Flasche Posted May 1, 2014 Share Posted May 1, 2014 I'm shocked. MS releases an XP update after EOL. This should really annoy all the doomsayers. Proof that M$ just wont let it go Link to comment Share on other sites More sharing options...
dencorso Posted May 1, 2014 Share Posted May 1, 2014 It's not EOL... it's EoS: life goes on! Link to comment Share on other sites More sharing options...
Guest Posted May 1, 2014 Share Posted May 1, 2014 (edited) Microsoft must still support IE on Win2003, so it shouldn't have been much more work for them to release IE packages for XP. Due to the targeted attacks, it would have been a bad PR move to deny XP so soon after EoS. Edited May 1, 2014 by 5eraph Link to comment Share on other sites More sharing options...
Guest Posted May 1, 2014 Share Posted May 1, 2014 It's not EOL... it's EoS: life goes on! It's both actually. That's just MS's term just like "High-Priority" which is not a word in the English dictionary. It's just high priority (no dash). http://en.wikipedia.org/wiki/End-of-life_(product) Link to comment Share on other sites More sharing options...
Guest Posted May 1, 2014 Share Posted May 1, 2014 Microsoft must still support IE on Win2003, so it shouldn't have been much more work for them to release IE packages for XP. Due to the targeted attacks, it would have been a bad PR move to deny XP so soon after EoS.IE6 and IE7 have patches too. https://technet.microsoft.com/library/security/ms14-021.aspx Link to comment Share on other sites More sharing options...
Guest Posted May 1, 2014 Share Posted May 1, 2014 Microsoft’s decision to patch Windows XP is a mistake | Ars Technica Link to comment Share on other sites More sharing options...
dencorso Posted May 1, 2014 Share Posted May 1, 2014 It's not EOL... it's EoS: life goes on! It's both actually. That's just MS's term just like "High-Priority" which is not a word in the English dictionary. It's just high priority (no dash). http://en.wikipedia.org/wiki/End-of-life_(product)All these euphemisms are somewhat tiresome, and End-of-Sale, End-of-Life, and End-of-Support can be (and actually, according to MS, they are, if I'm not mistaken) different dates. What I meant, more as a pun on the euphemism itself is that the life of a product only truly ends when nobody at all uses it anymore, and that's a long way from now, for XP.Microsoft must still support IE on Win2003, so it shouldn't have been much more work for them to release IE packages for XP. Due to the targeted attacks, it would have been a bad PR move to deny XP so soon after EoS.Not only on Win 2003 but on POSReady 2009 which is almost exactly XP. And, moreover, it was an update to IE, so that it'd be about aero additional cost to release also for XP the updates for IE7 and IE8, although the one for IE6, plus the effort in creating the update must have added a negligible additional cost. But, all in all, surely worthy of avoiding the generalization of the idea that all IE versions are insecure, and some generic aditional good PR for MS because of their showing they "care"... Link to comment Share on other sites More sharing options...
TrevMUN Posted May 2, 2014 Share Posted May 2, 2014 (edited) Microsoft’s decision to patch Windows XP is a mistake | Ars TechnicaThe butthurt goes ever on and on!Of course, Microsoft's shills in tech journalism were already hopping mad about Microsoft extending support for XP back in bygone years.Another laugh for the day...article entitled 'Windows XP is a much gereater risk than heartbleed'http://www.techrepublic.com/article/windows-xp-is-a-much-greater-risk-than-heartbleed/Quote from article above: "Keanini summed it up the pervasive threat of Windows XP: "Hunt down expired versions of XP and terminate it!"So if one night you see a mob outside your window, carrying torches and pitchforks...you've been forewarnedWow, that is a whole new level of zeal I haven't seen in Microsoft's FUD campaign before. That tops the whole "treating XP users like drug addicts" intervention campaign Microsoft attempted.I wonder what kind of kool-aid they gave that guy. Edited May 2, 2014 by TrevMUN Link to comment Share on other sites More sharing options...
Guest Posted May 2, 2014 Share Posted May 2, 2014 (edited) It seems to me that Peter Bright, the Ars Technica author, got burned. By insisting that XP wouldn't get any further updates after EoS, Microsoft made him a liar when it released the post-EoS IE updates for XP. It's understandable that he'd be angry. That whole article is just a huge rant that glosses over the fact that MS would have made 25% of all Windows users p***ed had it not done what it did. The world does not revolve solely around IT professionals as Mr. Bright would like to believe. Edited May 2, 2014 by 5eraph Link to comment Share on other sites More sharing options...
submix8c Posted May 2, 2014 Share Posted May 2, 2014 (edited) "Patch Thursday" Oh, and to note the testing/comparing done?http://www.msfn.org/board/topic/171707-ms-to-release-patch-for-ie-bug-including-windows-xp/Seems that the XP one is the same as 2K3 (not at "EoS"). IN-YOUR-FACE! (heh...)...and an edit (I edited the above to reiterate MSFN link too) -Guess everyone has been disregarding 2K3 "fixes"? Uh-huh, just focus on Client OS! Kind of justifies the "potential" (only) for 2K3->XP Unofficial Fixes, IMHO. edit2 - re ArsTechnica - continued support for XP? Unlikely... Edited May 2, 2014 by submix8c Link to comment Share on other sites More sharing options...
jaclaz Posted May 2, 2014 Share Posted May 2, 2014 Well, Mr. Tom Bradley has been busy lately , here is another recent article by him:http://windowssecrets.com/top-story/why-continuing-support-for-xp-is-bad-math/The basic concepts are still the same old ones: since XP has not UAC, DEP and ASLR it is unsafe.Which of course (set apart - possibly UAC) does have some merits , at least in theory, as in practice we still have to see something malicious (unless I missed it ) that is effectively "defeated" by either DEP or ASLR (or by them alone).I am clearly missing something , however, in this:The upshot? All else being equal, Windows XP is almost always at significantly greater risk than newer versions of Windows — even when it’s the same vulnerability across all versions. That fact can skew Microsoft’s vulnerability ratings because any particular flaw’s overall rating is based on the OS most threatened. So a vulnerability rated critical might be rated important or even moderate if Windows XP is removed from the equation.Who actually cares about "vulnerability ratings"? jaclaz Link to comment Share on other sites More sharing options...
TrevMUN Posted May 2, 2014 Share Posted May 2, 2014 Another article in the FUD campaign!http://www.extremetech.com/computing/181733-microsoft-patches-ie-bug-in-windows-xp-but-its-a-huge-mistakeDon't you love all these political cartoon-esque images of XP sprinkled with graves and zombies? Link to comment Share on other sites More sharing options...
TELVM Posted May 3, 2014 Share Posted May 3, 2014 ... Don't you love all these political cartoon-esque images of XP sprinkled with graves and zombies?In terms of relative health I find this much more accurate: Link to comment Share on other sites More sharing options...
submix8c Posted May 3, 2014 Share Posted May 3, 2014 XP and DEP? http://support.microsoft.com/kb/875352 XP and UAC? From what I've "found", that's as much as using a "limited user account".Also (haven't tried this) but is this the concept?http://www.dedoimedo.com/computers/surun.html More info (ASLR is strictly Vista and up) -http://www.microsoft.com/security/sir/strategy/default.aspx?_escaped_fragment_=section_3_3#!section_3_3 So may I be confused by the article linked by jaclaz, or did I miss something? Link to comment Share on other sites More sharing options...
dencorso Posted May 3, 2014 Share Posted May 3, 2014 You're right! XP has both DEP and UAC. Always had, BTW. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now