• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Microsoft chooses to leave Windows 2000 out in the open...

J

Joe Average

Ad Blocker - Banned
Joined
Apr 6, 2008
Messages
15,459
http://www.computerworld.com/s/arti...ching_Windows_2000_infeasible_?taxonomyId=125

That's not a very good practice considering Windows 2000 still has support through July 2010. Anyone out there still using Windows 2000 in a production environment or even in a home situation that relies on it would do very well to read that article, and if necessary, voice your concerns and opinions to Microsoft.

I have to say it's a pretty weird move on their part, and I'll bet if enough stink is made about it, we'll see a proper patch soon.
 
Makes sense to me:
"The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix. To do so would require re-architecting a very significant amount of the Windows 2000 SP4 operating system, not just the affected component. The product of such a re-architecture effort would be sufficiently incompatible ... that there would be no assurance that applications designed to run on Windows 2000 SP4 would continue to operate on the updated system."
Click to expand...
It kind of "parallels" the fact that backporting DirectX 10 to XP would have required a major overhaul of the OS, although the thread title wouldn't suggest it was this complicated. :p
 
2000 is long past retirement.

A business can only support products for so long before it becomes uneconomical to continue. Even giving as much support as they can through 2010, is mind blowing to me, that's an incredible amount of time for a business to devote resources to an aged platform.
 
It's like a safety bulletin was issued on an out of warranty vehicle. At this point the manufacturer isn't going to fix it for you since it is out of warranty, but it will let you know there is a potential security issue. God lord Win 2000 is on SP 4 lol...if that isn't support I don't know what is. Eventually all good things must come to an end.
 
riot8ap said:
It's like a safety bulletin was issued on an out of warranty vehicle. At this point the manufacturer isn't going to fix it for you since it is out of warranty, but it will let you know there is a potential security issue. God lord Win 2000 is on SP 4 lol...if that isn't support I don't know what is. Eventually all good things must come to an end.
Click to expand...

NT 4.0 ended with Service Pack 6/6a. ;)
 
While I agree that things do come to an end, Microsoft committed to supporting Windows 2000 through July 2010 and I think they need to live up to that commitment, regardless. They'll figure something out at some point...
 
Honestly, I think it's pretty hilarious how folks in that article are all up in arms about this issue. Some of the better quotes are:

Andrew Storms said:
[That's] more proof that Windows 2000's network stack was not in good shape
Click to expand...
Welcome to 1999 genius!

Andrew Storms said:
And there are companies out there that haven't, perhaps because they have applications that won't run on anything but Windows 2000
Click to expand...
If a business relies on software that only runs on Win2k, then tbfh they deserve to go out of business.

Not sure if Andrew has does his business any favors coming up with those lines.

Sure, they said they would support Win2k till 2010, but that was before they found out that they need to install a new engine into a sinking ship. What's the point? Instead what they should do is offer those who still run Win2k a free copy of Win2003 which is most likely going to be compatible with whatever is running on Win2k, and maybe a couple three free service calls.

Patching Win2k is wasted effort and I'd be surprised if MS would actually do that. IMHO their resources are better spend elsewhere.
 
Sounds like if they tried fixing it, they would probably unintentionally break more than they fixed.
 
bigdogchris said:
Sounds like if they tried fixing it, they would probably unintentionally break more than they fixed.
Click to expand...
Exactly. Just as they couldn't fix all the holes in the Win9x kernel, there's a point with this stuff where it's literally more trouble to fix it than not.
 
I know everyone's on the Vista/7 bandwagon at 150 mph....obviously people need to get with the program and ditch old OS's eventually.

But I still don't like Microsoft's answer (and agree with Joe Average).

answer: "We will continue to provide updates for Windows 2000 [and XP] while it is in support unless it is not technically feasible to do so."
Click to expand...

Soooo...... You'll support it like you are supposed to, unless it's too much trouble or costs a bit too much money/effort.......then screw you??

Bad answer.:mad:
 
Well, monkey34, what would you say are the limits then? How much should MS be willing to spend in developer-hours and money and tester-hours to fix any particular issue on an OS as old as Win2K and XP? Fixes for these issues on these OSes may require signficant rearchitecturing of the relevant subsystems, and significant testing etc. Not worth it in all cases. That's how I see it, anyway.
 
Monkey34 said:
I know everyone's on the Vista/7 bandwagon at 150 mph....obviously people need to get with the program and ditch old OS's eventually.

But I still don't like Microsoft's answer (and agree with Joe Average).



Soooo...... You'll support it like you are supposed to, unless it's too much trouble or costs a bit too much money/effort.......then screw you??

Bad answer.:mad:
Click to expand...

I wouldn't say it like that. You're taking it out of context.

