Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

Win XP past Apr 2014... (was: Will XP be supported until 2019?)

- - - - -

  • This topic is locked This topic is locked
110 replies to this topic

#101
the xt guy

the xt guy

    Member

  • Member
  • PipPip
  • 102 posts
  • OS:XP Pro x86
  • Country: Country Flag

Donator

The last official updates for Windows 2000 were released last year, 3 years after EOL, and were distributed inside the monthly security ISO update packages. Apart from that, a few more non-public official updates were leaked.

In case of Windows XP I'd expect at least regular official updates until July 2015 (when Windows 2003 is becoming EOL). After April you should definitely check the monthly ISOs available under this link:

Security updates are available on ISO-9660 DVD5 image files from the Microsoft Download Center

Just keep in mind that Microsoft will not mention the existence of those updates in their official news channels. As in case of Windows 2000, the updates can be found inside those ISO packages even though Windows 2000's name itself isn't listed there at all.

More than that, due to the fact that Windows XP is much more popular than Windows 2000, I'm 99% sure that a lot of non-public updates will be leaked as well.

 

I've downloaded 6 different months from the archive discussed above (starting with August 2010 and into 2011) and there are no Windows 2000 updates to be found at all. Each archive contains levels of folders with updates sorted by OS and language. There are folders for all the post W2K OS updates ( Vista, Win 7, 8, Server 2003 and 2008) but not a single folder in any archive for 2K updates, Not a single individual 2K update I can find anywhere in the August 2010 and year 2011 archives I have extracted.

 

Tomasz86, you said that MS produced W2K updates for 3 years after EOL for 2K (which was July 2010. Then there should have been MS privately issued updates for 2K until June 2013-I realize not every individual month will have updates.). I cannot find any of them in the half dozen archives I have checked.

 

(I can clearly remember, there were no updates issued in July 2010 for 2K but quite a few were issued in August 2010 for XP. I would think at least some of those would have applied to 2K but only available privately to those corporations who paid for the continuing post-EOL support.)




How to remove advertisement from MSFN

#102
dencorso

dencorso

    Adiuvat plus qui nihil obstat

  • Super Moderator
  • 5,793 posts
  • OS:98SE
  • Country: Country Flag

Donator

The last official updates for Windows 2000 were released last year, 3 years after EOL, and were distributed inside the monthly security ISO update packages. Apart from that, a few more non-public official updates were leaked.

 
I've downloaded 6 different months from the archive discussed above (starting with August 2010 and into 2011) and there are no Windows 2000 updates to be found at all. [...]

 
With all due respect to you, the xt guy, I do fail to see your point... please follow me:

Did you download every single .ISO corresponding to the 12 months of 2013 (the year mentioned by tomasz86) and check inside it?  No.
You downloaded instead just some .ISOs from 2010-2011 and hit jackpot 6 times (as in there *wasn't* any Win 2k update in any of them).
Does that disprove in any way what tomasz86 said? No.
Did tomasz86 say the Win 2k updates, if and when present, were non-public? No.
Are security updates non-public updates? No.
All tomasz86 said was that some non-public Win 2k updates were leaked in episodes not necessarily ( -- in fact: not at all --) related to the security update .ISOs.
And, last but not least, tomasz86 said was that "the last official updates for Win 2k were released last year, 3 years after EOL", but he did *not* say nor imply MS released continuously official updates for Win 2k galore, up to 3 years after EOL.



#103
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,510 posts
  • OS:XP Pro x86
  • Country: Country Flag
@the xt guy You don't need to manually check all the ISOs. Just go to my website and have a look at the HFSLIP Updates List. You will find the official updates released after EOL by searching for "post-EOL" and "-custom-" (at least those released specifically for Windows 2000 since there exist also many others such as the new updates for MSXML that apply both to 2000, XP and 2003).

