Sebastian Anthony writes that Microsoft is setting an awful precedent by caving and issuing a fix for Windows XP. "Yes, tardy governments and IT administrators can breathe a little easier for a little bit longer," writes Anthony, "and yes, your mom and dad are yet again safe to use their old Windows XP beige box. But to what end? It's just delaying the inevitable." This won't be the only vulnerability found in XP adds Dwight Silverman. "If Microsoft makes an exception now, what about the flaw found after this one? And the next? And the one after that, ad infinitum?" Even though Microsoft has released a patch for the IE flaw, and Windows XP is included, it's time to move on really. "I don't want to hear that tired "if it ain't broke, don't fix it" line. Hey, XP IS broke, and it will just get more so over time. Upgrade to a newer version of Windows, or switch to another modern operating system, such as OS X or Linux."
(Score: 5, Interesting) by Angry Jesus on Sunday May 04 2014, @12:19AM
The article acknowledges that Microsoft actually patched Internet Explorer, not XP, but doesn't recognize the significance of that fact.
Fixing security flaws in IE regardless of platform is the smart, self-interested, move for Microsoft because it is much easier to switch to a new, free and supported browser like Firefox or Chrome than it is to pay for and then switch to a new version of Windows. If they didn't patch IE on XP, the result would be a mass migration away from IE. XP still has about 30% of the installed base [zdnet.com] if roughly half of them are still using IE (educated guess), that's a lot of IE users that they could lose over this incident. For that reason, I predict that MS will continue to issue patches for major security flaws in IE on XP for the foreseeable future, but not for XP itself.
(Score: 3, Interesting) by joekiser on Sunday May 04 2014, @12:29AM
Agreed. Every local news station I've heard describe the flaw has told people explicitly not to use Internet Explorer, but to use Chrome or Firefox instead. These aren't tech sites, (one news station referred to Firefox and Chrome as ISPs), these are the same people that report celebrity gossip as news along with the weather and current events. This flaw (and the solution to not use Internet Explorer) has permeated the daily conversation of the technical illiterate, to a larger degree than the Heartbleed thing. No idea why. One friend who works with the IRS told me that they were advised to use Firefox. Microsoft is in damage control mode.
Debt is the currency of slaves.
(Score: 0) by Anonymous Coward on Sunday May 04 2014, @01:50AM
It is jaw dropping to see how this whole game is playing out.
Like watching Superman break his back and Louis Lane dumpster diving at airports.
(Score: 4, Informative) by tomp on Sunday May 04 2014, @01:30AM
Wait a sec. I swear I recall a senior MS exec telling a U.S. court that IE was not a separate product from XP. Didn't Microsoft event present a video in court, clearly showing that XP wouldn't work right if IE was removed?
Patching XP is exactly what they did. MS blinked and everyone noticed.
(Score: 4, Interesting) by tibman on Sunday May 04 2014, @02:34AM
Just today i had to restart my Windows 7 box because IE 11 had a security update. Yes, that's right. A full OS reboot because the browser updated : /
SN won't survive on lurkers alone. Write comments.
(Score: 1, Informative) by Anonymous Coward on Sunday May 04 2014, @03:29AM
Just today i had to restart my Windows 7 box because IE 11 had a security update. Yes, that's right. A full OS reboot because the browser updated : /
-------------
Windows has always had that problem, it isn't just the browser, lots of software wants a reboot after an install or update.
(Score: 3, Informative) by CastIronStove on Sunday May 04 2014, @02:37PM
Having to reboot Windows after an IE update is an unfortunate byproduct of new(er) development practices clashing with historical compatibility. Microsoft implemented Trident, the layout engine backing Internet Explorer, as a COM interface exposing software component. This facilitates opaque reuse, allowing third party developers to embed a web browser in their applications and allowing Microsoft to use the browser component in non-IE contexts. Consequently, the files backing the Trident component are often in use, even if IE itself is not open.
Windows' approach to file-locking, which ultimately descends from the MS-DOS approach, prevents applications from overwriting open files. If a patch determines that a file it is updating is in use, it registers that file with a process that performs file replacement during boot.
(Score: 3, Informative) by Tork on Sunday May 04 2014, @07:24AM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 1) by iwoloschin on Sunday May 04 2014, @11:24AM
Easy to switch from IE? In what world?
I've got a rMBP at work, which is great for almost all things. Except for the handful of internal corporate websites that require IE. Which requires me to run a VM just to use IE. It's pretty spectacular in terms of "how can we be the most wasteful ever?" To be fair, for everything else I can use almost whatever I want...though I can't say I've tried Lynx in a while.