An example of technically unfeasible would be DirectX10. Microsoft would have to redo the entire multimedia and graphical structure of XP to get DirectX10 to work on it. When they're finished, you might as well call it Vista (or 7).

That's not a "screw you". That's a "it's impossible without rewriting the entire OS".
 
devil22 said:
Well, monkey34, what would you say are the limits then? How much should MS be willing to spend in developer-hours and money and tester-hours to fix any particular issue on an OS as old as Win2K and XP? Fixes for these issues on these OSes may require signficant rearchitecturing of the relevant subsystems, and significant testing etc. Not worth it in all cases. That's how I see it, anyway.
Click to expand...

True and while I agree with MS that fixing this is a moot point due to the amount of work apparently involved, I do have to ask what's so different between Windows Server 2003 and Windows XP? They fixed 2003 without much trouble.

So why is one easy to patch and the other so hard when they both originated from the same code base?
 
Vermillion said:
True and while I agree with MS that fixing this is a moot point due to the amount of work apparently involved, I do have to ask what's so different between Windows Server 2003 and Windows XP? They fixed 2003 without much trouble.

So why is one easy to patch and the other so hard when they both originated from the same code base?
Click to expand...

Hard to speculate since only MS knows. Maybe they don't have a legit reason, but I find it hard to believe they'll take the negative press for this for no reason, or to boost win 7 sales when that OS looks likely to be a hot seller anyway.
 
It seems clear that if they tried to fix it, it would cause more things to not work due to incompatibilities and the reason for many people sticking with 2000/XP would thus be broken.

So its not about money, time, or effort...its about what is possible with the ground work that was already laid out. Seems simple enough to me and seems like MS is doing what they can. They are confronting it face first as well, I fail to see how that is ignoring it or sweeping it under the rug.
 
It makes sense. 2000 and XP are very similar kernels, so what's unfeasible on one should be unfeasible on the other. Also, Grentz has it right - it's not as simple as fixing the bug, there's all kinds of regression issues to worry about.
 
Arainach said:
It makes sense. 2000 and XP are very similar kernels, so what's unfeasible on one should be unfeasible on the other. Also, Grentz has it right - it's not as simple as fixing the bug, there's all kinds of regression issues to worry about.
Click to expand...

But then how can microsoft say that 2000 and XP are supported products? How is it a supported product if they don't patch a critical security flaw?
 
Man what a bunch of whiny douchebags. MS says, "the fix will break your other programs due to how things need to change to fix the hole", you guys seem to take it like they said "its to hard so we wont bother".

At this point fixing the hole is like curing a hangnail by cutting off the hand, it is a fundamental flaw in the base of the network code, nothing short of a ground up rewrite will fix it.
 
Eva_Unit_0 said:
But then how can microsoft say that 2000 and XP are supported products? How is it a supported product if they don't patch a critical security flaw?
Click to expand...

Easy, software code any offending ports closed and write a blocker for offending packet headers.

Sure it might break a ton of programs but it fixed the exploit.
 
I am not saying that MS should leave the problem stand without any offer of assistance. The best thing they could do is offer a % off on an upgrade to a newer version of the OS, Server 2009 etc.
 
Eva_Unit_0 said:
But then how can microsoft say that 2000 and XP are supported products? How is it a supported product if they don't patch a critical security flaw?
Click to expand...
They patch everything that's technically feasible to patch. As things age, sometimes the solution is to buy a newer product.
 
Nanan said:
I am not saying that MS should leave the problem stand without any offer of assistance. The best thing they could do is offer a % off on an upgrade to a newer version of the OS, Server 2009 etc.
Click to expand...

Chances are if people are running 2000 on a machine, the machine is much to old to run 2008/9 well enough.

Hell, our app servers are still win2k and there is no way those server will run a newer OS well. We would need all new servers to do it. A break in the cost is fine but that doesn't solve any issue.

Now I understand we are behind and need new servers BADLY (I need ASP 3.5 support badly) but new servers = $$$ so thats why we and lots of other are still using 2k. We need to move on, we just can't.
 
Our shop runs a few Win 2000 machines, the print server and 3 of the 4 CNC machines.

The cost to upgrade the CNC machines would be over $25k each all said and done, not worth it right now, they will run till they die. The CNC only have access to the file depot, they have no outside access so security isn't an issue.

We have a problem with the print server, specifically drivers issues with our big old Xerox 8800 printer, Win 2000 was the last set of drivers made for this printer and the drivers do not work on anything else even in compatibility mode, we even tried W7 RTM. So well the machine sits running the big CAD Plotter until management decides that dropping $20+k for a new large format plotter/scanner is in the budget.
 
