Microsoft has made available a beta version of its forthcoming Windows XP Service Pack 2, due in full form in the middle of this year. The beta is currently available to testers who will get a glimpse of the major security upgrade that many liken to an entirely new operating system.
The new Service Pack 2 beta version comes as the Redmond, Washington-based software giant has been pummeled by holes in its Windows operating systems and Internet Explorer browser and by a source-code leak that security officials have viewed as troubling.
The biggest changes in the Windows XP service pack — a 222-MB download in beta form — are the default activation of the operating system’s built-in firewall and automatic security updates that do not require much user intervention.
“It’s all about security,” Yankee Group senior analyst Laura DiDio told TechNewsWorld. “They’re trying to alleviate a lot of the problems people are having with patch management.”
Update or New Product?
DiDio said Microsoft decided more than a year ago to put as much of its security patching and other updates into service packs as possible. She noted that with XP Service Pack 2, Microsoft is emphasizing security — fixing previous issues and implementing new features — more than fixing various bugs in the software.
The analyst, who called the default firewall activation “huge,” indicated that Service Pack 2 is viewed in the industry as a new version of Windows, earning nicknames such as “XP Plus” and “Mini-Longhorn,” a reference to Microsoft’s next-generation OS expected in about two years.
Meta Group vice president Steve Kleynhans, who called XP Service Pack 2 more of a product change than a rollup of fixes, told TechNewsWorld that despite previous statements to the contrary, Microsoft has been forced to release the sizeable, security-oriented Service Pack 2 because of attacks on Windows.
Anticipation and Frustration
Kleynhans, who referred to the long length of time since the last XP service pack, indicated corporate clients are positive about the update and anxious to test it in their environments.
DiDio, who praised Microsoft for hardening Windows XP with the service pack, said that although its installation is fairly straightforward, configuration of the firewall could cause frustration. She added that Service Pack 2 includes an automatic update feature that operates more forthrightly than previous versions of the service.
“It has a full-screen window that used to let you ignore it, but now it just won’t go away,” DiDio said.
Nevertheless, analysts agreed that Windows XP users will be more secure with the operating system’s firewall enabled by default.
DiDio said ports now will be open only when the appropriate corresponding program, such as NetMeeting or Windows Messenger, is running.
“Before, those ports, which are magnets for hackers, were left open,” she said.
Kleynhans referred to Microsoft’s work toward eliminating firewall-activation problems that in the past have affected or even disabled other applications. Indeed, in discussing the service pack two months ago, Microsoft security unit vice president Mike Nash said the company was not worried about breaking other applications with the default firewall.
Keeping Up, Losing Code
DiDio called Microsoft’s potential security success with Service Pack 2 extremely critical, adding that — rightly or wrongly — the perception is that Windows is less secure than other operating systems.
She said the software giant had little choice but to pile on security enhancements given the treacherous IT security landscape it faces. Adding to the problem is the recent leak of some Microsoft source code, which many security experts believe will lead to even more Windows vulnerabilities and threats.
“They have to keep up and stay one step ahead of the hackers, which is a tall order,” DiDio said. “You better bet the virus writers are going to be busy as well.”