Microsoft to remove or disable features of Windows if necessary

Microsoft are set to begin the removal or disabling of features provided by old, insufficiently tested code in Windows and their other software if there are problems which cause security issues. This is the next step in their much publicised "trustworthy computing" initiative.

The director of security assurance for the software giant has claimed: "A lot of the (coming) design changes are to remove this feature or turn that one off by default" and he also went on to say: "Do we think that things will be retired more quickly? Sure". An example of this type of action is with the change being considered to automatically disable the gopher protocol in the upcoming Windows XP SP1, which been proven as a security risk (see this article).

Since the security cleanse began they haven't managed to uncover more security holes than usual, with a total of 30 being found so far - the same number found in that time period last year. Before the advent of Windows XP Microsoft have been saying that they will sacrifice features and compatibility for security but the recent security issues have meant that there is more code which requires removal from the 50 million lines which form Windows than they expected.

Marc Maiffret, from eEye Digital Security, speaking to ZDNet claimed "that programmers who don't review the code before using it are at fault" and he also said "there is no problem in having backwards compatibility, except when there is a flaw in it".

Now with the rapid development of features and those included in Windows XP, you have to be sceptical as to which 'old' feature (or new one for that matter) will be found to have serious vulnerabilities next. At least there is a realisation of a problem and measures are in places that could help root out the security issues that have plagued Windows users in recent times.

News source: ZDNet

Report a problem with article
Previous Story

Windows XP updates on Microsoft Downloads

Next Story

Morpheus Updates Peer-to-Peer Client

-1 Comments - Add comment