I read at
news.com.com (.com.com.com.com...) that Microsoft recently announced that many of its Internet Explorer (IE) security upgrades included in Windows XP Service Pack 2 will not be offered for IE on older versions of Windows (2000, ME, etc.). This, IMHO, appears to be a deliberate move by Microsoft to boost sales of its now three year old operating system (XP). Microsoft is effectively holding hostage the security of millions of peoples' computers. The ransom has been set at $99US (the cost of an upgrade to XP).
"We do not have plans to deliver Windows XP SP2 enhancements for Windows 2000 or other older versions of Windows," the company said in a statement. "The most secure version of Windows today is Windows XP with SP2. We recommend that customers upgrade to XP and SP2 as quickly as possible." [emphasis mine]
It's interesting that when Microsoft finally answers some of the concerns much of the security community has had with IE, the "upgrades" are not available for all of their versions of Windows.
The ongoing security updates do not, as Microsoft points out, include the latest security fixes with Service Pack 2, released last month. Those include a new pop-up blocker and a new system of handling ActiveX controls and downloaded content.
And it's those more substantial changes, rather than the bug fixes that come with routine upgrades for supported products, that security organizations have lauded for addressing IE's graver security concerns.
Now it's unclear whether even half the Windows world will have access to the shored up IE.
This could drive more users into the arms of the Firefox project, but somehow, I think most average users will care little.
Full story at:
http://tinyurl.com/4lsda
![[QUIT SLASHDOT TODAY]](/misc/quit-slashdot.gif){kind=small}