Edited by tomasz86, 23 February 2014 - 11:13 PM.

post-47483-1123010975.png
Unofficial Service Pack 5.2 for MS Windows 2000 <- use this topic if you need help with UURollup, Update Rollup 2 and other unofficial packages

#104
JodyT

JodyT

    Member

  • Member
  • PipPip
  • 235 posts
  • OS:none specified
  • Country: Country Flag

@the xt guy You don't need to manually check all the ISOs. Just go to my website and have a look at the HFSLIP Updates List. You will find the official updates released after EOL by searching for "post-EOL" and "-custom-" (at least those released specifically for Windows 2000 since there exist also many others such as the new updates for MSXML that apply both to 2000, XP and 2003).

 
I actually found the last ones but they were just for IE6 SP1 (I think it was Novemeber 2012).  So they're there.  This isn't something Microsoft should keep close to it's chest though.  This should be something that's well known.
 
Additionally, there should have been way more updates if this were a comprhensive set of hotfixes.  Being that XP and 2KPro share a wealth of similarities, you'd figure that the same vulnerabilities would need patching.
 
A couple of posts ago, I was told that I seemed unable to be reassured that running an unsupported OS would be safe.  One thought that occurred to me since that time tomasz86.  Do you still perform online banking and other secure stuff online with Windows 2000?

#105
JodyT

JodyT

    Member

  • Member
  • PipPip
  • 235 posts
  • OS:none specified
  • Country: Country Flag

Did tomasz86 say the Win 2k updates, if and when present, were non-public? No.

Are security updates non-public updates? No.
All tomasz86 said was that some non-public Win 2k updates were leaked in episodes not necessarily ( -- in fact: not at all --) related to the security update .ISOs.
And, last but not least, tomasz86 said was that "the last official updates for Win 2k were released last year, 3 years after EOL", but he did *not* say nor imply MS released continuously official updates for Win 2k galore, up to 3 years after EOL.

 
With all due respect to tomasz86, but sorry dencorso; tomasz86 does kind of make it sound as if 2KPro updates are easier to find than we would have let on.  The way he says it, or implies it, I would have thought there had been more updates too.
 
I can't help but feel though that the bulk of users here think that my concerns about security on unsupported Windows OSs are silly ones.  Why is that?  I know I've repeatedly brought up the topic ad-nauseam - HOWEVER; one thing I have learned is to keep asking similar questions again and again, because sometimes that is the ONLY way to get absolute clarity on things.  That's why it seems I bring up the same topic on different angles.  I believe in dotting I's and crossing T's when doing fact checking.  And you only can do that by challenging opinions and "facts".

#106
tomasz86

tomasz86

    www.windows2000.tk

  • Member
  • PipPipPipPipPipPipPipPip
  • 2,510 posts
  • OS:XP Pro x86
  • Country: Country Flag

I actually found the last ones but they were just for IE6 SP1 (I think it was Novemeber 2012).  So they're there.  This isn't something Microsoft should keep close to it's chest though.  This should be something that's well known.

I guess they can't say that Windows 2000 is EOL and "officially" release security updates at the same time. It's better to have them released, even if it's done in kind of a "semi-official" manner :)
 

Additionally, there should have been way more updates if this were a comprhensive set of hotfixes.  Being that XP and 2KPro share a wealth of similarities, you'd figure that the same vulnerabilities would need patching.

There are more components in XP than in 2000 so it's normal that there are XP patches that do not apply to Windows 2000 at all. You seem to be right though that only a part of the post-EOL updates is available in the ISOs. I'm guessing that they included only the most important patches such as the IE5/6 Cumulative Updates, etc. The other ones were available only for those who paid for the Custom Support.
 

A couple of posts ago, I was told that I seemed unable to be reassured that running an unsupported OS would be safe.  One thought that occurred to me since that time tomasz86.  Do you still perform online banking and other secure stuff online with Windows 2000?

I've been using Windows XP for several months as I have to use the newer IE (explained in details in the USP5 thread) but I have personally never experienced any issues that were caused by a particular OS being insecure. The last time I had a problem was a few years ago when my computer got infected by a virus that had been brought on a USB stick from a library. In my view, if it's a home computer then I'd not really worry too much (as long as the user knows what he or she's doing, doesn't click on suspicious links, etc.). The vast majority of those security related issues seem to be a result of user errors.

