Many users and IT administrators had a lot to say about Microsoft’s removal of the “blocker” mechanism this week, which had temporarily disabled the delivery of WinXP SP2. THG contacted members of the IT community and spoke with often-cited security experts, who discussed their concerns about the damage SP2 may cause and some cases where the download might really be necessary.
SP2 And The Damage Done
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
I was just wondering what other people thought, the school that I used to work at had about 3000 clients, some wireless (b/g type) and some wired. SP2 fixed boatloads of problems for us, and we put it on every XP machine we had. I was just wondering if any other IT people had similar/different experiences than I did.
I had an initial bump with the SP2 for the first two weeks or so, but after that my XP machine returned back to its solid state. I am happy with XP and SP2, I just wish that I could convince my brother to keep it installed too (he uninstalled it because his third party modem driver stopped working well and he didn’t even try to get a newer driver but he instead blamed me for installing SP2 on his PC
).
those administrators probably advised XP for desktop use?
Most places as we all know have to use Microsoft products because some specific software they have to use isn’t available on anything else. Also in a school setting you do not get to choose, you have to deal with whatever students bring with them.
…to parody a Neil Young song about the thrawls of heroin addiction in a story about Windows XP SP2…
I’ve seen the needle and the damage done… a little part of it in everyone… every junkie’s like the setting sun
thats why they are caled admins. test before aply , report back vendor if it fails. simple like that. but you have to do your job.
Actually I think the reason that most companies haven’t rolled out SP2 is because the majority of their IT staff spends all their on OSNews complaining about how no one understands that Linux is perfect for everything, and trying out the latest builds of their favorite LiveCDs.
How hard is it to roll out SP2? Depending on the environment – most users are using standard applications. Anything that needs older drivers should be used via Citrix to minimize patch conflicts.
It can be even easier than that, most places like where I work, by machines by the hundreds, and they all have identical hardware. From that you simply build up a stable ‘image’ and use software like ghost to roll out new images of the OS to all machines. Users don’t have to worry about their files because they are saved on the servers. And for specific machines, you have your interns/low level techs deal with the problems
At work (and at home) we have had no problems with SP2. If anything it has made things run a lot smoother.
A side note for Eugenia . . . thank you for posting Windows articles on OSNews. Linux is by far my OS of choice, but for people that have to work with it on a day-to-day basis it is nice to see Windows related topics.
“Wow what a big bunch of FUD! Windows admins that can’t even install a Service Pack with getting BSOD’s what a pathetic excuse for an admin. Lazy first and lack of knowledge(stupid) is second for the reason SP2 is not out.”
Just because you haven’t problems with it doesn’t mean nobody’s having problems. I sure they guy went out of his way to MAKE his machines show the BSOD just so he could say that, right?
I don’t have three thousand machines to patch, but I patched to SP2 immediately, the security fixes are worth more than the problems it might cause, and luckily I experienced no problems at all. One thing I have noted though is that SP2 cannot be installed on a corrupt / virus ridden / spyware ridden system. Any tiny semblence of system damage and it fails. Not good for corporate users.
I have had no problems with SP2 either. I’m mostly a Linux shop at home, but have a couple of WinXP boxes left and they are working very nicely. As said above, there were a LOT of under the hood things with this Service Pack. I had flakey networking BEFORE the Service Pack (disappering icons, etc) and it all seemed fixed with SP-2.
Personally, I think that it was a good thing and the IT shopes should get with it and go with it, but I don’t know how to run a big shop like they do. Most of the install problems were because of infected machines PRIOR to the install. Applications compatibility, from what I understand, is pretty much a non-issue now that it’s been about 6 months.
If maintained, it seems that Windows runs just fine. It’s just boring as all heck…
No one is forced. You can always turn auto-updates off and choose to never run updates. I’m not recommending this, just stating that they simply aren’t offering a choice of update paths anymore.
If you want to blame them for something, blame them for making XP so shoddy that it needed something like SP2…
I’m still waiting for someone to get Unreal2 XMP working with SP2. I guess nobody really cares about those of us that prefer XMP to the various Tournaments.
One thing I have noted though is that SP2 cannot be installed on a corrupt / virus ridden / spyware ridden system.
I agree. It installed perfectly on my computer, but really screwed up a computer with lots of spyware on it.
Hopefully, at work we are using w2k. We are doing software for embedded devices. Our problem is all those software are sometimes so old (and badly maintained) that sometimes they still rely on 16 bits small tools. Just by curiosity, I tried running some tools on my XP SP2 home PC. Most failed (if they install) ! The company must go to XP for end of year. IT department know this and will not update developers PC because of SP2.
If you are in an organization with 2000 or XP just create a policy to disable Automatic updates and setup an SUS machine to push the updates down to the machines you want when you want. This is only for the huddled masses, not organizations. An IT staff should know how to roll out patches. I mean come on!!!
And if its a school why are you letting machines from the outside in or on the network. Seems like a security violation to me. If it doesnt meet the naming convention it gets no access…..
