Silicon Shecky

We all know that Windows 7 is on the horizon. We all know that Vista is a huge hunk of junk. We all love our Windows XP, which is why we are willing to pay a little more for the “downgrade” to XP that a number of manufacturers will ship, even though the machines officially count as having been sold with Vista (Microsoft loves to punch up its Vista numbers this way). Now, Windows XP is about to pass to the next stage, drawing us closer to the end of one of our favorite OS’s life.

Mainstream support for Windows XP ends on April 14, which just happens to be the next Patch Tuesday. What does this mean for everyone? Well in simple terms it means a few things:

1) No more Service Packs or feature upgrades! This of course is something that can be expected. XP can only do so much and handle so much, seeing as it is way beyond what Microsoft intended its lifespan to be.

2) No more free incident support. Yep, any support from Microsoft for XP is now fully chargeable. Make sure you know your way around google, Microsoft’s knowledge base, or know someone who is a tech that can help you.

3) No more Warranty Claims. Yep, XP is out of warranty, even if loaded on a brand new machine by the manufacturer. How does this affect the fact that Microsoft still pushes XP for Netbooks? Time will only tell if they are smart and make an exception, otherwise, make sure you get a netbook with Linux on it.

Now not everything is doom and gloom. There are still some thing that the Extended Support Phase, which is what XP is going into, does give.

1) The Microsoft knowledge base, and support site still will have all the XP information it can hold. So you still can look through all the things.

2) Security updates will still be pushed out. It is important to remember that Security Updates are different from Feature Updates. While no no features of feature bugs will be fixed, at least any Security Holes that could allow viruses, such as Cornficker to grab a hold of your machine, will still be created and pushed out, and this will continue until 20014.

So XP is not dead yet, but instead is more on life support for the next 5 years. Personally, I would have likes Microsoft to have pushed XP 64 bit more and longer instead of forcing Vista out there. The other thing is with end of mainstream support, Microsoft now can reallocate resources to other projects. Here is just hoping that Windows 7, which is in beta and has been getting decent reviews, doesn’t get screwed up and suck when released.

So here it is, the second Tuesday of March and we all know what that means. Yep Microsoft Patch Tuesday! So lets ee what good old Microsoft has patched up for us this month.

The only Critical is a Windows Kernel update, which is patching a hole that, “could allow an attacker to take complete control of your computer if you view a website, email, or document that contains an evil graphic or picture,” according to Eric Schultze of Shavlik Technologies.

Now we all know that a hole in the kernel is bad, and the way this is made to sound this hole can be even worse than other kernel hole, but still I would recommend installing the patch in a test environment first if possible, or at least on a non-mission critical machine. Something about making changes to the Kernel always make me a little leary.

Then there is a series of 4 patches for DNS. Not surprisingly these are for lesser used holes along the Kaminsky DNS attack lines. Definitely get these installed especially with some of the odd ways some viruses seem to be showing up from spoofed DNS.

Finally a patch related to SSL spoofing. Again important, but like the DNS patches, not listed as critical.

Personally, all the patches seem to adress some very serious issues. How SSL and DNS spoofing are not thought of as critical for patching is beyond my comprehension though. At least Microsoft did patch them. Now where is the Excel patch for a major hole in that program?

Mike

So it seems that a company called Beyond Trust did a little research into Microsoft’s disclosed vulnerabilities, and found that 92% of them could have been avoided if people didn’t have Admin rights.  You can read the full article at Computer World.

Honestly, I would have thought it was quite obvious that this was a big problem. Even with the UAC in Vista and Windows 7, it is a problem, and Microsoft just won’t admit to it.  Someone needs to hit them with a clue by four I think.