Windows XP Patch Imperative Looms
Windows XP Patch Imperative Looms
They say that the best writing is rewriting. To me, the same idea goes for reading or watching episodes of SpongeBobbut not for doing taxes.
If the concept of rewriting has universal application, then Microsoft developers should be very, very good by now, because there isnt one piece of Windows, Office or other Microsoft code that hasnt been rewritten and distributed in the form of a service pack.
Windows 98, 98 SE and ME all were essentially service packs for Windows 95. Windows 2000 has been issued four service packs, along with countless Internet Explorer patch roll-ups.
The major Windows XP rewrite, SP2, composed mostly of security fixes, came out last August. Windows Server 2003 SP1 came out late last month, two years after the original product was released. (Look for an eWEEK Labs review in the coming weeks.) Microsoft should consider updating the name from "2003" while its at it.
The company has been chided for this practice over the years, with some justification. "Get it right the first time" or "Dont ship it until its ready" have been the most frequent complaints. Ive even blasted the company myself several times for this fix-by-service-pack strategy.
I now think, however, that this argument has lost some of its spark. For one, theres no logic to it. Microsoft and Windows are here to stay for the foreseeable future. Railing against service packs is like tilting at windmills, a futile exercise.
If youve invested the money and time in deploying XP in your home or business, for instance, you have to live with it and all its flaws, at least until the next service pack.
If you were worried about the security, or lack thereof, in XP, you should have stuck with Windows 2000 (SP4) or gone to another platform.
Next Page: Avoidance was bliss.
Avoidance was bliss
Many of you have avoided installing XP SP2. AssetMetrix this month released a survey of 136,000 PCs in 251 companies, large and small. The results show that about 38 percent of the PCs are running XP, up from 7 percent from a fourth-quarter 2003 study. But only 24 percent of those XP machines have installed SP2.
A higher percentage of small businesses have installed SP2 than large businesses. For the purposes of the study, a large business had more than 1,000 employees.
This negligence can be dangerous to your organization from a security standpoint, considering how many security flaws were found in the first edition of XP.
There are some reasons beyond stubbornness for corporate avoidance of SP2. Application compatibility is the main one. Other users dont trust Windows Update mucking with their machines when they are not looking and would prefer to manage the updates themselves or with their own system management servers.
The jig is finally up for those who have been avoiding SP2, however. For eight months, Microsoft allowed users to temporarily block the update feature from accepting SP2 downloads. That ends April 12.
Microsoft is unclear whether the end of the reprieve will affect only those machines that have Automatic Update and Windows Update turned "on" or if it will force SP2 to be installed on all XP machines regardless of whether the update feature is on.
The good news is that with SP2 installed, you should be good until about 2009, after which time Microsoft will force you to upgrade again.
But in technology years, thats too far ahead to be planning. Then again, it would give you time to explore other platforms if you want to get out from under Microsofts thumb.
Whatever your reasons for shunning service packs in the past, as long as you and your business depend on Windows, then XP SP2 and Windows Server 2003 SP1 are legitimate "must have" upgrades.
Yes, it is indeed better to get something right the first time, but in todays computing environment, its more important to get it rightperiod.
eWEEK magazine editor Scot Petersen can be reached at email@example.com.