Clear your calendar during the month of August. That's when Microsoft's
long-awaited, long-overdue, and long-needed update to Windows XP is due.
I plan to have a supply of ibuprofen at the ready. No doubt it will fix
some things that are already broken, but I'm really worried about things
that work today that might not after applying the update.
Service Pack 2, as you probably know, is pretty much all about security,
something we all desire and which Windows seems to lack. One key change
is that the Windows Firewall is going to be enabled by default.
Originally called the Internet Connection Firewall, you'll see it
configured in On With No Exceptions mode. You've gotta admit, that's as
far away from "off all the time" as you can get.
What is On With No Exceptions mode? Here's what it means: all inbound
Internet traffic is denied until the user changes the setting.
Picture it: you're flooded with calls from customers that have taken it
upon themselves to install SP2. Lo and behold, the Internet doesn't work
anymore. There's nothing really broken, of course, it's just a
tremendous pain. Revenue for you perhaps, but not what you'd prefer to
One has to wonder why an integrated firewall would be designed and built
but not enabled in the first place. No doubt it was left disabled to
ensure that upgrades from Windows 2000, 98, or Me would be smooth. Like
the old Fram TV commercials used to say, "you can pay me now or you can
pay me later." It's later.
The update bestows Outlook Express, Internet Explorer, and Windows
Messenger with the power to identify and then isolate malicious file
attachments as they are opened. A change to Internet Explorer itself
will endeavor to prevent script-based attacks. IE, at last, will get
it's own native pop-up blocker. Fortunately, it, too, is turned on by
With so many different aspects of security working inside Windows and
the browser, how do you know what's what? Here's an idea I really like:
SP2 contains the new Windows Security Center. It's a global view of all
security settings in the operating system. At a glance you'll know
what's on, including any antivirus protections.
What scares me is what might get broken once SP2 is installed. No doubt
Microsoft's own applications have been tested thoroughly and will
continue to work just fine. But what about third-party utilities, and
especially, custom one-of-a-kind applications? There's also the issue of
SP2 banging heads with other security tools that may be installed and
Starting last week, my own desktop system has been popping up hundreds
upon hundreds of advertising windows for everything from vacation trips,
mortgage refinancing, places to meet "women in your area," and even
security tools. I can't stop this torrent. Despite running Ad-Aware, a
couple of pop-up blockers, AOL's spyware protection utility, and a
couple of omnipresent toolbars, nothing seems to help.
In the old days, before software required activation - of which you
usually get only two before it's necessary to call and beg for more - I
would have simply reformatted the drive, reinstalled the OS and
applications, restored my data, and I'd be happy. In the process and
malware, spyware, data miners, and tens of thousands of spurious files
would disappear. But you really can't do that anymore, and certainly not
to all the PCs at your customers' sites. Let's hope SP2 really does
block these pop-ups.
If you're really itching to check out SP2, you can download Release
Candidate 2. It's not supported by Microsoft, is not intended for
production systems, and should be used only for testing. Still want it?
And if you want to read about SP2 functionality, visit:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2chngs.mspx. The latest posted update is May 14.
I do know this: I'll be testing SP2 a whole lot before I deploy it. And
if conversations with other integrators are any indication, you will
too. Good luck.