| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Windows XP SP2 could break existing apps | |
|
||
| Time: 09:55 EST/14:55 GMT | News Source: Computer Weekly | Posted By: Byron Hinson | ||
|
Some software developers may find their applications no longer work on machines using Microsoft Service Pack 2 for Windows XP, which will be released later this year. Microsoft has made something of a trade-off with the update, focusing on security improvements at the expense of backward compatibility. The company has called on all software developers to test their code against the beta version of Service Pack 2, or face the possibility that the update will break their handiwork. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
10:22:45 AM
ET.
Any comment problems? E-mail us |
| #1 By 6859 (206.156.242.36) at 3/5/2004 10:46:49 AM |
| It's a worthwhile tradeoff. |
| #2 By 19992 (164.214.4.61) at 3/5/2004 2:09:55 PM |
| If I recall properly, several people on this site are beta testers for SP2. Assuming my memory is correct in this, has anyone here come across any applications that either no longer work or need to be updated to work in SP2? |
| #3 By 665 (198.51.49.2) at 3/5/2004 4:50:56 PM |
| Since I installed the SP2 beta (I have an MSDN subscription) I have had no problem with apps breaking. |
| #4 By 143 (68.73.154.188) at 3/5/2004 7:11:28 PM |
|
People complain about the lack of security in XP
and now there complaining about improved security... |
| #5 By 6253 (24.1.206.27) at 3/6/2004 12:13:00 AM |
|
Lots of web sites which host file downloads and/or media files will break, due to the MIME Sniffing changes in IE. Today, many sites get away with having misconfigured MIME types. Half the webmasters (out of the ones who haven't been laid off yet) don't even know what a MIME type is, so forget about the problem getting fixed quick. The new behavior can be overriden on the client side via registry, but the new ADM files will not have a GPO for it, and it won't be exposed in the UI, so a lot of users will be puzzled and a lot of webmasters will be caught off guard. Everytime something like this happens, people "solve" their ignorance by saying, "Oh, don't use SP2. It screws stuff up."
That's why some of the other site-breaking features of IE, including the blocking of certain ActiveX controls which were not otherwise blocked before (this is a slightly different situation than the "do you want to install?" prompt), are explained to the user via the new Notification Bar. It's a pretty slick UI feature, but the simplified information given to end-users is not going to be enough for users to tell the web sites what's wrong. By the way, Microsoft's own Office Update control is blocked by default. You don't even get a prompt to tell you that it's signed by Microsoft and giving you a chance to let it be installed. Presumably, Microsoft will adjust the way their Office Update page is coded to avoid screwing themselves at release time. And then there's "Local Machine Lockdown." Some people know that IE has always had a hidden security zone reserved for the local machine. There's even a reg hack which lets you make it visible and modify it. Starting with SP2, those modified settings won't do squat because the new Local Machine Lockdown policy will override it. Luckily, a new reg key lets you turn it off. Otherwise, apps which use web pages installed on the local hard drive that have complex scripting (often used for computer-based training and online help, but also occurring on developers' machines) can break. The great thing is that they break quietly. It's not like those Outlook security prompts which tell you that a script is trying to access the address book and do you want to allow it for 5 minutes. Nope, your stuff will just not work. It will sit there and do absolutely nothing. Remember the phrase "Local Machine Lockdown" because that's what you'll be Googling for, when the lights go out. Speaking of developers, remote debugging in Microsoft's own development tools is clobbered by default. Of course, out of everybody with "developer" on their business cards, probably 1 out of 20 deserve it. The rest are going to be thrown for a loop when they want to step through their ASP page running on another machine, and they can't anymore. After scratching their heads for a few days, they will stop pretending to be Microsoft developers and start pretending to be Java or PHP developers. They'll understand even less, but they'll get new business cards. You think that only web apps are affected? Wrong. Everything applied to IE is also applied to explorer.exe by default. This results in interesting stuff that you thought you would only see on Windows Server 2003, like prompts asking you whether you really want to run an exe file which is located on a network file share, after you double-click it, even though you're not accessing it through the browser and it wasn't downloaded from the web. Already, a recent security patch has broken download manager type programs like Net Transport which assume Windows supports URLs with user:password embedded in them. Even though the patch has been widely publicized as critical, the number of people who have installed it is tiny, compared to the number who will eventually install SP2. Get ready to find out how many programs do stuff that you never expected. |
| #6 By 2138 (80.98.192.116) at 3/6/2004 2:01:46 AM |
|
Beta Testers for SP2 received an email form the beta site and it stated that the latest build is not considered beta but very stable. If beta testers are having problems just report it.
I have the same problem as with the last SP2 build; MSN Premium email features do not work 100% proplerly but with the refresh build it worked. So we just have to wait. This was the only problem that I encountered to date. Robert... |
| #7 By 21203 (4.5.32.137) at 3/6/2004 2:31:27 AM |
|
As holdup stated, a lot of the things that potentially can be broken (or the stuff that appears broken at the moment) can be fixed through registry changes. Frankly I uphold that the changes should be even more difficult... or at least, emphasized more strongly against.
Frankly, I can see LazyAppVendor saying at SP2 release "My app doesn't work because of a security lockdown in SP2, run this registry hack, it'll fix it" and that hack will also invalidate every process utilizing that registry change. Personally I'm very happy with the latest beta for SP2, and the technology behind it. If it breaks applications for the greater good, I'm all for it. It's nothing new in MS history -- win16 to win32, evil win32 coding (nt) to strict win32 coding (xp), the ISVs also have to grow and become more responsible for bad coding practices, and administrators need to be more responsible with MIME types, etc. It speaks volumes to me that MS would block ActiveX by default. They aren't doing a half-ass solution here; it's about as secure as you can get on the XP platform without a ground-up rewrite (Longhorn). |
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
10:22:45 AM
ET.
Any comment problems? E-mail us |
