The question is, are they learning from this? Are they making the necessary changes in the VISTA code, or are they leaving it the same as they did in 2000 and XP? One would hope they would make the changes before they release VISTA.

...*sigh*

*sigh* For the sake of avoiding an argument, I'll answer the question--- Yes, they are making a lot of changes to security in Vista to stop/avoid these things. In the future, I recommend more frequent attention be given to tech news articles.

The troubled Windows XP. even after SP1 and SP2 still under siege after all these years. What will VISTA bring us ?

Read the article. This only applies to 2000 and XP SP1, and the article also says that it is very difficult to exploit it on XP SP1.

have to be an idiot if you run Winbloze SP1 0nly,

They are trying to put a little scare,and a few ideas in some people since Vista is around the corner.

I doubt that seriously... as it's been mentioned above, this threat only applies to SP1 and earlier XP systems, and Windows 2000 systems.

If you upgrade to SP2 (for free!), then you don't have to buy the Vista upgrade if you choose not to. Of course, there's always the option of Linux too, lol.

... Microsoft...

... Advice from JacenSolo ... Yeah, no reason to attack/flame him, since his advice speaks volumes for itself.

Before anyone says anything.. this doesn't apply to SP2 XP...

LOL no one above seems to have read your advice

and this is news? If you are a windows users you should know that you need to keep your system uptoday, have a firewall (windows firewall doesn't count), a good antivirus, and a backup of all your files.... and switch to linux or a Mac hehehehe

Um... why doesn't Windows Firewall count? Because its not a brand name? Its fine.

Do you even know who made the firewall for Windows? It wasn't Micrsoft I can tell you that much..

And its a well known maker of firewall software, so they would be very dissapointed in you basically saying that because its packaged with Windows its assumed inferior.. You would be severely mistaken. In fact, Windows built-in Firewall is better than probably the majority of other firewall software out there. Hardware firewall is the best, but as far as software firewalls, there isn't anything wrong with the one that's installed with Windows.

I dunno... I would have to disagree.

IMO, the Windows firewall IS inferior just because it is included with Windows. Because that means that everyone has it and it is the first thing crackers will target to find ways into the system.

The only problem with thw Windows firewall in XP SP-2 is there is no ability to customize the settings as is the case with third party products.

I don't know who actually made this program for Microsoft and I won't suggest that it sucks either. More information is needed to make any real judgments...

while im not going to argue with anyone, MS Firewall is actually not bad.. I have been using it (but I have SP2) and have had no issues for months.. And when I say months, im talking since SP2 was released, not sure how long that has been so I will just say months lol.. You can customize it to a point, with what you want to have net access, however, you cannot fine tune it like you can third party products. Overall however, it does work well.

I rely on the Windows Firewall all the time... well, that and my hardware router/firewall. I can't stand any of the 3rd-party programs. Most of them are very obtrusive and cumbersome to use.

Putting any firewall on the same machine as your OS is never a good idea - buy a $15 nat router and you'll get better protection and more flexibility.

A good firewall controls both incoming and outgoing traffic - I don't believe the Microsoft FW does outgoing but I would have to check that.

Except that it doesn't do anything for outbound traffic...

It does so.

Ever seen that nice little "block or unblock this program" dialog box? It's from Microsoft Windows Firewall and controls OUTBOUND traffic.

The WinFirewall is OKAY, but is nothing compared to Zonealarm, bullguard, norton (pffft) and McAfee.

I'll say it again:

Anyone who hasn't upgraded to XP SP2 yet deserves to get hacked.

Well...I must admit some people have good reasons, but I'm talking 3% of the market if that much. If vendors would provide free updates to their software for SP2 compatability I would agree.

That's true. The Roxio CD burning suite that came with my CD burner stopped working when I upgraded, and Roxio basically said "tough luck." No update, no patch, nothing. But there's plenty of free alternatives out there, and I immediately found one I could use without a problem. There may be exceptions, but there's almost always an alternative.

