Windows XP: Use Internet Explorer? Without SP2? Bad idea.
- 11/9/04 1:53 PM
Use Internet Explorer? Without SP2? Bad idea.
by R. Proffitt - 11/9/04 1:53 PM
http://www.eweek.com/article2/0,1759,1721828,00.asp?kc=ewnws110904dtx1k0000599 writes:
"The vulnerability is not present in Windows XP Service Pack 2, but in all earlier versions of Internet Explorer 6, and no patch is available"
For those that are not on SP2, it's their choice. I wonder how many will fall before the message gets sent that IE is just too dangerous.
Bob
Re: Use Internet Explorer? Without SP2? Bad idea.
by roddy32 - 11/9/04 2:27 PM
In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
This is good advice Bob, this thread should be bumped occasionally like your "Security Suite" thread is in the Virus and Securities Forum. I sent this link you posted to quite a few people when you first posted it the other day to show them why they should stop procrastinating. Just my opinion.
Actually, you can minimize some of the risk.
by R. Proffitt - 11/9/04 3:19 PM
In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by roddy32
But some don't like it when I note Firefox or Mozilla. But I'm not the only one writing it.
http://www.usatoday.com/tech/news/computersecurity/2004-09-08-zombieinfect_x.htm
It's a nice article about Spyware and what you can do to move out of the line of fire.
Bob
Re: I will have to take the plunge
by MarkFlax - 11/9/04 3:25 PM
In reply to: Actually, you can minimize some of the risk. by R. Proffitt
Although I rarely use IE nowadays, I think I must now take the plunge and download and install SP2, after doing all the housekeeping and virus checks that people have recommended on these forums before.
Bob is right. IE is just too dangerous without the protection of SP2.
Ohh well.....
Mark
Go for it...
by Larry38 - 11/9/04 7:31 PM In reply to: Re: I will have to take the plunge by MarkFlax
Hi markflax,
Bob's advice is very good. Just make sure your PC is clean and updated, and you should not have any problems. I downloaded from an SP2 CD (due to dialup) on a clean system, took about 20 minutes and have not had any problems. Just downloaded Firefox 1.0 FINAL today and it is working fine. I use Firefox about 99% of the time, but use IE6 occasionally.
Good Luck.
Larry
Re: Use Internet Explorer? Without SP2? Bad idea.
by superfast - 11/12/04 2:23 AM In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
I use Firefox most of the time, emails through yahoo to isolate attacks and AVG plus Zonealarm on my computer. Am I too naive to think that this should give me good protection ? Is there really more advantage in using SP2 with the problems it might create and with the hackers focussing there attention on a new challenge how long will the protection last?
For superfast. No, you're dodging that bullet.
by R. Proffitt - 11/12/04 4:56 AM
In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by superfast
If you've been following along, the SP2 is not that problematic. In fact it solved some nasty issues with USB 2.0 hard disks in my corner of the world (couldn't chkdsk external drives!) If I had delayed on SP2, I would have kept that issue alive.
More to your issue. Until another hole is found you are dodging the bullets from known locations.
That is a valid approach, but bear in mind that someday you have to make the plunge if another exploit comes up that can't be dodged with the methods you are using. Or you learn a new move...
Bob
Re: Use Internet Explorer? Without SP2? Bad idea.
by jamraiven - 11/12/04 8:46 AM In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by superfastSP2 fixes/fills a lot of holes in XP. Since you already have Zone Alarm (as long as it is a newer version), SP2's firewall will be disabled. Most of the problems I have heard of have to do with the firewall. I don't think it is a bad idea, but do suggesting researching the problems people have had. I am running it on my system along with the latest Zone Alarm free version, McAfee VirusScan 7, Ad-Aware, SpyBlaster, and hardware firewall/VPN/Router (Symantec Appliance 200). Not that I'm paranoid or anything 
SP2? Bad idea.
by jrice - 11/12/04 10:04 AM In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
Sp2 is the biggest piece of crap since SP1. And if IE is vulnerable without it, then IE is the biggest piece of crap since Windows. And Windows is a piece of crap because it is a bloated, bug-ridden system-monopolizer. So, goes the glib retort, no one's forcing you to use Windows. Oh yeah? Did I say "monopolizer"?
If you've installed SP2 and your applications are lucky enough not to have been targeted by SP2's Data Execution Prevention, or DEP, then I guess you are one of those who will reply, "Well, I'VE not had any problem, so it must be HIS fault." Sorry, Bob, this isn't my fault - it's the fault of the geniuses at Bellingham, who have turned DEP into WAD - Windows Auto-immune Disease.
First of all, if you try to use Windows's file manager, Windows Explorer (or My Computer, which is just Explorer wiithout the folder tree), DEP will shut it down. (Yes, I know the piece is about Internet Explorer, which so far my DEP hasn't shut down.) If you are lucky, Explorer will load in a memory location which DEP doesn't regard as verboten and any application that launches within it as malicious. For a while, that is. Sometimes, DEP wil wait a decent interval before shutting Explorer down, sometimes it will shut it down immediately after launching, as it did to my Explorer, which I have in my Start-Up folder, when it launched as I booted my computer this morning.
Yes, there are arcane workarounds, such as adding Explorer to the DEP exceptions list, which doesn't work, because Windows will ignore items on this list which it deems "essential programs," which presumably includes Explorer. Trying to turn DEP off in the Boot.ini file doesn't work, either. All that happens is, that instead of a rude pop-up window announcing that DEP is closing the program, there's no pop-up window, and the program just disappears. In other words, DEP kills an essential Windows utility, and there is no way to stop it.
Second, according to Microsoft, this DEP is optimized to work with machines containing processors with hardware DEP which, I should guess, at least 95% of computers do not have and won't have until they are replaced by new ones. So I guess by including DEP in SP2, MS has ordained that my P4 machine is obsolete.
Oh yes, to add insult to injury, Microsoft support (Ha!) deems this problem as "behavior by design," which is to say, they have no intention of fixing it.
So, Microsoft has created security vulnerabilites in Windows, particularly in Internet Explorer, the subject of Proffitt's piece, which can only be addressed by SP2, a so-called "fix," which causes an essential Windows program to crash.
If I were paranoid, I could come up with all kinds of monstrous conspiracy theories to account for this, but I suppose the mundane but accurate explanation applies: sheer incompetence.
____________
Re: Use Internet Explorer? Without SP2? Bad idea.
by howdy2u2 - 11/12/04 12:13 PM In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
Maybe it is a bad idea but SP2 lock up my computer so I could not use it crash all prorams only way to use was to go safe mode and you can't uninstall SP2 noway. Had to back every thing up and wipe hard drive clean and start over what a hassel. What do you think of getting rid of IE and installing Firefox?compter work find after reinstalling prograns.
7 days go I lost Out Look Express ability to receive, could send it is now working again got any ideas!.
I am have an XP home Dell Dimension 4550
Re: Use Internet Explorer? Without SP2? Bad idea.
by jagwoods51 - 11/12/04 2:24 PM In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
yeah...but, the last time i tried to download SP2, my whole system crashed...i had to take my computer drive in to have the hard drive erased and windows xp re-installed. (I don't have a copy of xp on disc, as i bought thr computer used with xp already on it....how do you suggest i proceed if SP2 is so important? I was out $150.00 the last time!
Re: Use Internet Explorer? Without SP2? Bad idea.
by glb613 - 11/12/04 3:01 PM In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by jagwoods51First of all, why would you buy a computer without the operating system disks included? Not installing SP2 is the least of your worries. Do yourself a favor and buy a copy of XP. Or if you can, get the seller to give you the disk used to install the operating system on your computer.
Re: Use Internet Explorer? Without SP2? Bad idea.
by Mark5019 - 11/12/04 3:10 PM In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by jagwoods51why didnt you have cd with xp on it only legal way.
and if your puter was used odds were was dirty with scumware and spyware.
Re: Use Internet Explorer? Without SP2? Bad idea.
by rosebud - 11/12/04 4:37 PM In reply to: Use Internet Explorer? Without SP2? Bad idea. by R. Proffitt
Decided not to download Win XP SP2 upgrade do to a lot
of advice offered on the 'net that SP2 was still
'buggy'. Finally got fed-up with the constant patch
upgrades and installed Mozilla/Firefox instead.
What a blessed relief! I'm beginning to think Bill
Gates and Microsoft, et al, need a MAJOR MENTAL/
INTELLECTUAL HIGH TECH PATCH job on themselves for
their continual inability to produce a program that
works without all the on-going loopholes.
I'm not a pc techie. I just want to use my pc without
the constant MS upgrades. So again I say "Thank You"
Mozilla/Firefox.
Re: Use Internet Explorer? Without SP2? Bad idea.
by William Randall - 11/14/04 4:12 PM In reply to: Re: Use Internet Explorer? Without SP2? Bad idea. by rosebudrosebud,
Someone will jump in here and correct me if I'm wrong, but the way I understand it is if you use Windows as your OS, eventually you will NEED SP2 to get updates to your OS (for WinXP that is since I have no idea how SP2 applies to prior OS).
I use Firefox and Mozilla, but they are not the be all and end all in internet security.
HTH
William
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
