In Rare Move, Microsoft Offers Critical Security Patch For Windows XP, 8, Other OSes

[falchard]

But what about us still using Windows 3.X?

 

[Mousemonkey]

But what about us still using Windows 3.X?

Can that even display the ransomware page?

 

[alextheblue]

None of you have any idea what you are talking about.
There is a long and expensive process for developing mission critical software. Some company that spent 50 million on flawlessly working XP era software is not going to spend millions more to rebuild it so the same thing works on the next OS. When it comes to Enterprise apps, one does not simply upgrade the entire network and spend million more to re-certify every couple of years.

Strawman. Who was saying they need to completely scrap expensive and nearly impossible to replace software? In some cases, their software already works on Win7+, and they are very slow to patch which creates vulnerable systems. In other cases where their software only works on XP, why can they not virtualize and keep their critical software running in a locked-down enviroment, while the underlying host is up-to-date?

 

[alextheblue]

But what about us still using Windows 3.X?

I think it's about time you migrated to OS/2!

 

[Mousemonkey]

None of you have any idea what you are talking about.
There is a long and expensive process for developing mission critical software. Some company that spent 50 million on flawlessly working XP era software is not going to spend millions more to rebuild it so the same thing works on the next OS. When it comes to Enterprise apps, one does not simply upgrade the entire network and spend million more to re-certify every couple of years.

Strawman. Who was saying they need to completely scrap expensive and nearly impossible to replace software? In some cases, their software already works on Win7+, and they are very slow to patch which creates vulnerable systems. In other cases where their software only works on XP, why can they not virtualize and keep their critical software running in a locked-down enviroment, while the underlying host is up-to-date?

In the case of the NHS it's down to cost and who foots the bill. IMO it's MS who's holding the world to ransom, pay us lots of money to use our shiny new OS or your world goes down the toilet.

 

[InvalidError]

In the case of the NHS it's down to cost and who foots the bill. IMO it's MS who's holding the world to ransom, pay us lots of money to use our shiny new OS or your world goes down the toilet.

It isn't reasonable to expect Microsoft to support 10+ years old OS versions indefinitely when newer versions which are mostly backwards-compatible are available. At the same time, it isn't necessarily possible or practical for everyone to follow with those upgrades as not all legacy systems and applications can be upgraded that easily either even if the OS upgrade itself was free.

Either way, you end up stuck between a rock and a hard place until something blows up in your face and you are forced to reconsider your options.

 

[Mousemonkey]

In the case of the NHS it's down to cost and who foots the bill. IMO it's MS who's holding the world to ransom, pay us lots of money to use our shiny new OS or your world goes down the toilet.

It isn't reasonable to expect Microsoft to support 10+ years old OS versions indefinitely when newer versions which are mostly backwards-compatible are available. At the same time, it isn't necessarily possible or practical for everyone to follow with those upgrades as not all legacy systems and applications can be upgraded that easily either even if the OS upgrade itself was free.

Either way, you end up stuck between a rock and a hard place until something blows up in your face and you are forced to reconsider your options.

When it comes to an organisation like the NHS it's the practicality and cost, W10 has compatibility issues with older hardware so it's not just the cost of the OS and licences but also the hardware costs, all of which are paid for by the taxpayers. Why as a taxpayer should I pay for Bills next private island?

 

[InvalidError]

Why as a taxpayer should I pay for Bills next private island?

And why should Bill continue spending money on maintaining an OS that has been discontinued for 5+ years and isn't generating revenue anymore? I imagine Windows XP would get quite a bit more expensive if Microsoft had to include 20+ years of support and updates into the initial purchase price. I doubt that sort of staying power was expected when XP launched.

With Windows 10, Microsoft has made it clear that it intends to push upgrades aggressively and discontinue support for the previous build shortly after the new one goes live to avoid having to maintain updates for multiple builds. This may have interesting repercussions on people and businesses who develop software tailored for specific applications that may not take kindly to a new OS build's quirks. I suspect most people and applications in that sort of situation will stretch Windows 7 just as much as XP has been.

 

[TwoSpoons100]

Regardless of whether its right/wrong/stupid to be running an unsupported OS, the real problem is the assholes who create this ransomware in the first place. I also lay some of the blame on Bitcoin, as an enabler, due to its untraceable nature. Time is long overdue to make all bitcoin transactions traceable, so we can catch the bastards and string 'em up by the bura'zak-ka.

 

[Martell1977]

I know that at least 1 major healthcare company finished upgrading from XP to 7 about 2 months before Windows 10 came out, it took them a very long time to upgrade all the machines nationwide. They briefly considered stopping the Windows 7 migration and start going to Windows 8, but after a review of Windows 8, it was determined that the cost of the software, plus training employees how to use the retarded OS, was excessive.
They do still have machines controlled by software on XP, but they are not connected to the network or internet in any way. From the last I heard, they have no intention of migrating to Windows 10 and will likely skip whatever comes next as well. Massive corporations migrate their OS's only a little bit quicker than the government, which I've seen some government machines still running Windows 98.

Yes there are ways around compatibility issues, but you have to remember that added complexity means the need for added support, plus the users of these machines are generally standard users and just want it to work and not need to be retrained on how to start their machines up or keep them working. At the end of the day it all comes down to the estimated cost/benefit ratio.

 

[sh4dow83]

"In an ideal world ..."

... Microsoft would respect the privacy of its users, making Windows 10 an acceptable OS.
Alas, the world is far from ideal.

 

[Mousemonkey]

Why as a taxpayer should I pay for Bills next private island?

And why should Bill continue spending money on maintaining an OS that has been discontinued for 5+ years and isn't generating revenue anymore? I imagine Windows XP would get quite a bit more expensive if Microsoft had to include 20+ years of support and updates into the initial purchase price. I doubt that sort of staying power was expected when XP launched.

With Windows 10, Microsoft has made it clear that it intends to push upgrades aggressively and discontinue support for the previous build shortly after the new one goes live to avoid having to maintain updates for multiple builds. This may have interesting repercussions on people and businesses who develop software tailored for specific applications that may not take kindly to a new OS build's quirks. I suspect most people and applications in that sort of situation will stretch Windows 7 just as much as XP has been.

Something like the NHS cannot be likened to a business or individual and I think you are underestimating the power that the company who controls the software that the world runs on actually has. Gates knew the power of an OS when he done that deal with IBM all those years ago and now we are paying that price. Why should MS continue to support XP? Because lives depend on it, that's why.

 

[sh4dow83]

"In an ideal world ..."

... Microsoft would respect the privacy of its users, making Windows 10 an acceptable OS.

... and the tomshardware mobile site wouldn't be complete shit that almost makes my Nexus 5x freeze!
(Which is why I can't check whether I'm double posting right now)

Alas, the world is far from ideal.

 

[InvalidError]

I also lay some of the blame on Bitcoin, as an enabler, due to its untraceable nature. Time is long overdue to make all bitcoin transactions traceable, so we can catch the bastards and string 'em up by the bura'zak-ka.

The whole bitcoin block chain is public, it is already fully traceable by everyone. The challenge is putting names on bitcoin wallets since anyone can create however as many wallets as they please and generate as many transactions in-between as well.

Why should MS continue to support XP? Because lives depend on it, that's why.

Companies choosing to continue using an OS long after its "best before" date are not Microsoft's problem. Had computers continued to improve at the same pace they were back in the early 2000s and software processing power requirements continued to increase at a similar rate, most PCs still using XP today would have been replaced years ago and the end of XP would have been a non-issue.

 

[randomizer]

XP seems to be getting all of the mentions here but it is not the only OS that was included in this patch release. Windows 8 was also included, and despite being nowhere near as old it also gets no support outside of custom contracts.

 

[Karadjgne]

The US Government still uses and maintains Windows XP, Windows Server 2003, for 3 primary reasons. First is that the OS is already in place and works, the second being that the software used on those servers is Proprietary in that it does not accept Win 7 or newer, it has base coding in DOS. 3rd, and gripe all you want about taxes, the sheer cost to upgrade several million pc's and several thousand servers, train everyone from the data techs to IT on new software, cost of new Proprietary software for those millions of pc's and servers and most likely replacing the pc's themselves as many are still using either Athlon II or Sandy/Ivy. Now if you have several Billion dollars laying around, be my guest, Gripe about ppl using old OS, old pc's etc and they are morons for not getting current, but if you don't have those $Billions, then put a sock in it because I'm quite happy with my taxes not going up just to satisfy a bunch of Princesses.

Honestly, imho, its great that Microsoft has done this, there's enough coders employed there that still have the knowledge to fix/upgrade XP, 2003, 7 etc, so put them back to work. Be nice if they'd keep it up.

 

[InvalidError]

XP seems to be getting all of the mentions here but it is not the only OS that was included in this patch release. Windows 8 was also included, and despite being nowhere near as old it also gets no support outside of custom contracts.

People are mainly talking about XP because XP is the oldest most deeply entrenched legacy OS. It has a ~8% market share, about the same as Vista + 8.0 + 8.1 combined. That should give you an idea of how deeply entrenched XP is.

Support for 8.0 got dropped because everyone with 8.0 is eligible for a free upgrade to 8.1 and a fair chunk of people on 8.0 did exactly that. The same thing is going to happen on Windows 10 with Microsoft planning to drop support for older Windows 10 builds after the Creator (#1703) update rolls out, starting with #1507 and #1511. If you rely on Windows 10 for software which may be sensitive to OS quirks, you are effectively down to a two years support window. I suspect this will give many companies reasons to look at older Windows versions or possibly alternative OSes for software they do not wish to constantly maintain and update.

 

[TwoSpoons100]

MS certainly have the resource to keep a few coders updating the old OS's - near as I can tell they made something on the order of 16 billion in profit last year. The world has been good to MS - would it really hurt that much to keep older systems, critical systems, running and safe?

 

[randomizer]

If you rely on Windows 10 for software which may be sensitive to OS quirks, you are effectively down to a two years support window. I suspect this will give many companies reasons to look at older Windows versions or possibly alternative OSes for software they do not wish to constantly maintain and update.

Considering how many "quirks" we've already seen with each update I agree.

 

[Karadjgne]

Just did the Creator update last night, so far everything seems to be running just as smooth as before, with the exception of Internet. That got fixed 5 mins later with a trip to MSI who believe it or not, actually put out an updated driver for my Z77 mobo, a week ago. Just for that reason. Kudos to MSI for that one. So far the only quirks I've found in Creator have been that superfetch and prefetcher were reinstated to auto, when I had them disabled.

 

[Gilles_2]

"For the sake of patient safety we have to run vulnerable and unsupported software on our computers"
I really hope a lot of decision makers gets the boot after this. Not only at the HSE but all other organisations who has leaders putting their networks at risk with this argument.

sadly no one cares, let's all blame software companies to not make perfect very complex softwares and to not maintain them for free for 100 years

 

[Gilles_2]

MS certainly have the resource to keep a few coders updating the old OS's - near as I can tell they made something on the order of 16 billion in profit last year. The world has been good to MS - would it really hurt that much to keep older systems, critical systems, running and safe?

I guess you have no idea how many developpers work on updates and how much work it is
if you are not happy with how Microsoft works, you can go on Linux, they also mutliple builds with short and long term support
and you won't have correction for 14 years old builds anymore, and you don't hear them complain, so guess who's wrong

 

[memadmax]

They are only doing it because this worm tries to reach out to any windows box it can, from any other windows box.

That means a single XP box can shutdown an entire local network of microsofts precious precious win10 boxes... Making it look bad. Which it should.

Microsoft gave the keys to the government, you all got the wool pulled over your eyes for your unquestionable loyalty to a company that is actively attacking you in any way available to it... Along with the government...

 

[-Fran-]

They are only doing it because this worm tries to reach out to any windows box it can, from any other windows box.

That means a single XP box can shutdown an entire local network of microsofts precious precious win10 boxes... Making it look bad. Which it should.

Microsoft gave the keys to the government, you all got the wool pulled over your eyes for your unquestionable loyalty to a company that is actively attacking you in any way available to it... Along with the government...

There's a silver lining worth mentioning there: I really don't think Bill Gates is a "government puppet" to the extent of doing it "for free". That is to say, if that is indeed the case (it was an intended "backdoor"), that is not "free" to develop. No Company in the world would develop something like that for free. There's a lot of money involved in making such a "feature" for an entire OS.

So, that being said, I'm still willing to think it's just a bug that's been in Windows for *all this time* that was found and kept secret for as long as possible and being actively exploited. And unless there's a way to prove the Government or any agency paid MS money for this development, it's... Ugh... Unfair for MS to say they knew about it.

Unfortunately for them though, there's no "upside" on this (yet?). This is one of those "lose/lose" scenarios for MS: you either look incompetent for not discovering this or you look as a "government puppet" to the public.

I'd hate to be in MS'es PR department now, haha.

Cheers!

 

[Guest]

So let me explain to brain washed people...here is what happened...Microsoft knew for years about this security threat but my guess is that they had a deal with NSA so they can explore it as they wish. Bullshit caught up with MS and NSA, some stole hacking tools from NSA (Who is your daddy) and found out about this security problem. Guess what, it was matter of time before computers get infected world wide. It just happens that all Windows versions XP, Vista, 7, 8, 8.1 and 10 are affected by this...no shit. Windows 10, 7, 8.1 were patched, unsupported releases were not but again it just happens that they are still million of people running older Windows versions. This is entire fault of those crooks at MS who knew about this all this time...but wait Windows 10 is the most secured Windows ever...yes my ass. You people are either brain washed and damn stupid if you believe into something else.