Yes, this includes Linux, Apple, Pre-Windows, Windows 2000 and Windows 98/Me/NT.. hehe..

Not true. 5.0 sucked anyway, you need some real burning software.. 7.0 works fine, however, Alcohol is way better than Roxio, or use Nero. I don't use that Roxi-Crap.

Neither do I. I have since bought a Plextor drive, and will be a Plextor customer for as long as they are in business. No one else has ever given me so much service after the sale like Plextor has, and their software is top-rate IMO.

Memorex has never failed me, my Memorex CDRW-1622 drive hasn't failed me yet, still using it in a Pentium 166 machine. (thats 2x write, 2x rewrite, and 6x read, bought it for $599 and used "NTI CD-Maker Pro" with Windows 3.1 when I first bought it!) My other Memorex drives work as well. DRAT! You got me off topic again!!!

Anyone that uses Windows deserves to be hacked.

right, and those who are not bright enough to use it without being hacked, deserve to be sodomized. //End Sarcasm

People getting hacked is normally due to failure to protect themself, opening emails they do not know where they came from for example. But then it is just regarded that MS sucks, while it was the users stupidity in the first place for not paying attention.

I use both Linux and Windows btw, nothing wrong with either of them, both are good, one has advanatages the other doesnt.

It's not the users fault, as Microsoft's OS isn't secure. By secure, I mean, the OS should FORCE you to run as a limited user... Lame a** Microsoft...

wincement you dedicated Microsoftphile give us a break. your comments are biased and dangerous

Judging from the other replies, you are apparently the only person who thinks this.

I really don't understand how my comment could make me sound like a "dedicated Microsoftphile." I was making a comment about one service pack on one OS that just so happened to be Windows.

So I guess if I say anyone who hasn't changed the oil on their car in the past 12 months deserves to have it break down, and the car happens to be a Honda Civic, that makes me a Hondaphile right?

This update has been out for over a year. ANY computer user who doesn't update their system for that long is asking for problems - no matter what the OS is.

By the way, did you have anything to contribute to the actual subject matter?

**EDIT**
Oh, and if you're interested, there's a comment just a little ways above this one where I'm criticising the Windows Firewall. I suppose that would make me an anti-MS troll too?

Does Linux force you to run as a limited user? No. It does exactly what it's told to by the user. If the user logs in as root, then it will log them in as root.

It's the same thing with Windows. Just because people are ignorant and don't know they should be running in a limited user account doesn't mean Microsoft is "Lame a**"

Wow. That IS and old drive. I can't imagine waiting for a 2X write CD anymore.

"DRAT! You got me off topic again!!!"

lol. To be fair, I was off-topic before you were. =p

i second that

So then, tell me... who's fault is it that users get a link on AIM or an email that THEY CHOOSE to click on ignoring the fact that the url is www.HACKMEJOOF3WL.com/virus.jpg.exe only to click Open, Run, Yes, etc and infect themselves? Is that Microsoft's fault for a user's ignorance of good, safe computing? Typical liberal viewpoint you got there... blame everyone but your own incompetence!

So, billions of people the world over DESERVE to be hacked, just because you said so? Can we quote you on that? Should we pass on your addresses so they can send you thank you letters/packages?

KDE (and Gnome I think) Will popup a nice little dialog box suggesting the user log in as a normal users, with a button to log off

And yes, if I download a file that infects my configuration, in places I shouldn't have write access, thats Microsoft's fault.

Technicly, the slower you write to a disk, the better :)

Limited User accounts aren't the panacea you think they are. Even rootkits can run in user mode, if not kernel mode.

Limited user account should limit what I can do (Aka, not allow me to use the registery, not allow me to install programs/drivers etc)

Sony's rootkit is a driver, and as such, shouldn't be able to be installed in Limited Mode. If MS wrote the OS correctly.... I dunno...

