Microsoft Corp. has no plans to port the security and feature enhancements due in Windows XP Service Pack 2, now in final beta testing, to older versions of Windows.
The decision means that enterprises running older versions of Windows will be less secure and more vulnerable to attacks than those running XP systems that upgrade to the latest service pack, which includes many security improvements.
Microsoft officials in Redmond, Wash., last week said the companys focus is on shipping a high-quality SP2 release to customers. It is, however, leaving the door open to supporting older versions and is evaluating the technical feasibility of such an endeavor.
During a recent Webcast for system builders and PC and server vendors that sell products preloaded with Microsoft software, Microsoft officials had no comment on whether the features in SP2 will be available for other operating systems or older versions of Internet Explorer.
And while sources said the company is working on a plan for older systems, users running older Windows versions or specific programs should expect a piecemeal approach to SP2s security-minded features.
Not surprisingly, some users want those features fully back-ported. A systems manager for a global consulting company on the East Coast, who requested anonymity, wants Microsoft to back-port to at least Windows 2000. “We still have a good installed base of 2000 clients that will not be upgraded to XP any time soon,” the systems manager said. “The extra protection SP2 offers would sure be nice to have on 2000.”
Other users, however, are not as concerned. Charles Reid, project manager for iNet-Consulting. com Inc., in Los Angeles, said that he believes operating systems such as Windows 98 are inherently insecure and that he would much rather see Microsoft spend resources supporting current and future product releases rather than older ones.
“If customers want more secure systems, then upgrade,” Reid said. “The user community is better off if organizations like Microsoft are constantly moving ahead instead of trying to go back at the same time.”
A programmer in Michigan, who asked not to be named, agreed. Most responsible companies have already added security via policies, procedures and third-party tools, the programmer said. “The only ones waiting for Microsoft to come up with a solution are those companies that are too small to deal with the problems, and home users,” he said.
Microsoft, which two weeks ago offered SP2 Release Candidate 2 to developers and testers for evaluation, is sticking to the official line that SP2 is just a regular service pack. But beta testers of the software and Microsoft customers said SP2 is, in fact, more like a new version of Windows that will contain a number of features and fixes.
For example, with SP2, code-named Springboard, Microsoft is turning on its built-in Windows Firewall by default, adding new browser and e-mail safeguards, and enhancing XPs memory-protection features.
Microsoft officials are not disclosing the release date for the final version of SP2.