Arainach said:
They patch everything that's technically feasible to patch. As things age, sometimes the solution is to buy a newer product.
Click to expand...

Do you really think that's a good attitude for a company to have about a supported product? I understand that products become outdated. If someone was complaining about an unfixed security hole in windows 98, then yes, your advice is sound. Time to move on. But for ms to simultaneously say "win2k is a supported product until June 2010" and "sorry guys we won't/can't fix a security hole you have to buy a new product" seems a bit odd to me.

That's like if honda had a safety problem with the airbags in some older-but-still-warrantied civics and they told the owners "well your civic is under warranty until 2010 but in order to fix the problem we'd need to redesign a substantial portion of the airbag. So we're not going to fix it and if you want a working airbag you need to buy a new car."
 
A better analogy would be honda redesigning and issuing out door lock upgrades because someone figured out how to pick the lock, on a 9 year old car. I doubt that's going to happen...
Besides, if you run a firewall you should be ok (if I understand the issue correctly.)
 
Eva_Unit_0 said:
Do you really think that's a good attitude for a company to have about a supported product? I understand that products become outdated. If someone was complaining about an unfixed security hole in windows 98, then yes, your advice is sound. Time to move on. But for ms to simultaneously say "win2k is a supported product until June 2010" and "sorry guys we won't/can't fix a security hole you have to buy a new product" seems a bit odd to me.
Click to expand...

My question is this...

So Microsoft takes a few months to develop this fix and they release it in say January (idk just speculating), then as MS stated it breaks waaaay more than it fixes and MS spends the next 6 months looking into the mountain of problems and maybe fixes a few, but for the most part the issues is still waaay unresolved.

So now its June/July 2010 and MS says buhbye to 2000 support (since you knew it was coming) and all the stuff that their major overhaul broke is still broke and all the customers have to upgrade anyway cuz their stuff wont work and MS just discontinued support?

My opininon...

A) Live without it and your software runs the way it should, but risk being compromised...
B) Have MS fix it and gamble your stuff doesnt work and never will again on 2000, so you upgrade...
C) Srsly just freakin upgrade...

Just a thought...
 
Last edited:
devil22 said:
A better analogy would be honda redesigning and issuing out door lock upgrades because someone figured out how to pick the lock, on a 9 year old car. I doubt that's going to happen...
Besides, if you run a firewall you should be ok (if I understand the issue correctly.)
Click to expand...

no that's not a better analogy because a 9 year old honda wouldn't be under warranty but win2k is a supported product. And if honda did discover a flaw in their door locks that made them easily breakable, do you not think they would be obligated to fix them on warrantied vehicles? It would be pretty shitty if they didn't.



brokenarrow03: you're diving into a bit of a slippery slope argument here. Maybe I'm misinterpreting the article, but Microsoft didn't say it would break everything. They just said it was a possibility and something they'd have to be careful of. The main reason for not fixing it was because it was a lot of work.

Also, as mentioned earlier in the thread windows xp is also being left out of this fix. Windows xp is a supported product until 2014. Do you think its okay to leaved unfixed security issues 5 years before the product's support is ended?
 
Eva_Unit_0 said:
no that's not a better analogy because a 9 year old honda wouldn't be under warranty but win2k is a supported product. And if honda did discover a flaw in their door locks that made them easily breakable, do you not think they would be obligated to fix them on warrantied vehicles? It would be pretty shitty if they didn't.



brokenarrow03: you're diving into a bit of a slippery slope argument here. Maybe I'm misinterpreting the article, but Microsoft didn't say it would break everything. They just said it was a possibility and something they'd have to be careful of. The main reason for not fixing it was because it was a lot of work.

Also, as mentioned earlier in the thread windows xp is also being left out of this fix. Windows xp is a supported product until 2014. Do you think its okay to leaved unfixed security issues 5 years before the product's support is ended?
Click to expand...

This is a very gray area. I'd rather having a fully working machine then one that may fail due to the patch. I'd just ensure that I did everything in my power to make sure that the system was protected in some way by a firewall. Part of the problem here is this is an security hold that isn't going to be readily open for exploitation.

My earlier comment still stands though especially for XP: Windows Server 2003 was patched without any grief. XP and 2003 are more or less the same code base. It would be nice to know what's different between the two to make XP harder to patch then Server 2003.
 
The article didnt say anything about XP being unpatched? did it? quotes?

Eva_Unit_0: Its like Vermillion said, its not that it WILL break anything, its the potential to break things with such a change...

The product of such a re-architecture effort would be sufficiently incompatible ... that there would be no assurance that applications designed to run on Windows 2000 SP4 would continue to operate on the updated system."
Click to expand...