So let me get this straight...you want MS to:

* FORCE users to use limited users account
* limited users accounts should not be able to do anything.

So you'd like people to buy computers with windows but if they need anything done on it they should call MS for support...that's genius!! Why aren't you a billionaire yet??

Edit: BTW...at my company our users can't do a thing without calling support...windows can be as secure as you want, or as insecure as you want...how it's configured by default is a compromise between security and convinience for a typical home user.

Better in what way...the slower you write to a disk the better in terms of you're less likely to get a write error...but if I'm worth $50/hour and it takes me 2 hours to write the disk instead of 10 mins...is that still better? :)

Yes to the first one.

No to the second.

Limited user accounts should be able to run programs, nothing more. (Or Download/create and open files... Ordinary Windows tasks)

Users shoyuld be forced to do everyday tasks as a limited user and only switch to Admin mode to install/configure. This would stem the flow of "run at start up" virus', such as Sony's DRM... and also stem the flow of virus' that modify Explorer.exe. If it was like this, there would be very little virus' for Windows.

I think Microsoft should also do something about the ability to attach code to an existing program, like the explorer example above. But I can see some legit uses for this (such as patching)

It takes me 10minutes to write a 4.7gb DVD on 2x speed. How do you get 2 hours?

EDIT: And I said technicly, Not realisticly. I don't want my computer taking longer to burn then it needs to :P

I agree.

10 minutes at 2x my ass....... It takes over 30 mins at 2x about 17 at 4x about 9mins at 8x etc etc.....

OK, genius... How are they supposed to FORCE(Enforce?) the limited user login idea?

Following your method, if they attempted to login as an admin, they would be shot down and forced to use a limited user.

The only solution would be to never allow a console login as admin and only prompt for alternative credentials when attempting to install software. BUT WAIT! THAT'S EXACTLY WHAT THE PLAN IS FOR VISTA!

So then, all that considered... what happens when Johnny is running as his limited user, wants to install a program, uses the alternate credentials to gain admin rights for that install, proceeds along, and OH CRAP! IT INSTALLS 180degrees along with VX2 and CoolWebSearch spywares along with it, because the app installed was a P2P app... He still gets infected because of his own ignorance to what many P2P apps do. Or what about when he runs that Sony CD and it forces him to do the same process to install their player software? It would still install the DRM Rootkit, and ultimately still leave people like you to post rants on BetaNews.

The bottom line, it's the USERS who cause many of their own downfalls. They don't take time to actually LEARN how to configure, use, and maintain their PC's responsibly. It's the tech support people that is responsible for not teaching them due to their own overworked schedules and the "I don't want to know what's wrong, just fix it" mentality of users.

Microsoft and other companies can and do all they can as needed to prevent these issues. But as long as users continue to expect functionality and performance in preference over security and stability, these problems will always exist.

Linux, btw, is not always a panacea either. On Fedora Core 3 and 4, logging in as root offers a prompt in Gnome one time that it is unsafe to do so... after that, you never see it again. So what happens when you're the family on a shared system... Dad logs in that first time, ignores it, and everyone else doesn't know better?

Next time you post, I hope a little more thought has been put into it besides just your own perspective and opinion. Let us know when you've had to deal with real, average users day-in-and-day-out that come to you for the same problems over and over because they didn't pay attention to your advice the first time.

As for the comment about code attaching... I think you fail to understand the concept of DLL's, plugins, and extensions.

*sigh*

Microsoft are doing nothing to stem the flow, if anything, they are encouraging it.

"The only solution would be to never allow a console login as admin and only prompt for alternative credentials when attempting to install software. BUT WAIT! THAT'S EXACTLY WHAT THE PLAN IS FOR VISTA!"

Pfft, Vista is only beefed up XP.

"Microsoft and other companies can and do all they can as needed to prevent these issues. But as long as users continue to expect functionality and performance in preference over security and stability, these problems will always exist."
Proformance and stability are the same thing...

