Windows is by far the most prevalent desktop operating system, and security—often due to flaws within that environment—is the most prevalent IT headache. Consequently, the rollout of Windows XP Service Pack 2, which has remedies to many of Windows security ills, has been eagerly and impatiently awaited for many months.
The enhanced security features of SP2 include Security Center, which tracks anti-virus software and checks whether it has the latest virus definitions. Another feature is Windows Firewall, which is enabled by default. According to early users, Windows Firewall is significantly more effective than its predecessor, Internet Connection Firewall, in blocking malware such as Bagle. In addition, SP2 blocks buffer overflows, long a ready avenue of attack against Windows systems. Also included is a feature that will block Sasser-type worms.
With all these benefits, it may seem odd indeed that some IT professionals would choose not to deploy SP2 right away. But theres method to their madness. The security features in SP2 prevent some applications from running; many IT managers want an opportunity to test the new release—and patch any application glitches that might appear before deploying it on a broad scale.
That delayed deployment is a reasonable choice, even though that kind of application breakage is itself probably a symptom of insecure programming practices—the kind that could have taken root only on a poorly secured platform, to be sure, but that prudent enterprise application developers have probably taken pains to avoid all along.
Yet Microsoft, demonstrating that the company is listening to its customers as perhaps never before, has offered enterprise sites a facility for excepting SP2 from otherwise-normal automatic updates, allowing IT professionals to make the major SP2 update at a time of their own choosing.
Some would say that SP2 should never have been necessary—that Microsoft should have built Windows with better security from the start. Perhaps so. But it is clear that Microsoft has stepped up and delivered a much-needed update in SP2 that all Windows users will be better off installing.
Whats more, Microsoft said more than two years ago that it would make security a higher priority than application compatibility. That kind of advance notice does not occur often in this business. Users should not expect much sympathy if they were not paying attention and built applications oblivious not only to security concerns but also to Microsofts compatibility warnings. Microsoft had to make things better, and it has, with plenty of warning as to how it would proceed and with appropriate flexibility for sites that need time to accommodate a better way.
Today, Windows is stronger, and enterprise infrastructures everywhere will soon be more secure. We applaud Microsoft for making good on its commitment.
Were interested in your views. Send your comments to [email protected]