Smartpatrol: Wow what a big bunch of FUD! Windows admins that can’t even install a Service Pack with getting BSOD’s what a pathetic excuse for an admin. Lazy first and lack of knowledge(stupid) is second for the reason SP2 is not out.
There isn’t necessarily much you can do – I’ve seen SP2 installed and all seems to go fine, but upon reboot, bam, machine’s dead.
There are other issues too – it likes to completely nuke Bluetooth by overwriting any drivers you might have with Microsoft’s ones, that sort of thing. None of thise encourages people to deploy it.
I agree entirely with the comment about liability cases. It’s long past time Microsoft accepted some responsibility for their products.
If Ford decide to call your car in to fix something they perceive as a problem, and the brakes fail as a result, you’d be blaming them for it! Not saying “Oh well there was a clause in the contract saying they’re not responsible for anything that goes wrong”…
what makes some of you think that a lot of these companies are overflowing with money enough to purchase SUS servers, and servers capable of pushing out images without choking. Case in point: The HEALTH facility that I work at has no such budget for items of which you speak (using “you” in a general sense).
I just love the world that you live in…where your budget is so bottom-less and your every need is fulfilled; where can I sign up for one of these fortunate companies? sorry for the tangent rant but it just baffles my mind that so many are so clueless.
For reference, when I walked into the facility back in 2002, they still had windows 3.11FW. Sadly , similar situations like this are more the norm than your decked out IT dept with lights of lights and computer thingies.
As for pumping out SP2. Our solution was a combination of GFI Lan-guard ,and a person(s) with a CD. We’d update SP2 with the CD and then push out remaining patches with GFI and we’re still not finished.
I’m sure that SP2 isn’t for everybody. Personally, I only use WinXP to do module development for a game called Neverwinter Nights (no toolset for Linux). I upgraded to SP2 and found the application to work noticeably much slower. I found I could actually count the seconds it would take to load an area.
Thinking it might just be because it was a fresh install, I did a fresh install of WinXP with SP1 and found it to be just as fast as I remembered it.
So I’ve no reason to update to SP2 (don’t do anything but use the toolset on it) and have at least one reason to stick with SP1 (speed).
You do realize this is free right? and that policies are built into the OS on 200 and XP? Who said anything about setting up a new server.. just install the service and be done with it.. Your the one that seems hellbent on buying pointless stuff.. We did it all with what was available for free.. You prove that windows admins only complain. Never mind that most PC’s purchased for a company are capital expenses thus depreciated and written off over a period of 3-5 years. You seem to be the clueless one looking to make work for yourself.
And just so you know I too work in the healthcare industry. and you better be upto date or HIPPA will bite your butt good with that windows 3.1 stuff.. No money for upgrades,, hope you have money for lawyers.
sorry… thats HIPAA.
I dont see what the problem is with sp2. I only seen one issue. if a computer had sp2 we couldnt use the Hp digital sender. Yeah I know what you are thinking, firewall enable……wrong we disabled it, must be something else that is blocking it.
forgot to mention the Sarbanes-Oxley Act in regards to medical records.
OMG. Don’t get me started on HIPAA. If I spent half as much time fixing problems as I do writing up documentation… ;P
“I agree entirely with the comment about liability cases. It’s long past time Microsoft accepted some responsibility for their products.”
Microsoft can afford to pay, but that idea will destroy opensource.
Don’t even start telling me: but what you’ve got for free you can’t complain about- or I’ll ask you what is your opinion about someone giving poisoned candy to children for free, or first ecstazy pill for free.
tell me about it, its insane… At least you your name on the documentation
If large coorporations use custom tools, they cannot risk breaking working tools, which their business has grown to depend on, with SP2. There is no business justification to rework all tools which might break with SP2 – it’s cheaper not to install SP2 and to hire a few admins instead. It will take years until coorporation adopt SP2.
It’s pathetic to see all the teenagers which have started migrating from Slashdot to OSNew. This used to be a site with fairly intelligent conversations, nowdays it’s just drivel (I guess that also includes this post). Just because SP2 works OK for your home PC (where you dont run any custom software, only commercial/shareware of the shelf stuff), it doesn’t mean the rest of the world doesn’t have problems.
The problem with any company taking responsibility for your problems is that most users don’t read the manuals or the text files before installing and just click setup.exe. Then when they have a problem it’s all somebody elses fault. I’m not saying that MS shouldn’t take responsiblity but it’s a huge can of worms and would cost a fortune.
I used to work for a hardware company and every genius who had a problem caused by anything third party used to ring us looking for help or for us to fix it. Eventually we stopped doing our free support because we were getting too many calls that weren’t our fault. Somebody has to pay so the price went to the customers.
You can see it in some of these posts. Joe user installs SP without doing any homework about this huge upgrade to their OS and then complains when they have problems. That’s OK for users but for Windows admins that do this for a living there is no excuse. Blaming MS is easy. Saying you don’t know how to do your job to your boss is not.
good thing for us programmers who don’t have to worry about this stuff hehe. as for custom applications, good thing am writing java stuff.. thank god for jvm
I rolled out SP2 on all the machines at work and didn’t run into any problems. The workstations seem to get less spyware and popups which is a major plus.
