbers than your uglier numbers that was designed for stuff that 99% of people never cared about. Linux failed on the desktop because no one wanted it, because the only talking point you dorks ever had was "it's freeeeeeeee!". Again, no one cares. Fuck free software. Fuck Microsoft too, but especially fuck you!

It's not about XP (0)

Anonymous Coward | about 3 months ago | (#46903453)

Hey, XP IS broke, and it will just get more so over time.

Software engineering isn't like civil engineering. Code doesn't break from sitting there, getting older.
This security hole was present in all versions of IE from 6 on.
The same will continue to be true in the future. Bugs they find in XP will be in the newer versions, too--since they haven't been fixed yet.
If they're fixing the bug anyway, why not roll out the fix to everyone affected?

Re:It's not about XP (1)

Anonymous Coward | about 3 months ago | (#46903709)

On a short timescale that's true... but in the 12 years since XP came out Windows has improved. Things like IE10/11, a built in thread pool implementation, replacing shitty direct show with slightly less shitty media foundation. IIRC a big chunk of the C++11 stuff is broken on XP. Grandma may not care about that stuff, but as someone stuck writing software for here I will be happy when XP support is something I don't need to worry about anymore.

Re:It's not about XP (0)

Anonymous Coward | about 3 months ago | (#46903821)

Users who are still on XP don't give a damn about the new software you're trying to sell them.

Really? (4, Insightful)

Alomex (148003) | about 3 months ago | (#46903465)

Does this idiot also let play kids with loaded guns because "that will teach them"?

I mean, sure don't fix minor flaws, we discontinued support, tough bananas if you keep on using it. But a major security flaw for which you already have the solution for? Anyone but a douchebag would release the patch.

Yep, patching 1 huge security != supported (4, Insightful)

raymorris (2726007) | about 3 months ago | (#46903523)

Agreed. Patching a major security hole isn't the same thing as continuing to provide regular support.

My company does something similar. We offer an option at purchase where you can choose to forego any direct support and save a few dollars. We've still contacted those customers in the rare case of a significant security update.

Re:Really? (0)

Anonymous Coward | about 3 months ago | (#46903573)

Does this idiot also let play kids with loaded guns because "that will teach them"?

I mean, sure don't fix minor flaws, we discontinued support, tough bananas if you keep on using it. But a major security flaw for which you already have the solution for? Anyone but a douchebag would release the patch.

The kids are already playing with guns, in this case. The safety of said guns is now *off.*

Microsoft put tape over the safety. I that a good idea? I'm not so sure.

Re:Really? (2)

228e2 (934443) | about 3 months ago | (#46903723)

Parenting fail.

If your kids are playing with guns, then as a parent you have failed. No simpler way to put it. You were warned not to let kids play with guns for literally years, and now April 8th came, you're still letting them play with guns. I think in this analogy its time for Child Services to come alleviate you of your kids, since you cant take care of them and have failed to follow simple. Don't give me that "its impossible, im too integrated into my ways". No, its possible, you failed to work that cost into your business logic.

No one wants to see children get hurt, but when their legal guardian has sit idly by for years after being lectured, its time to up the ante before that 0day shoots you in the face. This one might shoot you in the foot, but its a lot better than the next one which might be a face full of buckshot.

Re:Really? (0)

Anonymous Coward | about 3 months ago | (#46903889)

I totally agree. But then I'm a radical. If people want to use the software they paid good money for it is their right, but they paid with the intention that it would be safe and useable as long as they want to use it and so the company that profits form these payments should honor that until they close. The solution to that is to release the software into the open domain so that it can be taken up by (or sold to) some fringe company that will continue to research and release updates.

A few years ago I came across a group that was working on windows 98 and when I installed 98 to a virtual machine, ran all the updates and a few hacks I was really surprised at how useful it was. There are a few people around that still rely on win98 (old legacy hardware or proprietor software and hardware combinations add to that the list that just can't afford to upgrade) but run it isolated from the net and fairly crippled in most cases. I could see tweakers and techies having fun and possible forking these old windows environment if they were open. Not Windows XP though, MS would loose too much money they will have to keep the keys to that kingdom for at least another 3 years or until windows 9.

