Should You Put Windows XP SP2 Deployment on Autopilot?

Opinion: Microsoft has recommended that most users acquire SP2 via the Automatic Updates feature and has provided tools for corporations to do this. Is it a good idea?

Ive seen reports of people who are shocked! Shocked to hear that there are applications and network configurations that fail to function under Windows XP Service Pack 2.

After years of complaining about security problems in Windows, Microsoft finally does the right thing and plugs many of the holes even at the cost of breaking functionality of software.


I, for one, am not shocked to see them criticized for doing just that. Of course, its almost the point of XP SP2 that it breaks these configurations. We shouldnt be surprised to find issues with Service Pack 2. We shouldnt take too much time in adopting SP2. But we should test it.

If youre responsible for a large number of Windows XP systems and you dont have an explicit test network, you should already have designated a small sample of typical systems as guinea pigs for the release candidates, and therefore the changes in the program should be no surprise to you. Move on to the release code on these systems for final testing and then to a staged deployment.

Its entirely possible that youll find issues in testing. They may not be big problems; the firewall may be blocking a port you use and you might just open it. In other cases you might take the opportunity to rethink an application. Ive seen one program (DivX video) that breaks on SP2 on systems with support for SP2s Data Execution Protection, the ability to detect buffer overflows. Their solution? Turn off the protection, at least for their programs. Does this seem worth it to you? In fact, this is the perfect example of the kind of program that will have to change.

Next Page: Why not use Automatic Updates?