Sp2 is the biggest piece of crap since SP1. And if IE is vulnerable without it, then IE is the biggest piece of crap since Windows. And Windows is a piece of crap because it is a bloated, bug-ridden system-monopolizer. So, goes the glib retort, no one's forcing you to use Windows. Oh yeah? Did I say "monopolizer"?
If you've installed SP2 and your applications are lucky enough not to have been targeted by SP2's Data Execution Prevention, or DEP, then I guess you are one of those who will reply, "Well, I'VE not had any problem, so it must be HIS fault." Sorry, Bob, this isn't my fault - it's the fault of the geniuses at Bellingham, who have turned DEP into WAD - Windows Auto-immune Disease.
First of all, if you try to use Windows's file manager, Windows Explorer (or My Computer, which is just Explorer wiithout the folder tree), DEP will shut it down. (Yes, I know the piece is about Internet Explorer, which so far my DEP hasn't shut down.) If you are lucky, Explorer will load in a memory location which DEP doesn't regard as verboten and any application that launches within it as malicious. For a while, that is. Sometimes, DEP wil wait a decent interval before shutting Explorer down, sometimes it will shut it down immediately after launching, as it did to my Explorer, which I have in my Start-Up folder, when it launched as I booted my computer this morning.
Yes, there are arcane workarounds, such as adding Explorer to the DEP exceptions list, which doesn't work, because Windows will ignore items on this list which it deems "essential programs," which presumably includes Explorer. Trying to turn DEP off in the Boot.ini file doesn't work, either. All that happens is, that instead of a rude pop-up window announcing that DEP is closing the program, there's no pop-up window, and the program just disappears. In other words, DEP kills an essential Windows utility, and there is no way to stop it.
Second, according to Microsoft, this DEP is optimized to work with machines containing processors with hardware DEP which, I should guess, at least 95% of computers do not have and won't have until they are replaced by new ones. So I guess by including DEP in SP2, MS has ordained that my P4 machine is obsolete.
Oh yes, to add insult to injury, Microsoft support (Ha!) deems this problem as "behavior by design," which is to say, they have no intention of fixing it.
So, Microsoft has created security vulnerabilites in Windows, particularly in Internet Explorer, the subject of Proffitt's piece, which can only be addressed by SP2, a so-called "fix," which causes an essential Windows program to crash.
If I were paranoid, I could come up with all kinds of monstrous conspiracy theories to account for this, but I suppose the mundane but accurate explanation applies: sheer incompetence.