Re:Really? (1)

Flammon (4726) | about 3 months ago | (#46903949)

Running IE is like kids playing with a loaded gun? You're the idiot.

Re:Really? (1)

Capt.DrumkenBum (1173011) | about 3 months ago | (#46904023)

Running IE is like kids playing with a loaded gun?

You are right. IE is far more dangerous, than mere children with a loaded gun. :)
I don't have any kids... That is probably for the best.

Re:Really? (0)

Billly Gates (198444) | about 3 months ago | (#46904101)

They were warned for years and years and years to upgrade.

It is their fault. Home users yes I can see a message telling them to upgrade. But corporate IT departments these getting hacked [cnn.com] deserve some firings. Accountants included if they were the ones who did not give IT the resources to upgrade. Idiots.

No it is time to move on as running a full security center 24 x7, with hackers, security engineers, software developers, and kernel developers for 13 years costs billions for a silly $130 paid 13 years ago.

If you want security you need to pay for it. 13 years is plenty of time. It is 2014 now and time to move on if you knew about this.

Re:Really? (1)

Livius (318358) | about 3 months ago | (#46904147)

Anyone but a douchebag would release the patch.

Then why is Microsoft releasing it?

My mother just called a couple hours ago (-1, Offtopic)

I'm New Around Here (1154723) | about 3 months ago | (#46903493)

to see if her computer is safe. She has Windows 7, so I told her the Automatic Updates will keep her safe.

Re:My mother just called a couple hours ago (4, Funny)

Ralph Wiggam (22354) | about 3 months ago | (#46903571)

Please keep us updated on all conversations you have with your mother. Thanks.

Re:My mother just called a couple hours ago (0)

Anonymous Coward | about 3 months ago | (#46903577)

Why did you lie to your mother?

Re:My mother just called a couple hours ago (0)

zephvark (1812804) | about 3 months ago | (#46903651)

I told her the Automatic Updates will keep her safe.

Yeah, ummm... I tend to leave on Auto Updates for my Dad, too, and he's even got a god-awful antivirus product, but that's only because I think they might be slightly better than the alternatives, for him. I've seen more machines bricked by Automatic Updates and by McAfee/Norton products than by viruses.

Re:My mother just called a couple hours ago (0)

Anonymous Coward | about 3 months ago | (#46904025)

Windows 7 deleted -using GNU/Linux distro instead. (Automatic Updates will not prevent takeover)

Clueless (2)

NoKaOi (1415755) | about 3 months ago | (#46903525)

The author seems to have no grasp on why there's still so many XP installations out there. Sure, there are a bunch that are just because home users don't know better or offices don't want to spend a few hundred bucks to upgrade, and for those use cases where all that really matters are being able to edit Word documents and browse the web, then his ideas apply. Problem is, there are a ton of users that are using niche software, whose creators have either gone out of business or simply stopped developing upgrades, that won't work on anything other than XP. Upgrading would cost millions to a business and/or affect the work flow of the whole organization. For example, there's super-duper expensive hospital equipment that can only be run by software running on Windows XP. You can't air-gap it, because it has to be networked in order to move data around to actually be useful. Upgrading from XP means scrapping the equipment and spending 6-7 figures for just that one piece of equipment, which is otherwise still working fine. There's other systems that don't necessarily run hardware, but would cost 6-7 figures in implementation to switch systems, and not all businesses that use that software have that kind of spare cash so it's not necessarily that they are just being greedy.

Yes, this is a problem, no, I'm not saying it's okay, what I am saying is that not issuing security fixes isn't going to force those types of users to upgrade, it just means they'll be forced to use a system that isn't secure. You have to fix the culture of the vendors who make this shitware (where there are usually no alternatives) before you can force their users to upgrade.