And I somehow doubt that this would be one of those patches that you could "roll back", maybe IDK for sure...I just guess that with such major changes happening the potential for trouble seems to outweigh the risks...
 
Joe Average said:
http://www.computerworld.com/s/arti...ching_Windows_2000_infeasible_?taxonomyId=125

That's not a very good practice considering Windows 2000 still has support through July 2010. Anyone out there still using Windows 2000 in a production environment or even in a home situation that relies on it would do very well to read that article, and if necessary, voice your concerns and opinions to Microsoft.

I have to say it's a pretty weird move on their part, and I'll bet if enough stink is made about it, we'll see a proper patch soon.
Click to expand...

A few people already have it right on this thread. It's not that they don't want to support it. It's that the restructuring of the TCP/IP stack necessary to implement the needed fix is just too huge and risky to consider.

The value of rebuilding a key component of a near end-of-life OS with all of the inherent application compatibility and other risky implications is just too huge. It's akin to tweaking your 1999 Honda Accord engine until you realize that the only way to get more out of it (or, in this case, to fix it in a way that it needs) is to completely replace it with a 2009 engine.

The intricacies of doing this sort of overhaul are just too large. Any engineering firm knows the limits.
 
Eva_Unit_0 said:
http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patches_for_you_XP

There's the article about xp. It was posted earlier in the thread.
Click to expand...
You're still missing the point. This is as if someone filed a bug and said "your Honda Civic can't put out 400 horsepower". It's a fundamental design architecture. Even if they could rip out and replace the engine, they'd have to change the transmission, suspention, frame, etc. and end up with a new car - a new car that wouldn't be guaranteed to work with your old spark plugs, radio, or accessories. It would cause more problems than it would fix.
 
dugn said:
A few people already have it right on this thread. It's not that they don't want to support it. It's that the restructuring of the TCP/IP stack necessary to implement the needed fix is just too huge and risky to consider.
Click to expand...

Don't disagree with you.

Taking a devil's advocate POV, however, one could see M$ looking to use this news as an excuse to make everybody move to the latest version of Windows.

At least W7 doesn't suck as badly as Vista did for me.
 
Satyrist said:
Don't disagree with you.

Taking a devil's advocate POV, however, one could see M$ looking to use this news as an excuse to make everybody move to the latest version of Windows.

At least W7 doesn't suck as badly as Vista did for me.
Click to expand...

What would we DO without your baseless speculation, and childesh misspellings... please give us more of your wonderful insight.
 
Arainach said:
You're still missing the point. This is as if someone filed a bug and said "your Honda Civic can't put out 400 horsepower". It's a fundamental design architecture. Even if they could rip out and replace the engine, they'd have to change the transmission, suspention, frame, etc. and end up with a new car - a new car that wouldn't be guaranteed to work with your old spark plugs, radio, or accessories. It would cause more problems than it would fix.
Click to expand...

No, it would be like someone filing a bug saying "my honda civic doesn't put out 120 horsepower like its advertised because there's a flaw in the engine design" and then havinng honda say "well to fix it we'd have to redesign most of the engine, and even though your car is under warranty, you're just SOL."

No one is asking new or unrealistic functionality to be added to win2k or xp. They are asking for a security flaw to be fixed. And I understand the fact that xp is a very old codebase, but that's what microsoft gets for taking 6 years to release vista. We can go on and on about how xp is outdated and stuff like that, but the truth is that it is still, by far, the most popular version of windows, and up until just 2 years ago it was microsoft's flagship product.

My university I graduated from in December still uses xp on all its machines. So does my girlfriend's university. So does my company. So do a ton of companies and universities. As much as you guys want to act like windows xp is an archaic, obsolete operating system the truth is that xp is still pretty much a mainstream product from microsoft. It may be old, but there has only been one other os to come out of redmond in the past 8 years (win7 isn't officially out yet).
 
I don't think you can equate warrenty to supported, anyway. Unlike with a warrenty, MS is not legally obligated to fix the software (no software developer is), therefore it's their choice and they said no because it's too much work and could break too many things.
 
devil22 said:
I don't think you can equate warrenty to supported, anyway. Unlike with a warrenty, MS is not legally obligated to fix the software (no software developer is), therefore it's their choice and they said no because it's too much work and could break too many things.
Click to expand...

oh, well yeah, I'm not arguing that they have any legal obligations. It's their software and they can do whatever they want, I guess. I'm just saying that given how ubiquitous xp still is, especially in the business and educational worlds, it seems irresponsible to just give up like that.

And to their defense the hole is a lot less severe on xp due to the windows firewall. But still--if I was a sysadmin at a company or a school I'd be very mad that my "supported" systems had an unpatchable security hole blocked only by a stopgap solution.
 
You must log in or register to reply here.
Back
Top