Windows XP Service Pack 2

[Shiloch Veneficus]

Scheduled for release in August 2004, Windows XP Service Pack 2 is coming.

This service pack is unlike any other Microsoft service pack, which has entirely new features bundled with it, and changes the way XP works in several ways. For a complete list of features, compatibility issues, and other documentation, see this link:

http://www.microsoft.com/windowsxp/sp2/default.mspx

It isn't yet available on Windows Update (which has also been changed to work with the service pack, and is now quite a bit easier to use for complete dummies).

For IT pros and super geeks, it is available right now at this link (266 MB):

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx

Be WARNED before you download and install Service Pack 2. It has been known to cause problems with other Firewall, Virus Scanner, and disk tool software. There are also other problems it had that were discovered late in Beta. Microsoft claims to have fixed the majority of these bugs, but it isn't going to hurt to be careful. As with any Microsoft service pack, install with caution. If stability is your primary concern, it isn't a bad idea to wait on it a couple weeks.

[Geadiin]

At work, we are being warned not to install it yet until they make sure it works with our corporate infrastructure. But i may try it at home unless someone else notices problems.

Earlier this summer I got to attend WinHEC (windows hardware engineering conference) and got to see a really cool feature of SP2. Some new hardware such as Wireless routers and wireless printers will allow you to configure them using a small USB flash drive. You plug the drive or key into your PC or laptop and tell Windows to configure the wireless network. It goes through a wizard that puts some files on the USB drive. Then you plug it into your wireless router and in a few seconds it has all the wireless settings configured (WEP keys, SSID, etc). Then you can take the USB drive to your wireless printer and in a few seconds it is configured. When all of your devices are configured, take the USB drive back to your PC / Laptop, and then it will add all of the devices you configured (such as the printer) to your PC.

It makes setting up a wireless network *so* much easier.

I also understand it may turn on your firewall by default which could cause you to lose connections with network devices such as printers. Or did they already do that in a previous security patch...I forget. It's just something to watch out for.
_________________
Geadiin ~ 67 Ranger
Akselo ~ 70 Bard
Babmatil ~ 70 Magician

[Shiloch Veneficus]

Yea, the firewall has been completely changed. It's now known as "Windows Firewall" and installing SP2 will enable it for all existing network connections. From what I've seen, it won't cause you to lose connections to network printers or shares, but it does more than just filter incoming ports, it blocks your outgoing ports via software monitoring.

The first time I loaded up Lotus Notes, Exceed, etc. after installing, you get a nifty Windows Firewall box that will allow you to 'unblock' the application or block it for good.

There's not a huge need for this on my network, but there may be on larger ones where people are more apt to download random shit and run it for no legitimate reason. Windows Firewall is 100% configurable through group policy in Active Directory, so you can set which applications can use the internet at the Domain level.

[warlax007]

http://support.microsoft.com/default.aspx?kbid=842242

Here is a list of stuff that stops working have fun.

I did not use XP for 2 reasons; 1 I did not want to have to call Microsoft when I made a major change to my PC and 2 raw sockets from what I have read were bad news.

Main page http://www.grc.com/default.htm
Windows XP raw sockets link http://www.grc.com/dos/sockettome.htm

Warlax

[Shiloch Veneficus]

Warlax:

In case you didn't actually read the article that you posted, that list of applications is not a list of software that "stops working," it's a list of software that may need to have open ports manually configured in Windows Firewall. Not only is this not an issue for a lot of those programs (they appeared in SP2 Beta very late and only in certain scenarios), it's very simple in Windows Firewall to configure. The article even goes on to tell you SPECIFICALLY how to configure it for those programs.

I don't know what this "I did not want to have to call Microsoft when I made a major change to my PC" is based on. If you're referring to Windows Activation, it's a simple device used to prevent pirating of the operating system, which doesn't even require you to call Microsoft at all. If you buy it and legally own it, you can activate Windows with any internet connection. Furthermore, you don't have to re-activate after significant hardware changes. It's only after a large number of significant hardware changes. Even when that happens, it's a 10-second process on the internet.

I'll go on to say that if you don't want to have to deal with activating Windows XP, just download a pirated VLK version. It doesn't even include the activation code.

This "raw sockets" thing is totally bogus. Not only is this information extremely dated (that was posted October 2003), Microsoft answered it calling the idiotic remarks made on that website at this link:

http://www.microsoft.com/technet/security/news/raw_sockets.mspx

[Gryfndor]

you've got way to much time on your hands Shiloch lol Thanks for the Info on SP2 got it loaded on all my systems now and seems to work as ordered. I've been wanting a full download but hadn't seen it anywhere. This way I can pull it at work and burn a CD for home and my SHIT modem connection.
_________________
Gryfndor 65 Wizard
Epiphone 65 Necromancer
Niche 57 Enchanter
Farzy 51 rogue
Nasgul 29 Shadownight

[Shiloch Veneficus]

[Elnrik Talshiar]

I stuck a penny in a socket once.

Sockets can be bad.
_________________

(AKA - Brent)

[warlax007]

"I don't know what this "I did not want to have to call Microsoft when I made a major change to my PC" is based on."

Well if your not connect to the Internet then you would have to call.

"I’ll go on to say that if you don't want to have to deal with activating Windows XP, just download a pirated VLK version. It doesn't even include the activation code."

Sorry I don't use pirated software.

"In case you didn't actually read the article that you posted, that list of applications is not a list of software that "stops working," it's a list of software that may need to have open ports manually configured in Windows Firewall."

Well I read the article and the title says "Some programs seem to stop working after you install Windows XP Service Pack 2" To the average user they will think the program has stopped working. I think the average user does not even know what ports are. All that article was nothing more then some fixes for people that might need get them working again.

http://www.microsoft.com/technet/security/news/raw_sockets.mspx

"In sum, it doesn't matter what networking functions are available as part of an operating system if an attacker's code never gets the opportunity to run on it."

If you read http://www.grc.com/dos/sockettome.htm
"Under the Home Edition of Windows XP, ALL users are Administrators by default." The average user doses not know how to change that or set up an logon ID that does not give full rights to the PC.

Microsoft goes on to say "If it were, the explosion in DDOS attacks should have already occurred, as raw sockets implementations are already present in Linux, VMS, Unix, Mac OS X, and even in previous versions of Windows."

Well most people running linux, vms, unix are mostly your tech heads that know not to log in to root only and leave it running with full access. Your average user is not going to be running these operating systems. So ya the problem is not going to be out there wide spread. I'm sure most people don't even know what VMS is.

The SP2 is a step in the right direction but the problem of all users are Administrators by default is there.


Warlax

[Shiloch Veneficus]

[ZigonZagoff]

I know what VMS is, Virtual Memory System.
Started out on VAX architecture and has migrated to Alpha Architecture and is migrating to the Itanium.

In fact in the last 3 years I went from support 53 servers to supporting 12 servers in Phoenix and second line support for 11 in Austin. I love some of the new technology where HP is trying to get people to buy a superdome to run their Unix and VMS on the same system but in different partitions.

If you ever want VMS help or questions answered I am your man. I either know the answer or know where to direct you (or I make it up )

http://zdnet.com.com/2100-1104_2-5323378.html
If you are doing SP2 and work on software (or know how to test software) read this link - read the comments if you have time just to see how others are feeling about this. Btw - Good luck implementing SP2.
_________________
Retired (or mostly retired) to WoW
Zigon Zagoff (Wizard)
Cillit Kwiklyordie (Monk)
Caylik (Cleric)
Jonan Dabarbarian (Shaman)

<Walkers>
Vazaelle

[warlax007]

http://www.internetweek.com/allStories/showArticle.jhtml?articleID=38100003

The best part of the article
"This defense -- that the bigger security holes in Windows are the real honeypots for hackers, and thus smaller flaws can be safely ignored -- is a new one from Microsoft."

Warlax

[Shiloch Veneficus]

I'm going to have to agree that the ramifications of SP2 will hit small developers hardest. Applications with loose security measures will cause Windows to nearly lock them down. The compatibility issues from that is going to drive a lot of people nuts.

Microsoft is pushing for developers to make the necessary changes to improve security. They don't want to step down from the secure stance they've taken with SP2, which is a good thing. If you're using custom applications in your business, it's good advice to wait on SP2. Use a test environment, get things working before you deploy it.

I went through this process, we spent several full days with SP2 Beta and 2 full days with the release before we rolled it out. We're lucky, pulled it off almost without a hitch. Many, many others won't get it that easily. I'll know quite a bit more when I start doing this same thing for the rest of my customers.