Re:Clueless (1)

Anonymous Coward | about 3 months ago | (#46903623)

This is why you should never use consumer grade hardware/software for mission critical tasks. Have a mission critical task that relies on a certain bit of software? Better make sure you have a long term agreement on how that software will be maintained (access to source, perpetual support contract, defined software upgrade roadmap, etc.)

The "just toss it on because it's cheaper that way" plan is showing it's ultimate idiocy.

Re:Clueless (1)

NoKaOi (1415755) | about 3 months ago | (#46903883)

This is why you should never use consumer grade hardware/software for mission critical tasks. Have a mission critical task that relies on a certain bit of software? Better make sure you have a long term agreement on how that software will be maintained (access to source, perpetual support contract, defined software upgrade roadmap, etc.)

For many niche markets there simply isn't a choice. Often times there is only choice, and in other markets there might be 2 or 3 that suck equally. These types of vendors make incredibly shitty software that sucks too bad to upgrade, and the way they see it is that there's no incentive to spend money make it better if there's no competition forcing them to. In these cases the problem is those vendors, not the users. In other cases, a vendor may have been chosen because they met the most checkboxes on the requirements sheet that management had, even if there was a higher quality alternative at the time. It's easy to point at that problem in retrospect, but doesn't help the issue of not being upgradeable now. I'm not saying this is the case with everyone still using XP by any means, I'm trying to point out that the problem is not limited to Grandma who doesn't know how to upgrade.

Re:Clueless (0)

Anonymous Coward | about 3 months ago | (#46903645)

The author seem to have no grasp of a great many things. How the hell does this garbage end up on the front page?

and those systems are generally safe, when secure (0)

Anonymous Coward | about 3 months ago | (#46903713)

Yes, but those systems usually get taken off the internet and are solely used for that program. Have you ever stopped to think how those marketing research surveys are made? There are different means, but one of the most reliable and important measures is by having code in a web page's ad that request information from the browser. Considering most of those estimates peg XP at around 28%, that means over a quarter of all internet facing computers are XP systems that are still being used as general web browsing boxes.

Re:Clueless (2)

jonwil (467024) | about 3 months ago | (#46903789)

You cant air-gap it but you CAN make sure that it isn't connected to the Internet, just to a local hospital LAN so data can be moved off it. And you CAN make sure its not used for anything other than what it has to be used for.

Re:Clueless (0)

Billly Gates (198444) | about 3 months ago | (#46904059)

STOP ENABLING them.

They are out htere because they get support. They get support because they are out there.

If you are into technology you are adversely impacted by XP. Software is not written with the latest standards. Websites can't go html 5 and css 3. Your phone is more fluid and advanced with pretty gradients than your freaking computer because of IE 6 - 8 compatibility. Can't have nice .net 4.5 programs. Hackers, spammers are attacking your machine etc.

Yes it cost money to upgrade. I get that and if it works businesses are resistent to change. But shoot when is it pure negligence to lower your IE settings in the low zone and use unsigned activex controls and versions of Java with +200 security holes so your freaking accountant can save $2,000?

Move on! Use a VM if you really can't live without that app locked tight in a DMZ lan with no internet connection with a virgin tight gpo on it if you must use IE 6

XP needs just one last patch. (2, Funny)

Anonymous Coward | about 3 months ago | (#46903529)

A patch to remove the entire networking stack. Done.

i dont get it. (-1)

Anonymous Coward | about 3 months ago | (#46903553)

what a fucking tool. microsoft has to patch its latest operating system until it makes another operating system that takes it's place. the fact that they haven't released any operating systems past the alpha phase for 12 years then is besides the point.

XP still used in a lot of places (1)

Anonymous Coward | about 3 months ago | (#46903575)

Embedded market: small terminals, industrial automation controls, etc. Parts of this industry can move along to the next generation every 20 years, so it's not at all unreasonable that they are still using the same software. Most people have no idea the cost of moving an entire industry to a new product: and it *is* a new product - not just an upgrade - because the hardware needs to be faster to support > XP, the UX can change, and all certification work [hardware and software] must be re-done. Thus, there is enormous financial/industrial pressure to resist change.

source: I am an embedded systems developer.

"or switch to another modern OS such as..." (2, Interesting)

Blaskowicz (634489) | about 3 months ago | (#46903591)

That isn't helpful, XP is a modern operating system. It has user accounts, processes and all that stuff. It misses a desktop compositor but do we have to care about windows flying around?

In fact I would like linux to catch up. Using LXDE makes it relatively close to XP in speed and stability, MATE is a slower but decent, but it could use some more driver quality and importantly I hope there'll finally be a way to fix backwards compatibility and game availability, which go hand in hand.

Get me right, I know that XP has to be abandoned and advocate for it , I tell people to use Mint and do all updates (almost security only) that show up. The updates are pleasant instead of being a hassle. Though as usual I need to wait again. Wait for Mint 17 to be out, since Mint 16 will be deprecated despite coming out in last November.

Re:"or switch to another modern OS such as..." (0)

Anonymous Coward | about 3 months ago | (#46903727)

That isn't helpful, XP is a modern operating system. It has user accounts, processes and all that stuff. It misses a desktop compositor but do we have to care about windows flying around?

In fact I would like linux to catch up. Using LXDE makes it relatively close to XP in speed and stability, MATE is a slower but decent, but it could use some more driver quality and importantly I hope there'll finally be a way to fix backwards compatibility and game availability, which go hand in hand.

Get me right, I know that XP has to be abandoned and advocate for it , I tell people to use Mint and do all updates (almost security only) that show up. The updates are pleasant instead of being a hassle. Though as usual I need to wait again. Wait for Mint 17 to be out, since Mint 16 will be deprecated despite coming out in last November.

So, use the latest Ubuntu LTS with LXDE or Mate. Problem solved.

Easy to fix (0)

Anonymous Coward | about 3 months ago | (#46903595)

Perhaps they fixed it because it's too simple to fix by end users themselves - just use another (better) browser, which might result in visible drop in IE shares.

Viva la XP! (0)

Anonymous Coward | about 3 months ago | (#46903601)

Long live XP!

Microsoft didn't do it for charity (1)

wooppp (921578) | about 3 months ago | (#46903603)

I guess the last line is what Microsoft fears about - "or switch to another modern operating system, such as OS X or Linux."

Newer than XP won't work with some hardware (0)

Anonymous Coward | about 3 months ago | (#46903627)

We have a $40,000 piece of equipment that runs on XP. I don't think we are going to quit using it because M$ wants us too.

Re:Newer than XP won't work with some hardware (1)

mark-t (151149) | about 3 months ago | (#46903729)

But you might have to quit using it when mIcrosoft doesn't release patches for it that address critical vulnerabilities. While it's certainly true that those vulnerabilities were always there and aren't anything new... once the vulnerability becomes publicly known, it's liable to be the case that people try to exploit it more frequetntly. MS patched this one... this time. They really aren't under any obligation to always do so in the future.

Re:Newer than XP won't work with some hardware (1)

Ducho_CWB (900642) | about 3 months ago | (#46903851)

So you have an expensive piece of equipment that runs on XP. Do you need this XP instance to connect to internet? If you need, maybe the manufacturer of this expensive equipment have a solution for you. If it is isolated, why oh why bother to install a single update in a production isolated expensive equipment?

Re:Newer than XP won't work with some hardware (1)

Anonymous Coward | about 3 months ago | (#46904075)

I don't think we will quit using this $40,000 piece of equipment for a decade or more. Its networked for printing status reports but doesn't browse the internet. There is no chance of getting updates from the manufacturer because they would like us to buy a new $100,000+ machine. We have other equipment too that will only work under XP and we won't get rid of them because no one makes anything that does what it does anymore.

I will note that one reason XP became popular with embedded equipment is that it was the last version of windows that application software could talk directly to the hardware without having to write some secure/registered driver (M$ eliminated that to please hollywood).

That atorney would breath fire and brimstone (1)

angel'o'sphere (80593) | about 3 months ago | (#46903647)

if it would be his house or his car or his yacht that suddenly does no longer 'work'.

Re:That atorney would breath fire and brimstone (0)

Anonymous Coward | about 3 months ago | (#46903849)

Except it works exactly the same as it always has. They just found out there's a hole that causes a problem with his house, car, yacht, etc.

Re:That atorney would breath fire and brimstone (0)

Anonymous Coward | about 3 months ago | (#46904029)

Except it works exactly the same as it always has. They just found out there's a hole that causes a problem with his house, car, yacht, etc.

Fairly certain that some holes could definitely prevent his yacht from working exactly as it always has...

Re:That atorney would breath fire and brimstone (0)

amicusNYCL (1538833) | about 3 months ago | (#46904107)

It works exactly the same as it always has. It's just no longer under warranty. Expect any security updates to be few and far between, and only for the biggest issues. Otherwise, you're on your own. Use it as long as you like, but don't come crying when you get infected or it doesn't run the newest programs.

That's the other side effect we'll see: within a few years, software vendors will no longer be testing their products on XP.

Already done, so... (0)

Anonymous Coward | about 3 months ago | (#46903671)

what's the point other than WinBashing?

Fucking YAWN.

What's IE? (1)

WillAffleckUW (858324) | about 3 months ago | (#46903737)

Is this some kind of primitive version of Netscape or Lynx?

Who are these people (2, Insightful)

phantomfive (622387) | about 3 months ago | (#46903757)

In case anyone cares who these people actually are:

Sebastian Anthony: A semi-hobo living in the middle of England, who thinks he's an engineer because he took apart a VCR. Literally.
Lance Ulanoff: An editor and story teller. Used to be an editor for PCMag. Gets invited to speak at SXSW because he is a good story teller.
Dwight Silverman: He seems to have been blogging since April

None of these guys seem to understand corporate software. They seem to look at it as child-training or something, which it isn't. In all likelihood some companies were complaining to Microsoft about this bug, some product managers inside Microsoft thought it would be worth fixing to make them happy, so they allocated time to work on it. The idea that the CEO was personally involved is possible, but certainly not given. He has more important things to worry about than legacy software.

Re:Who are these people (0)

brit74 (831798) | about 3 months ago | (#46903827)

You forgot to mention that Sebastian Anthony also submits his own articles to Slashdot in an attempt to get more page-views - i.e. Ad revenue. He's had other articles appear on Slashdot using this strategy. I wouldn't be surprised if this post is another example of that.

Really? (1)

YuppieScum (1096) | about 3 months ago | (#46903797)

switch to another modern operating system, such as OS X...

Oh yes, because that would be such a simple and painless transition, with no legal or software-compatibility issues whatsoever...

To be honest, I'm having trouble determining who should win the "Stupid Cunt of the Year" prize - the "author" of TFA for not being able to perceive the difference between an OS and an application, or the "editor" for letting such drivel onto /.

Or, I suppose, myself for expecting any better from /. nowadays...

Re:Really? (0)

Anonymous Coward | about 3 months ago | (#46903925)

Or everyone who has wasted time responding to this drivel. Myself included.

Re:Really? (1)

amicusNYCL (1538833) | about 3 months ago | (#46904139)

Or, I suppose, myself for expecting any better from /. nowadays...

I would say yourself, since you obviously lack anything resembling perspective. Yes, surely the worst example of a person being stupid is some attention whore who thinks that Microsoft should really stop having anything to do with Windows XP.

now wait... (3, Insightful)

roc97007 (608802) | about 3 months ago | (#46903805)

There's something about this that I'm having trouble wrapping my brain around. We (the collective "we" of businesses and individuals still using XP) are stupid for not giving wads of cash to Microsoft when Microsoft says to do so? And Microsoft is stupid for choosing to patch a vulnerability in a half billion PCs?

Re:now wait... (0)

Anonymous Coward | about 3 months ago | (#46903893)

No, "we" are stupid for continuing to use an old outdated piece of software that has been found to have security issues.

Your take on Microsoft's decision depends on what you think their strategy should be.

Re:now wait... (2)

roc97007 (608802) | about 3 months ago | (#46904077)

The thing it, XP is still useful, it's still in a lot of embedded systems, it runs on machines that later versions of Windows won't run well on, and in many situations it does the job. As far as security issues, being Windows, it has security issues by definition, just like every other version of Windows, past and future.

Perfectly safe to stay on XP (1)

iamacat (583406) | about 3 months ago | (#46903875)

Just keep Windows firewall on, install an alternative browser and only run software from trusted sources. It may be full of bugs, but its easy to close all realistic exploit vectors. Think of it as a chromebook with support for legacy software. Speaking of software, windows lost a lot of exclusivity after XP and most apps/games that require Vista/7/8 have good alternatives on other platforms.

For me, Windows has meant a VirtualBox XP VM for the past decade and will stay this way forever.

Re:Perfectly safe to stay on XP (0)

Billly Gates (198444) | about 3 months ago | (#46904003)

Yep perfectly safe [cnn.com] .

Especially since all these customers had big IT departments, firewalls, and corporate security software installed.

clueless (1)

BradMajors (995624) | about 3 months ago | (#46903899)

Stop with this upgrade nonsense. Most of the machines currently running Windows XP can not be upgraded because the later versions of Windows have additional hardware requirements.

I made this post from a Windows XP laptop that can not be upgraded.

Re:clueless (0)

Billly Gates (198444) | about 3 months ago | (#46904019)

Yep keep staying on XP [cnn.com] .

Times change man. It costs billions to have a 24x7 team of security engineers, developers, hackers, and os writters around the clock for that 13 year old OS. MS has a right to not support unless you have big bucks

It makes little difference. (1)

Dega704 (1454673) | about 3 months ago | (#46903907)

Sticking with XP would be a bad idea even if Microsoft were to release updates ad infinitum. Even since Windows 7 surpassed XP in market share, I still encounter several times more infected XP machines than Windows 7 ones. Updates are band-aid fixes that don't change the fact that XP was released just before the advent of ubiquitous broadband, and is fundamentally unsound when it comes to security.

But (1)

Ol Olsoc (1175323) | about 3 months ago | (#46903919)

Despite this Sebastian Anthony's well reasoned and thoughtful piece. ....

If the XPocalypse happens, and the legions of XP machines are zombified, as we are warned they will be, and civilization is brought to a halt as efficiently as the Chicxulub meteorite hit - People are going to blame it on Microsoft.

And they will have a point, whether he likes it or not, whether Microsoft likes it or not, and whether the shills like it or not.

Grow up Linux fanboys (1)

Anonymous Coward | about 3 months ago | (#46903957)

You guys are a bunch of morons. That linux stuff is far from a modern operating system. I know because all that DOS text pops up on the screen when my friend boots up his "Linux" box.

They owe us. (1)

Moof123 (1292134) | about 3 months ago | (#46903971)

After Vista, they owe use a decent amount of time to get onto the next decent OS. Windows 7 counted as decent, and has been out 3 years. It is quite fair for folks to have been getting new boxes with XP until a good alternative came out and proved itself to be stable, and to not have to upgrade those machines for several years at least. The current cutoff feels tone-deaf compared to the POS that Vista was.

My $0.02.

Stupid article is stupid (1)

acoustix (123925) | about 3 months ago | (#46903991)

'I don't want to hear that tired "if it ain't broke, don't fix it" line. Hey, XP IS broke, and it will just get more so over time."

