Windows XP SP2: A bandage but not a panacea

Unless you’ve been living in a cave for the past few months, you already know Microsoft has released Windows XP SP2 (Service Pack 2), the biggest update ever to XP. You also know that it’s supposed to fix the security holes that have become all too apparent in Windows XP SP1. You know what SP2 is; what you might not know is what it actually does and how it works.

Free IT resource Open Source Business Conference (OSBC) May 22-23, 2007 Sponsored by OSBC Free IT resource TechNet: More ways to know it, share it, and keep it running. Sponsored by Microsoft Windows XP Service Pack 2 Microsoft, microsoft.com Very Good  7.6 criteria score weight Management 8 30% Interoperability 6 20% Setup 8 20% Performance 8 10% Security 8 10% Value 8 10% Cost: New system, $299; upgrade, $199; free for existing Windows XP Professional installations Bottom Line: From a security standpoint, SP2 is vital, but you might want to think twice about deploying it, seeing as not everything you need to run under Windows may actually work. Although the rewards of moving to SP2 are significant, so are the risks. About our Reviews and Scoring Methodology

With SP2, Microsoft has delivered much in the way of security improvements. But before you let it loose on production machines throughout your company, you’d be well served to run it on test machines: Some additions can actually break your applications.

In my tests, I loaded the SP2 disk into a fast, well-equipped HP Workstation xw8000 running XP Professional SP1. Installation requires you to wait for the autoload to bring up a menu, agree to the license agreement, and let it go.

I did run into problems when trying to install SP2 on a nearly identical xw8000; the computer wouldn’t boot. After spending an hour on the phone with Microsoft’s India-based support team, I resolved the problem. Unfortunately, I never figured out the cause or the fix; things were just suddenly working.

After reboot, the first thing you see is the new Windows Security Center, which provides a central location for the most critical security features: the firewall, the anti-virus software, and Windows Automatic Update. At a glance, you’ll see whether these three features are running and up to date.

Of course, there’s more to the improvements than just the Security Center. The more obvious changes include launching the Windows firewall by default unless the installer detects another firewall already running. Additionally, the Windows firewall now communicates with users on a more detailed level. Unfortunately, the Windows firewall still does not attempt to control outgoing traffic, so you’ll need a personal firewall from a third-party vendor for full protection. SP2 also blocks anonymous RPCs, and those that run are set at a lower privilege level.

Changes to Internet Explorer now prevent masking the address bar, a tactic often used in phishing. Other changes include preventing the masking of dialog boxes that carry out certain actions, such as switching the home page, and revising Active X controls to prevent forced downloading of code. IE now features an add-on manager so you can see whether you’ve inadvertently installed something you don’t want.

SP2 also offers a series of changes to how Windows executes code. These changes prevent attachments from launching and reduce the chance that malware will execute as a result of some simple action. An additional processor-based “no-execute” feature is expected to be offered in forthcoming Intel and AMD processors.

The result of all these changes is a version of Windows in which users and admins have to do less to make a machine reasonably secure.

SP2 is not a cure-all, however. For example, the default pop-up blocking and the changes to ActiveX will break some apps. Moreover, many computers will need driver updates before they can run SP2. You should check with the manufacturer of your computers and the company that makes your critical applications, and you should run tests on hardware as identical as possible to the machines on which you plan to install SP2. Even then, you may find problems, but at least you’ll keep them to a minimum.