Comments on: Microsoft: SP2 shimmy's not a flaw

Company downplays a method for intruders to bypass defenses in its Service Pack 2 update for Windows XP.

flawed till death do us part

microsoft doesn't produce flaws or allow buggy software out the
gate[s]; their called features, right?

[Steven N]

Bugger...

That is probably how M$ must feel when seeing that all their (marketing) efforts to prove that they are serious about security are slowly eroding away.

Can't say I feel sorry for them. They choose to create a bloated OS. The more you integrate into your OS, the more vulnerabilities you introduce into it.

The next years will be interesting...

[Earl Benser]

Bloat and then some...

M$'s basic approach of integrating the universe (as created by
others) into Windows is more than just bloat, it;s malicious
marketing. Yet, to some degree, OSX and Linux do similar
things, eg., Spotlight as an integrated feature in Tiger and used
by any othe application.

Maybe that's the point. Internet Explorer never had to be part of
Windows. M$ claims that you have to have IE to get all the
WIndows functions, but that's becvause they left needed core
programming out of the basic Windows OS, and made it
available only if you installed IE. Now, just try to uninstall IE, OE,
or any other M$ 'application' in Windows. Delete the shortcut?,
sure.... eliminate the application?, no way! Because Windows
can't run without the application code.

Well, it was a choice, and M$ took it. Now they are beginning to
find out that there is a hidden cost they forgot to consider, a
major hidden cost. Short sighted, limited capability, market
driven software development - M$ has taken this approach to
new depths.

And yet, they continously hold the market control. Maybe that
says less about M$ than the people who who buy M$.

Pay no attention to the man behind the curtain.

If MS wants us to continue to trust them on security, they should not downplay every problem that arrises. It seems to be fashionable now-a-days to just deny that the problem is a problem. We are used to this in Phoenix. We just had a problem with the water, we were all told to boil our water before use. "There is no crisis." We had a gas leak in part of the city. "There is no crisis" We had a gasoline pipeline break and lines several blocks long to buy gas. "There is no crisis." Just say that and keep believing it . . .

[Not Bugged]

Still making a mountain of a molehill

Why have these stories never mentioned the fact that you don't get this data protection unless you have a processor that supports it? Only the latest Intel chips and the more recent AMD chips even support this particular technology in the first place. For the vast majority of users out there, this new protection (compromised or not) doesn't even exist.

Yes it's important to dicuss the problem but lets get a perspective on it's scope too.

[Fray9]

So what your saying is

So what your saying is that it only effects new computers, so Microsoft is correct in ignoring the fact that they built a huge steel door to protect you and left the hinges on the outside?

In a very short time those new processors will be standard.. should Microsoft wait till then to panic and react with another knee-jerk style patch that wasnt completely thought through and introduces more bugs?

If Microsoft wants to convice anyone they care at all about security they need to show that they care about the fact that the new security features are easily circumvented. Telling us its not a problem just shows they dont want to make their software any more secure than it already is.