Last week was a strange week for Microsoft. In the news anyway. First we have this story in eWeek’s Microsoft Watch.
Today, April 8, a jury found that Microsoft infringed on Uniloc patents for product activation. Microsoft uses the technology to protect its software from theft. Who’s stealing from whom?
So Microsoft (allegedly) stole their product activation technology? Oh the irony!
And then there was this reminder in PC Authority about the impending “end of support” for Windows XP. Today.
Windows XP will pass another milestone on the road to retirement next week when Microsoft withdraws mainstream support for the operating system. While the company said that it will continue to provide free security fixes for XP until 2014, any future bugs found in the platform will not be fixed unless customers pay for additional support.
Mainstream support for XP will end on 14 April 2009, over seven years after the operating system originally shipped.
So not only does this put Microsoft in the bizarre position of no longer having mainstream support for it’s most widely used product (XP accounts for 63% of all internet connected computers compared to Vista at 24%) but how exactly does that square with this article in AppleInsider wherein it is revealed that Microsoft is going to allow HP to ship systems with XP installed instead of Windows 7 until April 30 2010?
The announcement hasn’t been made publicly, but AppleInsider can exclusively report that according to a source within Hewlett Packard, Microsoft has granted the PC giant an extension to its existing rights to continue selling the nearly eight year old Windows XP on the company’s business desktops, workstations, and notebooks in place of Windows 7 for another year.Microsoft isn’t excited about the XP extension, as the internal communique provided by the source stated, “It’s important to remind customers that Microsoft are still planning to retire XP Pro Mainstream support on April 14th 2009 and will only provide OS security updates beyond that date unless the customer has an Extended Hotfix Support contract. MS Extended Support for XP Pro ends on April 8th 2014.”
Yeah, I’ll bet they’re not too excited. XP is truly worthy of the Security for All “Energizer Bunny” award.
Finally to cap it all there was this bit of blameshifting reported by the Register.
Microsoft has blamed common third-party desktop applications, rather than Windows, for the majority of security threats in a new report.
The latest edition of Microsoft’s Security Intelligence Report suggests that “nearly 90 percent of vulnerabilities disclosed in the second half of 2008 affected applications”. It reckons hackers have shifted their attention to applications in response to improved security of operating systems, including Windows. The overall number of security vulnerabilities went down, but the number of high-risk flaws rose by 4 per cent, according to Redmond’s security researchers.
Well Duh! As a bona fide, certified (and possibly certifiable – but I digress) Microsoft Developer – I have an MCSD – I can tell you exactly where we who build those insecure third party desktop applications learned how to do it. That’s right folks, go back to your old, say circa 2000 or so, MSDN documentation wherein you can find some of the best examples of how to build code that is incredibly vulnerable to injection attacks and buffer overflows. Those were the days. It’s taken me years to learn how to write more secure code, and in the meantime I’ve gotten plenty of practice fixing tons of inherited code. Much of which was copied directly from the original example code in MSDN. As you can imagine my employers have been somewhat reticent (more like violently opposed) to completely rewrite these applications so like every other Windows developer, I’m stuck with fixing only the stuff I find in the course of updating the code. If it’s egregious enough.
But I’m willing to put up with a little blame directed my way by the Redmond folks. As long as I can keep using Windows XP. While my inner ethicist ponders the morality of protecting a product with stolen technology. A strange week indeed.
