Developers, IT department workers and early adopters have begun to report on their experiences installing Microsofts Windows XP Service Pack 2, and while most say they have had no serious problems installing the update, it hasnt all been smooth sailing, either. Early experiences suggest that the security-oriented upgrade will need extensive testing before IT managers can feel confident that they understand all of the side effects.
In Weblog postings and interviews with eWEEK.com, users have reported everything from unproblematic installs to complete system failures. In between, difficulties varied from confusing user interface changes to broken applications to performance slowdowns. Many said SP2s features improved their confidence in the platforms security; others said they continue to be surprised by minor issues.
“Overall Im still not convinced of SP2s stability, and I keep expecting to find issues with my other applications,” wrote developer Kulvinder Maingi in a Weblog post.
One major change with SP2 is the introduction of Windows Firewall, which replaces the old Internet Connection Firewall. It is enabled by default and executes before other programs in an effort to ensure that most Windows users will be protected at the desktop level. Some individual users found the firewall irritating, with its warnings and the need to configure some programs to work with it.
Others felt the firewall was an improvement, including one user who attempted to execute a copy of the Bagle virus. “SP2 blocked the installation of the malicious code with not one but two separate warnings. Someone would have had to go to a lot of trouble to choose to install this virus,” wrote author and Windows pundit Ed Bott.
On the other hand, Windows Firewall has a more serious shortcoming, according to critics such as Zone Labs, maker of the ZoneAlarm firewall: It can be turned off by a third party. ZoneAlarm, McAfees Personal Firewall Plus and Symantecs Norton Personal Firewall are all being updated to disable Windows Firewall when they are installed, and switch it back on when they are uninstalled.
And if another firewall or an administrator can switch Windows Firewall off, so could an attacker, argued Zone Labs. Critics also said the firewall should have included outbound blocking, used to stop malicious code from being used in a distributed denial-of-service attack or to send spam, for example.
Microsoft admitted that the firewalls manageability means a malicious user could turn it off in some situations. “But youre in a compromised state if youre at that point,” said Microsoft technical specialist David Overton. “Windows Firewall is there primarily to stop unsolicited communications with a PC. It is a management process, not a silver bullet.” He said other tools, such as perimeter packet inspection, were more appropriate for stopping malicious outbound packets.
Broken applications were among the most common issues users reported with SP2—something Microsoft has been warning users about for several months—often an effect of changes in Windows XPs security settings. Symantec this week released patches for its Norton anti-virus products enabling them to work with Windows new Security Center. Microsoft has said that some of its own products, such as its customer relationship management software, will need patching to work with SP2.
Users also discovered conflicts with a number of other applications. For example, a peer-to-peer program called eMule is slowed down by an SP2 feature that limits the number of simultaneous TCP connections a program can make to different IP addresses—something that would have blocked worms such as Sasser from spreading, according to Microsoft. Currently, the only fix appears to be a complicated workaround to change Windows TCP/IP parameters.
DivX 5.2 and Dr. DivX 1.0.5, which support DivX-encoded video, dont install properly on SP2 systems; a new feature called Data Execution Protection, designed to eliminate buffer overflows, must be temporarily turned off before running the DivX installer.
Other applications that users reported problems with included remote debugging in Visual Studio.Net 2003, Microsoft Access 2003, Novell BorderManager, Style XP, the Thief III game, Radio Userland, Crimson Editor 3.60, the Tablet PCs OneNote application, the Skype IP telephony program, MSN Messenger and the ATI graphics control panel.
Some hardware glitches also showed up, including with the Microsoft wireless keyboard, some wireless cards and DataCADs Hardlock driver. LaCie has issued new drivers to allow SP2 machines to connect to hard drives with a FireWire 800 interface.
“I can already see that there are tons of kinks that need to be worked out,” commented one user in a Weblog posting. However, most users who mentioned one of these problems said they hadnt had any other issues.
Many of the conflicting applications, such as Skype and Radio Userland, have run afoul of SP2s tightened-up policies for Internet ports, but some users said the difficulties made them feel more secure. “I had to actually put some effort in to get Timbuktu (a remote management program) punched through (it uses several ports for different features), but that was the only significant issue,” said author Glenn Fleishman in response to a blog post by Microsofts Robert Scoble. “The fact that I couldnt see the machine, I liked.”
One developer noted that SP2 changes the way Windows allows Remote Desktop connections, used for remotely administering clients. By default, Windows Firewall blocks remote desktop connections (TCP 3389), even if the system was configured to allow them before SP2 was installed.
Among other quibbles were the lack of improvements to Internet Explorer, with support for PNG graphics, Cascading Style Sheets, tabbed browsing and page rendering speed “at a standstill,” according to one user.
In isolated cases, users found SP2 caused serious problems for some machines, slowing down performance, making a machine unusable or failing to install at all; one user claimed to have tried installing SP2 using four different methods, but had to uninstall it each time.
Most users, however, have said they had a positive experience overall with the update, with particular favorites being the popup blocker in Internet Explorer, the Security Center and improved integration of wireless technologies such as Wi-Fi and Bluetooth. “One thing that I havent heard anyone mention is the new wireless networking interface,” said one user. “That has impressed me the most.”