 |
 Coveted Windows XP Service Pack 2 finally arrives
August 10, 2004
Microsoft Corp. has begun shipping its critical program update, called Windows XP SP2, to manufacturers across the globe.
Critics have hammered Microsoft in recent years over the susceptibility of Windows to hackers and viruses. Company officials have made shoring up the security of the company's products a top priority for the software maker. Completing Windows XP Service Pack 2 was considered so important that it reportedly held up development of the next generation version of Windows, dubbed Longhorn, and other projects.
"Service Pack 2 is a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks," Microsoft Chairman, Co-Founder and Chief Software Architect Bill Gates said in a statement.
With Service Pack 2, Microsoft is trying to go on the offensive in dealing with security issues by taking a more proactive stance. It includes stronger security default settings with new features and more sophisticated user tools, all aimed to make it easier to configure and manage security resources, and has added support for key drivers and newer wireless technologies such as WiFi and Bluetooth.
SP2 is designed to make Windows XP more protected from attackers who have successfully exploited its multiple security holes, most recently in the form of Sasser, Dowload.ject and new trials of Mydoom.
SP2 provides major enhancements making the OS stronger to resist hackers’ forays, as it:
- Turns on the Internet Connection Firewall (ICF) by default, closes ports except when they're in use and improves the firewall configuration interface.
- Recompiles core Windows components to make the OS more resilient to malware-induced buffer overruns.
- Arranges default settings in Outlook Express and Windows Messenger more securely.
Improves Internet Explorer controls and user interfaces to block malicious ActiveX controls and spyware.
Moreover, Service Pack 2 now works more closely with various types of PC processors such as those from Intel Corp. (compatible processors only expected towards the end of the year) and Advanced Micro Devices Inc. (available now in form of 64-bit technology) to reduce buffer overruns, the most common method used to launch denial-of-service attacks on networks.
But many network administrators and security specialists are taking wait-and-see approach, cautious to install SP2 across their networks. Those asked said they'll carefully study the package on test computers to ensure compatibility with other programs before loading it onto every machine in their enterprise.
"At this point, we're still catching our breath after deploying the last XP release, so we're leery about taking on SP2 right now," said Kathleen Held, senior network support specialist for Great Lakes Gas Transmission Company in Troy, Mich. "But we do plan to aggressively test it to see if it fits with our group policy and interacts properly with other programs on the network."
Bradley Dinerman, technical operations manager for Newton, Mass.-based IT management firm MIS Alliance Corp., believes SP2 will be worth the wait. "There's no doubt it significantly enhances security, both for the generic end user and the higher-level enterprise administrator," he said. "I need to sell the concept of the service pack to my clients, typically small businesses, to justify its installation as well as the time needed to research whether or not it will impact their common applications," Dinerman said. "This latter point will be the greatest obstacle to its deployment. People are already hearing word that the service pack might break functionality of some client-server applications and this scares them. They know they supposedly need to stay up to date, yet the possible repercussions make it seem like a Catch-22."
For starters, after installing SP2, users of XP will notice the addition of a security dashboard to Windows' Control Panel known as the Security Center. This simple status report on your system's defenses answers such basic questions as whether your firewall and anti-virus systems are turned on, whether your anti-virus solution is using the most recent signature file, and whether your operating system has received all available critical updates. For regular users, the most noticeable change will be a series of new prompts users will see. They will be asked to actively give permission for programs to interact with their computers, so there is less chance they will be hit by a virus or inadvertently allow malicious software that can monitor computer activities.
Fred Felman, vice president of marketing for San Francisco-based security firm Zone Labs Inc., warned users not to ditch their current security safeguards on the belief SP2 will provide full security. SP2's firewall, for example, catches inbound sinister code, but not the outbound stuff, he said. Since untold numbers of computers have been infected with Trojans that hijack them to send out malicious code, "The firewall in SP2 won't be all you need," Felman said. "You'll still need your other firewall so that trouble is blocked from both sides." Like the others, Felman predicts enterprises will need time to work out compatibility issues between SP2 and their networks.
The free upgrade won't be available to everyone right away, however. Microsoft said the timing will depend on several factors, including customers' Internet usage, location and language as well as the overall demand for the package. Customizing the fixes in 25 languages will take two months, the company said. English-language users will get the update earlier as Microsoft distributes it to computer manufacturers, companies and home users through downloads, free CDs and other means.
Not surprisingly, Microsoft is not keen to make the SP2 available for mass downloads, fearing a rush of data traffic will bring some slowdowns to its servers. Meanwhile, users are urged to enable their Windows Update service that will automatically download all necessary Service Pack 2 components when they become available as regular downloads.
Update: For our readers who cannot wait to try SP2 at work here’s a link to final full (266 MBs) official version of English Windows XP SP2 available from Microsoft’s MSDN website at this link.
|
|
