Feeds

MS and Symantec spar over ‘hoax’ Windows Y2K email

Hoax alerts users to an 'unrequired' mod that MS nevertheless 'recommends'

  • alert
  • submit to reddit

Reducing security risks from open source software

When Microsoft and Peter Norton's people do not agree on a Y2K issue, whose side will you be on? Just this situation developed when anonymous chain emails recently warned of a Y2K problem right in the heart of Windows default date format. The mails claimed that the "short date format WILL NOT rollover in the year 2000. It will roll over to 00". According to the mail, this may have consequences in actual application software in millions of systems worldwide. Although the mails I've seen were not rude or faked, Microsoft calls those mails "hoax" in a page on the Microsoft site. The page is titled Windows 95, Windows 98 and Windows NT Year 2000 e-mail hoax and quotes an email similar to the ones I received, albeit slightly more anti-Microsoft. Putting forward a list of "Facts about Windows 95, Windows 98, Windows NT and Y2K," Microsoft says the two-digit format is a display-only format, has no effect on the stored data, and that changing the year setting to four-digit and curing the date format situation "are not required actions and do not have to be performed in order to obtain compliance". In another page, introducing Y2K issues, Microsoft bundles up the Y2K email with virus email, and urges home and small business users to "delete it or report to the sender's Internet Service Provider". Unfortunately, although it was supposedly widely distributed, Microsoft could not give me an example of an actual email message that contained the Y2K date format message and was maliciously infected. Giga Information, which backed Microsoft on this issue, was not able to forward an actual mail message either. I did get a couple of such mails from users, and those I checked did not include any malicious code. They were simply messages, perhaps uncomfortable to Microsoft, but not viral. It gets better. The phenomenon the mail describes, and Microsoft denies, is quite familiar to many users of Norton 2000 -- as is the procedure to fix it. Like the "hoax" email, Norton 2000 -- a Symantec Y2K diagnostic application -- warns the user against having two-digit year dates in the Windows short date format found under Regional Settings in Windows' control panel. Like the "hoax" email, Norton 2000 suggests changing this format. I asked Symantec's people for their reaction to Microsoft calling a Symantec-recommended, Norton-branded procedure a "hoax". "As is often the case, they are mincing words quite fine," said Colleen McKenna of Symantec. McKenna further noted that even at the end of its "hoax" statement Microsoft explicitly recommends adjusting the same date format, an action described on the same Microsoft page as "unrequired". Symantec's people insist the issue may have a very real effect on data export/import from databases, spreadsheets etc. "Norton 2000 recommends expanding the year in this format to four digits, and for good reasons. Namely, to avoid ambiguous dates in reports generated by Microsoft Office programs, which can be used in transferring data to other systems which will disambiguate them in an unintended way." I did a little experiment myself, exporting and re-importing data from Microsoft Excel with the clock set to a future date, and indeed some actions lead to corruption of data. The core of the matter seems to be Microsoft's definition of Y2K compliance, which is not universally shared. "Microsoft's definition of Y2K compliance seems to cheerfully accept ambiguous dates," said a Symantec spokesperson. "The raison d'etre of Norton 2000 is to make the user aware of such issues, regardless of whether or not the software in question technically complies with the vendor's definition of Y2K compliance." Microsoft's representatives in Israel insisted that the concern is unjustified, and that by "hoax" Microsoft really meant not that the email alert was wrong in itself, but that it was wrong in creating a nonchalant attitude. That kind of attitude, warned one Mr Weisfeld, in charge of Y2K readiness in Microsoft Israel, may make users wrongly assume the control panel date format is the only thing needed to be fixed in Windows, and having fixed it, that they're all set to cross Y2K. Instead, he strongly recommended using Microsoft's special CD or following procedures recommended in Microsoft's Y2K site. "Our system is already Y2K compliant", he said, "but you can improve your Y2K compliance by using the special CD, which carries out some minor fixes." (Register quote of the week? -- Ed) According to Weisfeld, those minor fixes include a problem in Wallet, an e-commerce component of Explorer which currently won't accept "valid until" credit card dates later than 1999. Oh, and another minor thing -- it fixes the control panel date format problem too. ®

Eight steps to building an HP BladeSystem

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
Bose says today IS F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.