Yesterday, Microsoft unveiled to private beta testers the second external build (build 2082) of the recently redesigned Windows XP Service Pack 2 (SP2). The build features a new front end for security-oriented tasks, new UIs for wireless networking, and Lonestar updates for XP Tablet PC Edition (which Microsoft will market as XP Tablet PC Edition 2004). As previously reported in WinInfo Daily UPDATE, XP SP2 will be a major update for all XP users when Microsoft releases it by midyear. "We've got quite a bit of work to do before it's end-user ready," Matt Pilla, senior product manager for the Windows Group, told me during a recent visit to the Microsoft campus. "The goal is to get security features out to customers as soon as possible but make sure they're customizable enough that they don't block deployments." Pilla noted that Microsoft shipped the current beta to about 500 testers. This build is the first external SP2 build to support XP Media Center Edition (MCE) in addition to XP Home Edition, XP Professional Edition, and XP Tablet PC Edition, and I was able to test this support on an XP MCE 2004-based PC. XP SP2 build 2082 includes the new Windows Security Center application, which is based on a similar tool from last year's "PC Satisfaction" beta. Basically a Web-based tool, Security Center monitors your Windows Firewall, Automatic Updates, and Virus Protection settings and warns you if any are deemed unsafe. You can now set the Windows Firewall to On (Recommended), On (But don't allow exceptions; recommended for mobile use), and Off (Not Recommended). Beyond this obvious new feature, build 2082 includes small tweaks to the wireless-networking interface and slightly updated versions of Microsoft Internet Explorer (IE), Microsoft Outlook Express, and Windows Media Player (WMP) 9 Series. My recent review of the XP SP2 Beta remains the definitive overview of this product, and I'll update the review this week with new screenshots and information, particularly about Security Center. For more information, visit the SuperSite for Windows.
End of Article
I'm not so sure it's a good idea for Microsoft to go around issuing these updates and patches. After all, according to David Aucsmith, who is in charge of technology at Microsoft's security business and technology unit, these kinds of security patches are the CAUSE of Microsoft's security problems. Turns out Microsoft doesn't experience exploits until AFTER they've been fixed. Seriously.
I was confused, but this article ( http://news.bbc.co.uk/1/hi/technology/3485972.stm ) cleared it up for me. "We have never had vulnerabilities exploited before the patch was known," Aucsmith said. (Of course, he then went on to say, "If you want more secure software, upgrade." I love that kind of circular logic).
So really, does it make sense to distribute this kind of thing? Seems like Microsoft is just courting disaster here!
Paul Fan February 26, 2004
To the last user; yes, Microsoft SHOULD issue patches. Often these flaws are NOT discovered by microsoft, but by other firms (security reasearch firms). If they were not patched, it could only be a matter of time before a virus writer finds the same vunrability, then uses it to exploit millions of computers running windows.
After microsoft releases a patch, atleast people usually have a few days to patch their system, before a virus appears for the hole.
That said, If people ran a good firewall, AV scanner and secure computing pracptices (not opening e-mails from people you don't trust and so on) much of this wouldn't really be necessary. The only "essential" upgrades SP2 ads imo are the IE improvments.
Alex June 13, 2004
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
An often irreverent look at some of the week's other news, including some more Windows 7 sales momentum, some Sophos stupidity, Microsoft's cloud computing self-loathing, more whining from the browser makers, Zoho's "Fake Office," and much, much more ...
Let Your Users Reset Their Own Passwords: Free Download Try a 30 day free trial of Desktop Authority Password Self-Service – it provides an easy-to-use, robust system for allowing users to reset their own forgotten passwords or locked accounts.
Get Windows IT Pro & Mark Minasi’s Favorite Power Tools Guide Order Windows IT Pro now and get "More of Mark Minasi's Favorite Power Tools"--a in-depth guide to the most useful Windows commands --FREE with your paid order! Subscribe today, and save 58% off the cover price!
Deep Dive into VMware vSphere, eLearning Series Join John Savill to explore the major functionality capabilities of the vSphere virtualization platform, including identification of the changes from ESX 3.5.
Register
I was confused, but this article ( http://news.bbc.co.uk/1/hi/technology/3485972.stm ) cleared it up for me. "We have never had vulnerabilities exploited before the patch was known," Aucsmith said. (Of course, he then went on to say, "If you want more secure software, upgrade." I love that kind of circular logic).
So really, does it make sense to distribute this kind of thing? Seems like Microsoft is just courting disaster here!
Paul Fan February 26, 2004