Edited by tomasz86, 25 February 2014 - 06:58 PM.

post-47483-1123010975.png
Unofficial Service Pack 5.2 for MS Windows 2000 <- use this topic if you need help with UURollup, Update Rollup 2 and other unofficial packages

#107
dencorso

dencorso

    Adiuvat plus qui nihil obstat

  • Super Moderator
  • 5,793 posts
  • OS:98SE
  • Country: Country Flag

Donator

+1 :yes:



#108
bphlpt

bphlpt

    MSFN Addict

  • Member
  • PipPipPipPipPipPipPip
  • 1,796 posts
  • OS:none specified
  • Country: Country Flag

Saw this over in the Windows 8 Deeper Impressions thread and just had to pass it along here.
 

Windows 8 is the most vulnerable Windows OS, you can thank Flash for that


If you are wondering why Windows 8 tops the charts, even though Microsoft touts the platform as more secure than its predecessors, the answer is quite simple; Flash. Because Flash is now baked into the modern instance of IE, any Flash vulnerability can now be tied into Windows 8 as well.


vultop.png


Which, as I understand it, is another way of saying that, in this case, approximately one-third of the vulnerabilities of the Windows 8.x OS for 2013 is probably attributed to a single program that until Windows 8 was an external program, and is still in a way an external program since "Microsoft is not directly responsible for the Flash code". And for older OS, updates for that external program will continue to come directly from Adobe regardless of which older OS you happen to be running, even if you are running an "unsupported" XP.

 

Also, the vast majority of the vulnerabilities for all OS are attributed to programs other than the OS, and are constant across all OS.  The OS is only "responsible" for less than 10%.  And since the OS can be "shielded" by means of routers, firewalls, anti-virus and other anti-malware software, and user attention to what the heck they are doing, then the choice of OS, from a security perspective, becomes more and more a moot point.  At least in my opinion.

Cheers and Regards


Edited by bphlpt, 28 February 2014 - 12:10 AM.

Posted Image


#109
Dave-H

Dave-H

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 769 posts
  • OS:98SE
  • Country: Country Flag

Were the patches that were rolled out by Microsoft this week the last ones for Windows XP, or will there actually be another set on April 8th, which is the second Tuesday of the month?

:)


Dual boot Windows 98SE SP2.1a and Windows XP Professional SP3.
Dual 3.2GHz Xeons with 4GB RAM. ATI Radeon X850 Graphics 1920x1080 32 Bit Colour with Large Fonts.


#110
5eraph

5eraph

    Update Packrat

  • MSFN Sponsor
  • 1,145 posts
  • OS:XP Pro x64
  • Country: Country Flag

Donator

Microsoft will officially release its last 32-bit XP security updates, if there are any, on April 8th, despite what you may hear elsewhere.

http://blogs.technet.com/b/msrc/p/february-2014-security-bulletin-q-a.aspx

Q: When will be the last day Microsoft provide updates for Office 2003 and Windows XP? Will April 8, 2014 be the last time we receive updates unless we purchase extended support?

A: The April 8th bulletin release would include security updates for Office 2003 and Windows XP, should there be any vulnerabilities that affect these products. Microsoft will stop providing Office 2003 and Windows XP Security updates only after the April Security bulletin release.


Edited by 5eraph, 13 March 2014 - 02:39 PM.


#111
Dave-H

Dave-H

    Friend of MSFN

  • Member
  • PipPipPipPipPip
  • 769 posts
  • OS:98SE
  • Country: Country Flag

Thanks!

:yes:


Dual boot Windows 98SE SP2.1a and Windows XP Professional SP3.
Dual 3.2GHz Xeons with 4GB RAM. ATI Radeon X850 Graphics 1920x1080 32 Bit Colour with Large Fonts.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users



How to remove advertisement from MSFN