Microsoft has come under fire lately because of their habit of releasing software which has serious flaws, most especially problems with security. Unfortunately criticism is justified and verges on criminal: flaws (implementation bugs as well as just plain silly design decisions) have resulted in literally tens of billions of dollars in damage and losses worldwide.
Don't believe me? Think of all of viruses that have devastated not hundreds, not thousands, not even millions, but tens of millions of systems. All of these viruses are allowed to "breed" (spread) because of one of silliest, misguided, downright stupidest decisions ever made by a major corporation. This was addition of email scripting - without that incredibly powerful and almost totally unused (and many would argue not necessary) feature viruses could not spread in a matter of days or even hours. Since when does anyone need to script their email program anyway? I've never heard of a single person or corporation using this feature legitimately.
On top of this kind of issue (and there are several others), Microsoft's products tend to have blatant bugs - problems in programs which should have been caught by adequate design, testing and quality assurance. The most famous of these is probably series of bugs that led to Nimda and Code Red. Again, millions of systems were damaged and countless millions of man hours were wasted in efforts to eradicate these issues.
The firestorm that landed on Microsoft as a direct result of these and other problems and issues was fantastic to behold. Naturally Microsoft responded, trying desperately to reduce impact on their business. They claimed problems were with administrators who did not apply patches, with people reporting problems too early (thus giving hackers information before fixes were complete) and any number of other problems. It seemed that everyone except for Microsoft was doing wrong thing - of course, mighty Microsoft could do no wrong.
In spite of what left side of their face was saying, Microsoft did introduce some changes. They announced a new security service to help keep systems locked down and system administrators happy. Automatic security patch downloads were added to Windows XP and, I'm sure, dozens of other changes happened.
With release of Windows XP, Microsoft was adamant that they had tested it from top to bottom. The software giant even claimed it had written a special program to check for nastiest kind of software problem - buffer overflows. You see, a buffer overflow is one of most common ways for a hacker to break security of a system. It does this by writing some code beyond end of where it is supposed to write it. The code is then executed in privileged mode to give hacker entrance to system.
Well, a short time ago Microsoft released a patch to Windows XP to fix exactly this problem. It seems there is a buffer overflow problem in UPnP service. What heck is UPnP, you ask? That's a good question.
UPnP is a special plug-and-play service. What is plug-and-play? Well, when you install a new device on Windows XP it automatically detects it and configures it for you. Plug-and-play is a very nice feature, and it works very well in Windows XP.