“It’s pathetic to see all the teenagers which have started migrating from Slashdot to OSNew.”
Funny you say it in this thread, where almost everybody is being reasonable.
I am a very well known linux fan, but I don’t mind helping people with Windows problems. Or even installing it on my computer for the few apps I can’t run in linux (mostly games)
What is really unbearable these days is the never ending battle between the Ubuntu fanboys (they seem to have the upper hand) and those who don’t like it, including myself.
And BTW I am long past my teenage years and I don’t come from Slashdot.
when you have only 224M RAM, youll never put on SP2…It comes with more than 30M in RAM on bootup…And nothing in it is useful – Im with turned off spylike win updates, with other firewall and other browser…i dont need nothin in SP2…win is only platform, why to make it complicated? But you have nice mashines with 1GBRAM on – well you have to be modern – PUT this crap IN!
when you have only 224M RAM, youll never put on SP2…It comes with more than 30M in RAM on bootup…And nothing in it is useful – Im with turned off spylike win updates, with other firewall and other browser…i dont need nothin in SP2…win is only platform, why to make it complicated? But you have nice mashines with 1GBRAM on – well you have to be modern – PUT this crap IN!
Don’t blame M$, blame the clueless users who must have this stuff forced down their throats in order to maintain some semblance of security.
It’s tragic, but since home users who can’t buy a clue make up a fairly high percentage of total users, they have to work this way.
224 megs? Let’s see that’s either a 32, a 64 and a 128… or you have shared video memory on the mainboard… Wow, that’s archaic. Tell you what, spend the $30 on another stick of 256…
There’s no good excuse to be running XP on less than 256megs, that’s what win2k is for.
SP2 deployed beautifully at work and I use it at home.
It resolved a wierd problem I had that was gobbling 100mb of ram without having any processes that could explain (size wise) the loss of useable ram.
I remember reading that microsoft pulled some of its 2003 server team off that project to help with SP2 and it shows.
The only quirk I have with it is security center not understanding that I have symantec installed. Its *is* one of the two largest anti virus vendors…
The 30,000 seat org where I am part of the IT area has yet to make the move to SP2, despite the fairly clear and obvious preference from Microsoft that XP users update to it sooner rather than later.
Being a 30,000 seat org, the workstations obviously don’t use automatic Windows Update, and so this ‘artificial’ deadline won’t impact us. What’s important is to have an actual plan in place to move to it, which we do. As you might expect, integration testing will take as long as it needs to take to make sure that no build-included applications are affected. Those who have worked in orgs of such a size will know that ‘just deploying it’ is not, and never will be, practical. Even a single-digit percentage rate of failure is a big issue, especially if it hits higher in the hierarchy.
It’s interesting the article didn’t cover Microsoft’s perspective – beyond their marketing materials, that is – regarding SP2. The message from most users is quite clear: they don’t want to have any involvement in Internet security, they want someone to wave their wand and make it all magically go away, “it all” being defined as “all forms of malware”. Microsoft has what they believe is just such a wand, in the form of SP2, but it seems that’s unpalatable on the basis that Microsoft are taking the “Personal” out of “Personal Computer”.
Now, I wouldn’t want the several hundred MB of SP2 downloaded and installed on my PC without my permission either. But that’s a different issue than not wanting SP2 installed, period.
The only quirk I have with it is security center not understanding that I have symantec installed. Its *is* one of the two largest anti virus vendors…
That’s absolutely, 100%, Symantec’s fault. Most of the other antivirus companies fixed this many moons ago. I’m not a huge MS fan, but it must be incredibly frustrating for them to receive ‘SP2 broke <insert_web_updated_app>’ complaints after giving software companies a grace period to get things sorted out.
I don’t understand why people keep using Symantec rubbish.
Use a free one like AVG, and if you want to support the development buy their Pro edition.
ms shouldnt make IT people upgrade to sp2 if they dont want to. sp2 installed fine on my computer because i did a clean install with original dell oem disc then i immediately installed sp2 and after that i installed my applications. sp2 makes major changes to the windows os. a clean install is the only way to go. ms should have given them one year to install the service pack before removing the blocker.
“The only quirk I have with it is security center not understanding that I have symantec installed. Its *is* one of the two largest anti virus vendors…”
Can you be more specific? I had Symantec Norton AV 2003/2004 for home users- Symantec released a patch for SP2 to recognize it.
I now run Symantec Norton AV 2005 for home users- not only SP2 recognized it without any patches from the vendor, but SP2 also realized NAV 2005 has its own firewall- so SP2 recommended me to disable either Windows Firewall or Symantec firewall to avoid potential issues. I let them run both- no issues whatsoever.
It is not recommended, of course, to have two firewalls running, but it’s a good example of what vendors did to accomodate SP2.
30$ for more ram? I live in Bulgaria. And work for 120$/month. Cool:)