Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Windows XP SP3: We Ought to Have More of These

    By
    Larry Seltzer
    -
    October 22, 2007
    Share
    Facebook
    Twitter
    Linkedin

      Many years ago I complained about Microsofts update policies, specifically about the sheer number of updates that were available only online. What was needed was a disk version of Windows Update. If you bought a new computer and connected to the Internet, especially for a dial-up user, you faced hours of updating from Windows Update, not to mention updating Microsoft Office.

      OEMs are much better now than they were then about delivering systems relatively up-to-date, but you cant assume that systems bought off the shelf at your average electronics store are anywhere near up-to-date. What was needed, I argued, was a periodic CD update to bring Windows up to some baseline, such as Service Pack 2.

      The installed base for Windows is expected to cross the 1 billion mark. Read more here.

      Windows XP SP3 will be, in effect, that kind of update. All indications are that it is a simple roll-up of updates to Windows since SP2, which shipped ages ago, back in August 2004. It will add a few critical security-related updates for applications such as Internet Explorer 7 and Windows Media Player 11.

      This hands-on review says there are a few small changes in addition to the roll-up. There are some changes to clarify wording in the Control Panel Security Options applet. Also, the address bar option in the Taskbar tool bar list is gone—the victim, it is said, of a “regulatory request.” I guess this makes the browser too “integrated.” At least it was a worthless feature.

      There are also a couple of useful, if obscure features, such as kernel-level support for FIPS (Federal Information Processing Standard)140-1 Level 1 cryptography. Also, there will be improvements in black hole router detection; this is where routers drop incoming packets without informing the system.

      Microsoft says SP3 for Windows XP is currently planned for the first half of 2008, but no promises on that date. Ive seen stories claiming that its release is timed to coincide with that of SP1 for Windows Vista. Why you would want to coordinate the two is beyond me, but the distinction between those two updates is interesting.

      Like Windows XP SP2, Vista SP1 is viewed as an important update, a turning point for the products. XP SP2 made changes so important and consequential to XP that many at Microsoft wanted to call it a new version of Windows, but it was decided to downplay the changes as a service pack in order to accelerate adoption of it, in order to improve Windows security footing.

      Vista SP1, on the other hand, was an enterprise planning target long before Vista even shipped. Obviously, there was always going to be an SP1, but the perception that many buyers were waiting for it in order to adopt Vista gave Microsoft some perverse incentives. Microsoft wants the service pack to give that air of maturity to Vista, but it has reason to avoid changes that would require substantial new testing.

      For example, I had heard through the grapevine that Vista SP1 would turn DEP (Data Execution Protection) on, by default, much more extensively than in Vista or XP. This is the sort of change that can cause problems with third-party drivers. I wouldnt be surprised if Vista SP1 turns out to be more conservative than its designers had originally planned. The first big update after a release is not just about rolling up patches, its about correcting mistakes.

      But once a product becomes mature, periodic roll-ups are good for users. I still havent heard from Microsoft it doesnt provide them, and its not for lack of asking. Perhaps Microsoft figures people will ignore monthly updates if there are roll-ups two or three times a year.

      Its hard for some of us edgier people to believe, but there still are a lot of dial-up users out there, and a lot of DSL users with very slow connections. For these people, updating a system takes all night long on the computer, perhaps more. They alone are a good enough reason to make updating easier, but there are others.

      Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. He can be reached at larryseltzer@ziffdavisenterprise.com.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Larry Seltzer
      Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×