Tuesday, August 24, 2004

Windows XP SP2

*sigh* I've been answering a lot of questions about this update for friends and family. I've also see a lot of hubris on the internet about SP2. Let me start this by addressing the question about where or not to install it: If you are a home user, then install it ASAP. The problems you are likely to encounter will be minor compared to the safety SP2 will provide. It you are a business user of any size, then wait a month (turn off automatic updates or block it with the Microsoft tool that allows you to do this).

Now, having said that, there are some caveats to SP2. First of all, while IE has a new popup blocking feature and it does manage downloads better, it is still not a terribly secure browser platform. You are better off going with Firefox or Opera as they are safer browsing platforms. In fact, ZDNet and other organizations have already reported on a new browser flaw found in IE that works despite SP2.

Secondly, SP2 automatically turns on the Windows Internet Firewall. The WIF is enhanced and can be managed with the new Windows Security Center console. For those of us who already have firewalls, this is not going to be an issue. If you have Zone Alarm, McAffee, or any number of other products, you already have a better firewall that the Windows one (even better than the enhanced one) plus you are probably familiar with how to operate and control a firewall. For those of us that do not have a firewall, well, shame on you, but this will greatly improve your security. If you have troubles with a program after installing SP2, then this is the first place to look for a fix. I suggest you read this article and the associated links in the upper right hand of the page on how to adjust your firewall settings.

Third, XP SP2 updates Outlook Express to bring it's security settings up to par with Outlook 2003. In other words, anti-spam technology is added along with functionality that prevents the automatic downloading of images from a web server. By downloading images automatically from a web server, you open yourself up to potential security hazards as well as spam tracking. Finally, Outlook Express now blocks unsafe attachments from reaching your PC unless you tell it that you want that attachment. So, for people who automatically clicked on attachments that ended in, say, ".exe" without checking the source of the email and despite numerous warnings about doing such things (such as the person who was VP of my former company), this will prevent you from infecting yourself as well as others so easily.

Fourth, SP2 comes with an update of Windows Media Player Beta 10 (this was news to me, but a friend of mine got it). This is not a major update to the player right now, but there will be some cool things coming to it when the release becomes official.

Home users are at less of a risk for adding SP2 because they are less likely to encounter problems with program compatibility and such problems are less likely to be "mission critical" (in other words, they can take the time to track down any such problems).

Users of business applications that have been modified for their internal networks or are system criticial should test their networks and their applications before applying the service pack. The apocalyptic warnings given to business users regarding SP2 are ridiculous. IT people should test all service packs before installing them on critical systems and, in that regard, SP2 is no different than a patch to any other software in your organization.

No comments: