Windows XP forum: Use Internet Explorer? Without SP2? Bad idea.

But some don't like it when I note Firefox or Mozilla. But I'm not the only one writing it.

http://www.usatoday.com/tech/news/computersecurity/2004-09-08-zombieinfect_x.htm

It's a nice article about Spyware and what you can do to move out of the line of fire.

Bob

Hi markflax,
Bob's advice is very good. Just make sure your PC is clean and updated, and you should not have any problems. I downloaded from an SP2 CD (due to dialup) on a clean system, took about 20 minutes and have not had any problems. Just downloaded Firefox 1.0 FINAL today and it is working fine. I use Firefox about 99% of the time, but use IE6 occasionally.
Good Luck.
Larry

If you've been following along, the SP2 is not that problematic. In fact it solved some nasty issues with USB 2.0 hard disks in my corner of the world (couldn't chkdsk external drives!) If I had delayed on SP2, I would have kept that issue alive.

More to your issue. Until another hole is found you are dodging the bullets from known locations.

That is a valid approach, but bear in mind that someday you have to make the plunge if another exploit comes up that can't be dodged with the methods you are using. Or you learn a new move...

Bob

Sp2 is the biggest piece of crap since SP1. And if IE is vulnerable without it, then IE is the biggest piece of crap since Windows. And Windows is a piece of crap because it is a bloated, bug-ridden system-monopolizer. So, goes the glib retort, no one's forcing you to use Windows. Oh yeah? Did I say "monopolizer"?

If you've installed SP2 and your applications are lucky enough not to have been targeted by SP2's Data Execution Prevention, or DEP, then I guess you are one of those who will reply, "Well, I'VE not had any problem, so it must be HIS fault." Sorry, Bob, this isn't my fault - it's the fault of the geniuses at Bellingham, who have turned DEP into WAD - Windows Auto-immune Disease.

First of all, if you try to use Windows's file manager, Windows Explorer (or My Computer, which is just Explorer wiithout the folder tree), DEP will shut it down. (Yes, I know the piece is about Internet Explorer, which so far my DEP hasn't shut down.) If you are lucky, Explorer will load in a memory location which DEP doesn't regard as verboten and any application that launches within it as malicious. For a while, that is. Sometimes, DEP wil wait a decent interval before shutting Explorer down, sometimes it will shut it down immediately after launching, as it did to my Explorer, which I have in my Start-Up folder, when it launched as I booted my computer this morning.

Yes, there are arcane workarounds, such as adding Explorer to the DEP exceptions list, which doesn't work, because Windows will ignore items on this list which it deems "essential programs," which presumably includes Explorer. Trying to turn DEP off in the Boot.ini file doesn't work, either. All that happens is, that instead of a rude pop-up window announcing that DEP is closing the program, there's no pop-up window, and the program just disappears. In other words, DEP kills an essential Windows utility, and there is no way to stop it.

Second, according to Microsoft, this DEP is optimized to work with machines containing processors with hardware DEP which, I should guess, at least 95% of computers do not have and won't have until they are replaced by new ones. So I guess by including DEP in SP2, MS has ordained that my P4 machine is obsolete.

Oh yes, to add insult to injury, Microsoft support (Ha!) deems this problem as "behavior by design," which is to say, they have no intention of fixing it.

So, Microsoft has created security vulnerabilites in Windows, particularly in Internet Explorer, the subject of Proffitt's piece, which can only be addressed by SP2, a so-called "fix," which causes an essential Windows program to crash.

If I were paranoid, I could come up with all kinds of monstrous conspiracy theories to account for this, but I suppose the mundane but accurate explanation applies: sheer incompetence.

____________

yeah...but, the last time i tried to download SP2, my whole system crashed...i had to take my computer drive in to have the hard drive erased and windows xp re-installed. (I don't have a copy of xp on disc, as i bought thr computer used with xp already on it....how do you suggest i proceed if SP2 is so important? I was out $150.00 the last time!

why didnt you have cd with xp on it only legal way.

and if your puter was used odds were was dirty with scumware and spyware.

rosebud,

Someone will jump in here and correct me if I'm wrong, but the way I understand it is if you use Windows as your OS, eventually you will NEED SP2 to get updates to your OS (for WinXP that is since I have no idea how SP2 applies to prior OS).

I use Firefox and Mozilla, but they are not the be all and end all in internet security.

HTH

William

Thanks Bob for confirming what I've known for some time.

I think there are a few "wringers" in some of these forums just "pushing buttons" of those they think they can get over on (meaning they KNOW better but are simply posting "stupid" questions merely for the sake of pushing buttons of fine helpers like you and others).

Sad state of affairs.

Then there are those who refuse to listen to COMPETENT techs like you.

William

BTW, this is not directed at anyone in particular or anyone in this thread who is "legit".

Roddy,

Without giving away just how long I've been involved in ZD Net/CNET (this is a cue for JR to come in and say he has been around since Moses - J/K John ), I think I have a good handle on this type of stuff and I spot "wringer posts" much more than some would guess would happen here.

I suspect other "long timers" do too, but are too "kind" to speak up.

William

Roddy,

I used to belong to one of the MS groups but I was never one of those "groupies".

Since you are a manager there, you no doubt have much more on the ball than I do, but I fully enjoy reading several forms here just for the wealth of info I gather of which I hope some will stick on my aging brain.

William

I am concerned that SP2 creates more problem than when one does not download it. Is it safe to download SP2 now? What really happens when we download SP2?

I had been holding off installing sp2 until I read the post by Bob proffitt about the new worm running around the web and sp1 will not protect against. Anyway, i installed sp2 on both my XP home computers and it went without a hitch, in fact whether it's real or percieved they both seem to run better. The main point is, installing it on a well running clean computer should work well for most.At any rate if it turns out to give problems just un-install it and/or do a system restore with no harm done.

I WISH that I could follow your advice, Bob. I tried to install SP2 after downloading it from Microsoft. Twice, I tried; the second failed attempt required a fresh install of my OS. After that episode I was hesitant to try to again. So, I sent for the SP2 disk, I followed Microsoft's preparation advice, I tried to follow Dell's preparation advice (updating Bios) which is when I crashed again. True, I'm not the saviest when it comes to computers--but, I'm more savy than a lot of people in my circle of friends/pc users. I guess I'll have to wait a year or two until I buy a new computer. Until then, surfing without SP2.
Regretfully,
laurie

Why is I.E. too dangerous without SP2---

Will it blow up my computer?
Will it send out harmful X-Rays?