WTF? It wasn't just XP that was broke. This affects ALL Microsoft browsers and OSes. So upgrading to Vista, Windows 7, Windows 8 would not have solved this issue.

They could always patch it all the way to Vista (1)

giorgist (1208992) | about 3 months ago | (#46904007)

They could always patch it all the way to Vista or maybe even Windows 7 and even 8.x then they will have a modern monoculture. Or how about Linux release an XP patch that ...

Damned if they do.. (0)

Anonymous Coward | about 3 months ago | (#46904015)

..damned if they don't.

MS can never win in the public eye, so they might as well do the right thing by releasing a fix if they have it ready. So they did. Good for them.

It never ceases to amaze me... (4, Insightful)

AudioEfex (637163) | about 3 months ago | (#46904065)

It never ceases to amaze me how out-of-touch with the "real world" so many /. commenters are. Or, more precisely, how out-of-touch they come across as, because I don't think half of the folks who post some of this stuff actually believe what they say, they know better - the other half I do believe actually think what they are saying is accurate, because they don't associate with anyone who doesn't know the difference between SRAM and DRAM.

"Switch to another modern operating system, such as OS X and Linux" - yeah, that's gonna happen. To run OS X one needs to buy a new, overpriced machine that isn't going to be compatible with a lot of existing stuff and is way overkill for the needs of most average folks. And Linux? Seriously? Linux is so out of reach of most folks it's not even funny. I'm sure someone will come along and say "well X distro is easy to install!" and they miss the entire freaking point. Linux is not for "average" users, or even for well-versed computer users, it's for tinkerers and folks who want to spend as much time working on their OS as they do using the computer. It's a ridiculous notion.

The truth is, XP is not going away. Folks are saying "but they've been announcing this forever!" - not to middle America, they haven't. Those folks don't keep up on tech sites, and it's not like MS is sending them pop-ups to let them know. They just want to get on their computer and use Facebook and check their email, maybe play a few games. They also don't often have computers that even could run Windows 7 or better. Gone are the days when everyone had to replace their PC every 2-3 years, max - I know tons of folks who have PC's that are nearing a decade old and still in use and work just fine for them. Asking folks who have computers that to them seem working perfectly fine, and that meet their needs, to go out and buy a new one just to continue to do what they are already doing is never going to fly.

MS is going to relent and continue to release security patches - I have no doubt. They already are making them for the large companies/governments that are paying for them, and there are going to be some major battles which will probably end up in the legal system over what really is MS hanging a large portion of users out to dry. As someone else said, these security flaws are already there, they are just fixing what they didn't do correctly in the first place - we all know the limited understanding of the court system of computer technology, that's what it's going to look like to lawyers and judges. We might finally see some real legal tests of EULA's in general, as well - if I put a bumper sticker on my car that says "I am not liable for any accidents I may cause" that doesn't absolve me of liability, and I have a feeling that just may be how some judges will interpret this (correctly or not).

I know all of this is going to seem like bullshit to a lot of /.ers, but it's reality - XP was good enough that it will remain "good enough" for a lot of folks, and not issuing security patches isn't going to stop them from using it, because they never are going to know. It's in MS best interests to continue issuing these patches until these PC's finally die off and folks need to buy a new one, which is still going to be a few more years.

Rant all you wish about how stupid they are, or how they just should stop using MS to begin with and use Linux (the most absurd notion - because even if they did, if Linux actually had more than the less than 2% install base it has, they'd just start trying to exploit that - and with all the different distros, etc. - what a clusterfuck that would be - Linux users just fly under the radar, for now). It's not going to change the reality that these folks aren't going to upgrade their OS until they buy a new PC - and if MS doesn't issue these patches, then once the news finally filters down to these folks (via local newsbroadcasts, etc.) the suggestion will just be to use a different browser, since most security issues are IE related - which is the LAST thing MS wants to happen.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...