"Linux, btw, is not always a panacea either. On Fedora Core 3 and 4, logging in as root offers a prompt in Gnome one time that it is unsafe to do so... after that, you never see it again. So what happens when you're the family on a shared system... Dad logs in that first time, ignores it, and everyone else doesn't know better?"

Um... Fedora is total crap IMO. So manythings are wrong with that Distro that I hate it more then I hate Windows.

"As for the comment about code attaching... I think you fail to understand the concept of DLL's, plugins, and extensions."

I think you fail to understand the concept of Windows updates.

"Or what about when he runs that Sony CD and it forces him to do the same process to install their player software? It would still install the DRM Rootkit, and ultimately still leave people like you to post rants on BetaNews."
No, Cause Windows will complain about being unable to write to the location and shut down the program

"Following your method, if they attempted to login as an admin, they would be shot down and forced to use a limited user."

More like, Windows should only allow 1 admin user, and popup nice little warnings every 5 minutes or so... If users ignore these warnings TEHN it's their fault. If those Warnings don't appear, it's Microsoft's fault.

"Linux, btw, is not always a panacea either"
No idea what you just said...

"Microsoft are doing nothing to stem the flow, if anything, they are encouraging it."

I don't understand what that means...stem the flow of what? Encourage the of...what, spyware? That's like me saying

'honda is doing nothing to stem the airflow, if anything they are encouraging it.' go find the meaning to that...

"Pfft, Vista is only beefed up XP."

Wow...you really should read up on Vista before making commets like that...

"Proformance and stability are the same thing..."

Uhm...no, it's not, I can have a rock solid app that's as stable as a brick but runs dogs slow...

"I think you fail to understand the concept of Windows updates."

I think you fail to understand alot of things about windows and the general computer user base...

"No, Cause Windows will complain about being unable to write to the location and shut down the program"

I like how you completely ignored his comment about users logging in as "admin" to install an application and the application happens to install spyware...

More like, Windows should only allow 1 admin user, and popup nice little warnings every 5 minutes or so... If users ignore these warnings TEHN it's their fault. If those Warnings don't appear, it's Microsoft's fault."

If windows popped up a warning every 5 minutes when I'm logged on as admin, I would throw my pc out of the window...

Anyway...like I said before, you can make windows as secure or as insecure as you want, the default configuration is a COMPROMISE between security and usability...Vista will change it so it favors security a little more, but it's still needs to be a compromise for the home user. In the office, users can't do anything on their XP mahines that's not specifically allowed by us...like I said, it can be as secure as you want it to be.

Maybe I was exagerating a little about the 2 hours, but no way it takes you 10 mins to write 4.7gb at 2x. You need a new stop watch the one you're using is broken...takes me over an hour at 1x (yea yea, I need a new burner)...so at 2x it'll take me half that...half of one hour is not 10 mins on planet earth...:)

"Wow...you really should read up on Vista before making commets like that..."

Ever since Windows 95, Microsoft have only enhanced (beefed up) the OS.

"stem the flow of what?"
... Viruses....

"I like how you completely ignored his comment about users logging in as "admin" to install an application and the application happens to install spyware..."
Then the Spyware only runs for the admin user O.o...

"If windows popped up a warning every 5 minutes when I'm logged on as admin, I would throw my pc out of the window..."
Good :) That'd be one less computer vunerable to viruses.

"Anyway...like I said before, you can make windows as secure or as insecure as you want, the default configuration is a COMPROMISE between security and usability...Vista will change it so it favors security a little more, but it's still needs to be a compromise for the home user. In the office, users can't do anything on their XP mahines that's not specifically allowed by us...like I said, it can be as secure as you want it to be."
IN YOUR OFFICE, YES. But it's the ignorant home user that spreads the viruses.

Right now, I really couldn't care about spyware/adware. The only thing I want to see gone, for now, is Windows viruses. To do that, Windows has to be more secure BY DEFAULT.

