Who's afraid of service pack 2?
- 19 August, 2004 22:00
I was expecting a warning prompt with every action, a firewall alert with every network connection, and a barrage of confirmation dialogs when trying to install software. I shouldn’t have worried: XP Service Pack 2 caused me no problems and even left me feeling a little more secure.
As with any software upgrade, there are certain to be people who have trouble with SP2, and last week the news services started to report the stories of woe — although problems seem to emerge with most sizeable OS updates. Computerworld decided to try out the software on an in-use, reasonably generic desktop. The plan was not to test each part of SP2; we wanted to learn how much difference it makes to an average working day.
I’m always a willing lab rat. I installed the second release candidate on my Dell Dimension desktop a few weeks before Microsoft officially released the new service pack. My work setup is unremarkable — Lotus Notes, Firefox browser, Thunderbird email client and the Vision Manager phone monitoring software. I use the Eclipse IDE, Adobe InDesign, Photoshop and iTunes from time to time, and like most Windows users I have Microsoft software to keep the Commerce Commission awake at nights — Office 2003, MSN Messenger, the web browser, Visual Studio, and of course that old workhorse, Notepad.
Installation was straightforward. Upon restart, I was confronted with the familiar XP desktop — not a warning dialog in sight. I was mildly surprised to see MSN Messenger running normally. Launching iTunes, however, resulted in a prompt asking whether I should prevent the program from receiving network connections, allow it, or ask again later — sensible options that are descriptive enough for propellerheads and straightforward enough for IT simpletons.
I long ago abandoned Internet Explorer for Mozilla’s Firefox browser wherever possible, but still use it for some fussy websites. The first time IE6 blocked a popup window my opinion of this venerable browser was immediately lifted several notches. The security improvements in IE are well overdue, but we can be pleased this day has come — having to install third-party software in the browser merely to prevent popups was a pretty good illustration of IE’s shortcomings.
When my installed version of Vision Manager received an upgrade, I was pleased to find the firewall prompt appeared again, asking whether to allow network connections to the software. XP had realised Vision Manager had changed and needed to be “blessed” again for network access — a useful defence against malicious programs such as the latest Bagle worm that masquerade as something else.
What else is there to report? Not much. I barely noticed a blip in my work patterns, I never felt inconvenienced, and I’m pleased SP2 has arrived — the security changes are well overdue and closer to the security model used by modern Linux and Macintosh desktops.
So how much testing should you do before deploying SP2? Obviously, it depends on the apps you use. Software developed in-house should obviously be tested, particularly if it opens a network port to listen on. XP SP2 reduces an organisation’s reliance on its network perimeter, which is a welcome development, but that doesn’t mean there’s any need to rush to install SP2 if your existing network is reasonably secure.
There are two groups, however, who should be welcoming the update with open arms. The first is home and small business users who don’t have a decent firewall — or any firewall — between their desktops and the internet. They’re safer with SP2 installed; it’s easier to rollback the update if a problem is found than to delay and suffer a security or privacy breach.
The second group is IT staff who support users with laptops or other mobile devices. Portable gadgets are the easiest way for malware to enter the local network without being inconvenienced by a firewall, and they’re often wielded by people who have the least knowledge of IT security issues. Get SP2 on those laptops and do everyone on the network a favour.