My 7/25/10 Missoulian column
Last week I covered some of Microsoft’s efforts to encourage users to upgrade from Windows XP, Microsoft’s operating system first released in August, 2001, and still used by hundreds of millions of people.
Due to security problems, Microsoft has had to support XP for years with security patches, costing the company lots of time, money and bad PR. That’s one of the unspoken reasons why Microsoft started offering a new option for users to drop XP and upgrade to the newest version of Windows called Windows 7.
The new option included with Windows 7 is an XP downgrade that will allow users to go back to XP if they really want to. (The other unspoken corporate thought must be “Upgrade to 7, and please, don’t downgrade to XP….”)
And that’s where it gets complicated and contradictory: there are two different versions of XP, and Microsoft is supporting and allowing downgrades to one while stopping support of the other.
The downgrade option that is sold with Windows 7 would take a user back to the final version of XP called Service Pack 3, or SP3. The contradiction is that a few weeks ago, Microsoft stopped issuing security patches for an earlier version of Windows XP called Service Pack 2.
Right now, XP SP3 is fully supported by Microsoft with monthly security and bug fixes, and will be for at least a few more years, as it is the final version of XP.
But XP SP2 is still used by millions. If you don’t have Windows automatic updates turned on, you’re more than likely running SP2, which is now DOA for security fixes.
And in a case of bad timing for Microsoft, last week researchers discovered a serious new security vulnerability in all versions of Windows, including XP SP2 and SP3, as well as the newest Windows 7.
So as of now, XP SP3 will be fixed, and SP2 won’t, leaving SP2 users vulnerable.
I think Microsoft is in for more bad PR over their decision, because I expect new attacks against XP SP2 computers. Think of it from a hacker’s point of view: Microsoft has stopped security fixes for XP SP2, and there are millions of SP2 users, so why not exploit them?
And I think Microsoft may find itself obligated to start issuing security patches again for SP2. And then it will be even harder for Microsoft to finally kill off XP.
This week in Mac Q & A: What’s a Good Disk Utility?