If Vista worked in a limited user model, then I might give it a try. Can anyone tell me if it does? (with what little info there is ATM :P)

Thanks... you pretty much summed up all I needed to say to his post, and therefore, I don't have to waste any more time on the troll.

"Ever since Windows 95, Microsoft have only enhanced (beefed up) the OS"

lol...you're joking right? 95 and XP is like night and day.

"... Viruses...."

The only way to stop viruses is to cut down the user base of the OS to the point where it's not worth writing a virus for (kind of where linux is at right now...).

"Then the Spyware only runs for the admin user O.o..."

The spyware only runs for the admin user and the admin has full rights to the machine...you do the math...

"IN YOUR OFFICE, YES. But it's the ignorant home user that spreads the viruses."

Exactly...by your logic "normal" people shouldn't be able to drive cars...that'll stop all the accidents from happening.

"Right now, I really couldn't care about spyware/adware. The only thing I want to see gone, for now, is Windows viruses. To do that, Windows has to be more secure BY DEFAULT."

Nope...like I said, to STOP viruses completely the only way to do it is to stop people from using computers...people can make viruses for anything, they'll find a hole...trust me. Linux will be just as vulnerable to viruses (I don't care how secure you THINK it is in your fantasy world)...if the linux user base was as large as windows' then you'd see just as many viruses for it...

Referring to the Windows 95 to XP...remember, Windows 9x/Me build on Windows 95, while Windows 2000/XP build on Windows NT 4.0, so in that respect, Jacen may be correct. However Vista has deviated from the NT core significantly compared to the change between 2000 and XP. So...no, XP is not built off of Windows 95, but built off Windows 2000 (which was built off NT 4.0 and not 98SE or whatever).

"Ever since Windows 95, Microsoft have only enhanced (beefed up) the OS."

NO. What are your credentials? (I'm a network admin, Internet consultant/tutor with over 11.5 years of Internet experience at about ~200 hours a month.) I've been reading your comments for some time and I've seen a lot of ignorance. The NT line (including 200x) uses a different kernel (an actual multitasker rather than a task switcher) then does the 3.x and 9x lines (both have DOS kernels) do.

"Then the Spyware only runs for the admin user O.o..."

This comment is so lame that I can't take you seriously. If the reason one isn't supposed to run as admin is that the admin account has full control of the computer, then how would spyware only run for the admin user and none others? Please think through your logic before posting.

"Right now, I really couldn't care about spyware/adware. The only thing I want to see gone, for now, is Windows viruses. To do that, Windows has to be more secure BY DEFAULT."

You really couldn't care? Malware is one of the worst problems online. No one in a cyber-security position (such as a network admin) can afford to ignore the issue. Windows most definately does need to be more secure by default. Microsoft has improved a lot, however, it's still WAY behind.

What really needs to be addressed are how to handle zero-day exploits and user training. Anti-virus and anti-spyware programs can't protect you from zero-day attacks if they only use signatures. And the average user doesn't know much beyond reading email and browsing the Web somewhat. My opinion is that people should have to take a class before being allowed online. That would handle the basics.

"My opinion is that people should have to take a class before going online"

lol...kind of like a driving school? :) And if symantec finds spyware on your machine you get a ticket and you get an internet insurance hike for 3 years, but you can take one internet security class once ever few years that will erase your spyware points. :)

It's Windows. It doesn't matter what it's based on, it's till evil.

Through, I'll admit that I like the NT line better then the 9x line, but it's nothing compared to BSD, MacOS, Linux, and MSDOS ;)

Linux is NOT a small userbase. Ignorance.

My linux is unexploitable. Why? Cause, as a limited user, I can not write to system config files. I can not format partitions. I can do harm the computer.

I only use Root to install what I trust. And then only if it's open source (the ONLY exception is real player... for now...)

Another reason MS sucks... it's closed source...