New MS support policy takes Win2k off death row

Strip away the undergrowth, and it's all pretty positive

  • alert
  • submit to reddit

3 Big data security analytics techniques

Analysis Following up on our slightly baffled take on Microsoft's new product lifecycle policy, which was announced earlier this week, senior marketing manager Lars Ahlgren called us up with a few clarifications. And although the big list of products is still currently messy (Lars says this should be fixed shortly) the core new policy is actually pretty positive, and has some interesting implications and consequences.

The intent now is that the major Microsoft products will now have a "mainstream" supported life of five years, while for business versions it'll then be possible to buy two years "extended" support. Specifically this means Windows 2000 Pro gets a full five year lifespan, whereas until the beginning of this week it was due to go into the red zone on 31st March 2003. WinXP Pro will now get mainstream support until the end of 2006.

Much of the other stuff in the big Microsoft list as it is currently constituted seems to have made it there because of somebody's misguided attempts to be comprehensive, and the inclusion of service pack dates simply confuses the issue further; the things to hang onto are, first, five plus two for major products in business, just five for home, and this is a forward-looking policy, so the apparently screwy dates for many products predating Win2k don't match the new policy, because it's not intended to be retro-fitted too deeply.

Viewed in that light, the switch is revolutionary. Microsoft's previous policy was to terminate on the basis of "n + 2" (i.e. current product plus two predecessors supported), which could mean a product going out of support as little as three years from launch, and which also had a queer side-effect we hadn't noted, but which Ahlgren drew to our attention. If you never produce an upgrade for the product, then when do you stop supporting it? It was also tricky to second-guess whether a product was going to be a fix, an upgrade or a successor. So the support period for, say, Win95 would be seriously affected by how many of the 98, 98SE and WinME revs Microsoft decided counted towards the policy.

The five years therefore gives people fixed, predictable dates to work with, and takes a great deal of pressure off businesses who're running Windows 2000 and don't see an immediate need to upgrade to WinXP. Skipping Windows XP entirely still won't be an option for them if Microsoft really isn't planning an interim OS prior to Longhorn (it keeps saying it isn't, everybody keeps not believing it), but businesses are no longer looking down the barrel of a gun from next April. Of course to make it totally simple for them to stick with Win2k after then it would be necessary for Microsoft to amend the OEM licences that include the April cut-off, in line with the new guidelines. Let us know if this doesn't happen soon, friendly OEMs.

Ahlgren also had some interesting things to say on service packs. The policy for these is now that the current and the previous will be supported, the previous being supported for "up to 12 months" (wording fuzz here, Microsoft - you just mean "12 months", don't you?) after the release of the current one. He says Microsoft encourages people to apply the most recent service pack, and we can't really fault them on that, given that a service pack should surely be thought of as part of Microsoft's support, and if you won't apply the fixes then what the blazes are you doing phoning up for fixes? But there may be reasons why people haven't installed the most recent one - Win2k SP3 breaks things for some people, and the regrettable new licence agreements for 2k SP3 and XP SP1 mean others have religious objections. So supporting the prior service pack is fair and rational, and cajoling people into at least installing it is reasonable.

Service packs however can be very large, and not everybody has broadband, so you can only reasonably expect people to install them if you encourage their free distribution via CD, on magazines, with driver discs etc. Service packs also frequently include new features rather than just fixes, and this has been a long-standing grouse for businesses. Some years back Microsoft responded to such grouses by promising to keep service packs and product enhancements separate, but this (you'll have noticed) has slipped again. Ahlgren accepts this, and says the company will make further efforts to differentiate between the two.

So we have a new policy that is so clear, rational and reasonable that it's really quite difficult to count the horse's teeth. We might note that Microsoft would possibly be a little less keen on supporting products for up to seven years if it wasn't anticipating a lengthy gap before the next big one. And as XP and 2k are pretty similar, and the 9x generation is all but expired already, OS support ought to be getting simpler for the company. Security policy is also possibly a little less liberal than it might be, as "Hotfixes developed for the current shipping service pack will not be automatically created for the immediately preceding service pack... Security patches released with bulletins from the Microsoft Security Response Center will be reviewed and built for the immediately preceding service pack whenever commercially viable."

So it will still be more complex and time-consuming if you hold off the most recent one, and that "whenever commercially viable" rider is a worry. But still, not a bad effort overall. ®

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
prev story


Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.