The patches are coming, the patches are coming

Clear your calendar during the month of August. That's when Microsoft's

long-awaited, long-overdue, and long-needed update to Windows XP is due.

I plan to have a supply of ibuprofen at the ready. No doubt it will fix

some things that are already broken, but I'm really worried about things

that work today that might not after applying the update.

Service Pack 2, as you probably know, is pretty much all about security,

something we all desire and which Windows seems to lack. One key change

is that the Windows Firewall is going to be enabled by default.

Originally called the Internet Connection Firewall, you'll see it

configured in On With No Exceptions mode. You've gotta admit, that's as

far away from "off all the time" as you can get.

What is On With No Exceptions mode? Here's what it means: all inbound

Internet traffic is denied until the user changes the setting.

Picture it: you're flooded with calls from customers that have taken it

upon themselves to install SP2. Lo and behold, the Internet doesn't work

anymore. There's nothing really broken, of course, it's just a

tremendous pain. Revenue for you perhaps, but not what you'd prefer to

be doing.

One has to wonder why an integrated firewall would be designed and built

but not enabled in the first place. No doubt it was left disabled to

ensure that upgrades from Windows 2000, 98, or Me would be smooth. Like

the old Fram TV commercials used to say, "you can pay me now or you can

pay me later." It's later.

The update bestows Outlook Express, Internet Explorer, and Windows

Messenger with the power to identify and then isolate malicious file

attachments as they are opened. A change to Internet Explorer itself

will endeavor to prevent script-based attacks. IE, at last, will get

it's own native pop-up blocker. Fortunately, it, too, is turned on by


With so many different aspects of security working inside Windows and

the browser, how do you know what's what? Here's an idea I really like:

SP2 contains the new Windows Security Center. It's a global view of all

security settings in the operating system. At a glance you'll know

what's on, including any antivirus protections.

What scares me is what might get broken once SP2 is installed. No doubt

Microsoft's own applications have been tested thoroughly and will

continue to work just fine. But what about third-party utilities, and

especially, custom one-of-a-kind applications? There's also the issue of

SP2 banging heads with other security tools that may be installed and


Starting last week, my own desktop system has been popping up hundreds

upon hundreds of advertising windows for everything from vacation trips,

mortgage refinancing, places to meet "women in your area," and even

security tools. I can't stop this torrent. Despite running Ad-Aware, a

couple of pop-up blockers, AOL's spyware protection utility, and a

couple of omnipresent toolbars, nothing seems to help.

In the old days, before software required activation - of which you

usually get only two before it's necessary to call and beg for more - I

would have simply reformatted the drive, reinstalled the OS and

applications, restored my data, and I'd be happy. In the process and

malware, spyware, data miners, and tens of thousands of spurious files

would disappear. But you really can't do that anymore, and certainly not

to all the PCs at your customers' sites. Let's hope SP2 really does

block these pop-ups.

If you're really itching to check out SP2, you can download Release

Candidate 2. It's not supported by Microsoft, is not intended for

production systems, and should be used only for testing. Still want it?

Go to:

And if you want to read about SP2 functionality, visit: The latest posted update is May 14.

I do know this: I'll be testing SP2 a whole lot before I deploy it. And

if conversations with other integrators are any indication, you will

too. Good luck.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon