Microsoft Releases Windows Server 2003 SP1

By Peter Galli  |  Posted 2005-03-31 Print this article Print

The software vendor releases to manufacturing and as a free download its Service Pack 1, which is chock-full of security enhancements.

Microsoft Corp. late Wednesday night made the code for Windows Server 2003 Service Pack 1 available to customers as a free download, some two years after the product was first released. The Redmond, Wash., software company will simultaneously release the code, which includes security enhancements and some reliability and performance improvements, to manufacturing. In an interview with eWEEK ahead of the SP1 code release, which is available here, Samm DiStasio, a director of Windows Server marketing, said Microsoft did not just roll up existing security fixes with this release, but has also made changes to some root core behaviors in the operating system that will potentially allow classes of exploits to be eliminated rather than just an individual one that had a patch.
Steven J. Vaughan-Nichols warns: Approach SP1 with caution. Click here to read why.
Windows Server 2003 was the first product released that benefited from Microsofts Trustworthy Computing initiative, where all code goes through a rigorous screening and audit for potential security issues and other vulnerabilities. Included in SP1 is a new Security Configuration Wizard, which reduces the attack surface by gathering information about specific server roles, then automatically blocking all services and ports not needed to perform those roles, he said. The wizard took the guidance that has only been available in paper form on TechNet until now and "really put it into an automated tool that allows users to go out and discover their servers and further lock down the role that they have that server playing," DiStasio said. That will help further reduce the surface area and do this in an easy, wizard-driven format, which could be exported in an XML template that could be used for every Web server, in a one-to-many format, DiStasio said. With regard to protection against malicious attacks and viruses, SP1 has the firewall off by default, except for a clean server install when SP1 blocks all inbound connections to the server after installation until Windows Update delivers the latest security updates to the new computer. Once that is done, the firewall can be taken down, allowing users to decide how they want to use the firewall. "This is very important to IT folk as they want to be able to configure the firewall by themselves and not take on our defaults," he said. Microsoft has also taken the client inspection, the VPN (virtual private network) quarantine technology, and graduated that from the resource kit into the SP1 release, which is fully scriptable. In addition SP1 also includes Internet Information Services (IIS) 6.0 Metabase Auditing, which allows administrators to identify potential malicious users should the store become corrupted, while Network Access Quarantine Control components have been added to allow administrators to isolate out-of-date VPN assets, DiStasio said. Click here to eWEEK Labs analysis of Windows Server 2003 SP1. The team also worked hard on application compatibility, and Microsoft will be posting a document that maps out all the applications tested and, more importantly, the ones that were found to have regressions or issues. While the applications tested represent a fraction of the tens of thousands available, it is a good representative sample of 80 percent of applications and certainly reflect the top applications found in most environments, according to DiStasio. Those tested also gave Microsoft most of the behaviors that applications exhibit, "so were really catching the lions share here. But with any service pack, the advice to customers is to test it in their environment to make sure it works first," he said. Not only did Microsoft have its Technology Adopter Program (TAP) customers test the code, but it also had thousands of beta testers looking at it. The 50 to 100 TAP customers got every build of the code and also had sign-off power on the quality process around the code as well, DiStasio said. Asked about plans for SP2, he said that while there are always future milestones planned for the product, "I cant really say what shape those would take at this point. But we are always thinking about what the next serviceability release is that we need to do." Check out eWEEK.coms for Microsoft and Windows news, views and analysis.
Peter Galli has been a financial/technology reporter for 12 years at leading publications in South Africa, the UK and the US. He has been Investment Editor of South Africa's Business Day Newspaper, the sister publication of the Financial Times of London.

He was also Group Financial Communications Manager for First National Bank, the second largest banking group in South Africa before moving on to become Executive News Editor of Business Report, the largest daily financial newspaper in South Africa, owned by the global Independent Newspapers group.

He was responsible for a national reporting team of 20 based in four bureaus. He also edited and contributed to its weekly technology page, and launched a financial and technology radio service supplying daily news bulletins to the national broadcaster, the South African Broadcasting Corporation, which were then distributed to some 50 radio stations across the country.

He was then transferred to San Francisco as Business Report's U.S. Correspondent to cover Silicon Valley, trade and finance between the US, Europe and emerging markets like South Africa. After serving that role for more than two years, he joined eWeek as a Senior Editor, covering software platforms in August 2000.

He has comprehensively covered Microsoft and its Windows and .Net platforms, as well as the many legal challenges it has faced. He has also focused on Sun Microsystems and its Solaris operating environment, Java and Unix offerings. He covers developments in the open source community, particularly around the Linux kernel and the effects it will have on the enterprise.

He has written extensively about new products for the Linux and Unix platforms, the development of open standards and critically looked at the potential Linux has to offer an alternative operating system and platform to Windows, .Net and Unix-based solutions like Solaris.

His interviews with senior industry executives include Microsoft CEO Steve Ballmer, Linus Torvalds, the original developer of the Linux operating system, Sun CEO Scot McNealy, and Bill Zeitler, a senior vice president at IBM.

For numerous examples of his writing you can search under his name at the eWEEK Website at


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel