http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patches_for_you_XP
http://edge.technet.com/Media/MSRC-Monthly-Security-Bulletin-Webcast-September-2009/ Jeffrey Walton wrote: > Hi Aras, > > >> Given that M$ has officially shot-down all current Windows XP users by not >> issuing a patch for a DoS level issue, >> > Can you cite a reference? > > Unless Microsoft has changed their end of life policy [1], XP should > be patched for security vulnerabilities until about 2014. Both XP Home > and XP Pro's mainstream support ended in 4/2009, but extended support > ends in 4/2014 [2]. Given that we know the end of extended support, > take a look at bullet 17 of [1]: > > 17. What is the Security Update policy? > > Security updates will be available through the end of the Extended > Support phase (five years of Mainstream Support plus five years of > the Extended Support) at no additional cost for most products. > Security updates will be posted on the Microsoft Update Web site > during both the Mainstream and the Extended Support phase. > > >> I realize some of you might be tempted to relay the M$ BS about "not being >> feasible because it's a lot of work" rhetoric... >> > Not at all. > > Jeff > > [1] http://support.microsoft.com/gp/lifepolicy > [2] http://support.microsoft.com/gp/lifeselect > > On Tue, Sep 15, 2009 at 2:46 PM, Aras "Russ" Memisyazici > <[email protected]> wrote: > >> Hello All: >> >> Given that M$ has officially shot-down all current Windows XP users by not >> issuing a patch for a DoS level issue, I'm now curious to find out whether >> or not any brave souls out there are already working or willing to work on >> an open-source patch to remediate the issue within XP. >> >> I realize some of you might be tempted to relay the M$ BS about "not being >> feasible because it's a lot of work" rhetoric... I would just like to hear >> the thoughts of the true experts subscribed to these lists :) >> >> No harm in that is there? >> >> Aras "Russ" Memisyazici >> Systems Administrator >> Virginia Tech >> >> >> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
