Windows XP SP3 Build 3205 Released w/ New Features

jBubba writes "Windows XP SP3 build 3205 is the first official & authorized release of the next Windows XP service pack; and has been made available to testers as a part of the Windows Server 2008/Windows Vista SP1 beta program. NeoSmart Technologies has the run-down on the included 1,073 patches/hotfixes including security updates. Contrary to popular belief, Windows XP SP3 does ship with new features/components, most of which have been backported from Windows Vista. Some included features: 'New Windows Product Activation model: no need to enter product key during setup. Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services. New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.'"

yeah

[Almir (1096395)]

i can't help thinking sp3 will make xp so much like vista, that you might as well go the whole way. sure hope i'm wrong though.

Elegant MS, really elegant

[rueger (210566)]

"Windows XP SP3 build 3205 ... has been made available to testers as a part of the ...Windows Vista SP1 beta program."

God, I love this company!

Re:Elegant MS, really elegant

[ScrewMaster (602015)]

God, I love this company!

Well, between you and Steve Ballmer, that's two.

Re:

[ScrewMaster (602015)]

and Bill promised never to call him "Uncle Fester" in public. The rest, as they say, is history.

Can't argue with that, but personally I think Ballmer more resembles an evil Peter Boyle.

I would like to note something

[Daimanta (1140543)]

The Windows Server 2008/Windows Vista SP1 beta program is not in charge of Gundam.

Re:

[yanos (633109)]

Read me [slashdot.org]

For those too lazy, apparently some people over the ministry of agriculture of Japan were caught editing the Gundam page on Wikipedia while they were supposed to work. Hence the phrase "The agriculture ministry is not in charge of Gundam".

WGA will doom it.

[Deathlizard (115856)]

If it's got WGA like Windows Vista? Then no thanks.

That's the only reason we're staying away from Vista, and if this new activation is anything like that then it's SP2 until they drop support for it, and maybe something else (Linux, OSX) after that.

I've said my reasons we stay away from Vista In my Journal. [slashdot.org] I'm sure we're not the only workplaces saying the same thing. Especially if the computers are not anchored to the network and are off the network for months at a time like our systems are.

Re:

[alexhs (877055)]

if it's got WGA like Windows Vista? Then no thanks.

That's the only reason we're staying away from Vista,

And I guess it was the same reason to keep w2k and stay away from xp ? Why are you using xp then ?
If this is your only reason, you better switch right now, as applications will soon require this sp anyway, or require vista.

Re:

[Deathlizard (115856)]

Why are you using xp then

At the time we made the OS decision, We were running Windows 98/ME for whatever reason and XP was out for 5-6 months. Since we knew 2000 was on the way out and XP didn't have WGA or activation at the time for corporate accounts, we didn't see any reason not to switch to XP.

Eventually WGA came out, but it was still optional with corporate accounts. WSUS servers don't send out or receive the WGA updates Even if you wanted them. You would only get the updates by going directly to Windo

And best feature of all!

[Chas (5144)]

"Are you SURE you wouldn't like to upgrade to Windows Vista?"

[Upgrade Now] [Upgrade RIGHT NOW] [FUBAR Existing System]

The only thing that's interesting

[Opportunist (166417)]

most of which have been backported from Windows Vista.

Including DirectX 10? Few things about Vista are interesting besides that.

What "massive rewrite"?

[Joce640k (829181)]

DirectX is just a COM interface to the video driver.

The main differences between DX9 and DX10 are new shaders and getting rid of all the legacy capability bits, neither of which has any dependency on the operating system or driver model.

I bet that if Microsoft gave the go-ahead to ATI/NVIDIA/INTEL there'd be DX10 support for XP in the very next release. The only reason they aren't doing it is because Microsoft is artificially blocking them.

They did the exact same thing with OpenGL when Vista was in Beta. Microsoft went around making a lot of noise saying "It can't be done!!" but the driver writers were saying it was easy. Eventually they gave in and Bingo! We have OpenGL on Vista.

Re:What "massive rewrite"?

[suv4x4 (956391)]

What "massive rewrite" [..] The main differences between DX9 and DX10 are new shaders and getting rid of all the legacy capability bits, neither of which has any dependency on the operating system or driver model.

Oh you missed the part about the rewritten API and Object Model?
Or about the new kernel mode / userspace mode separation of the GUI (DX10 does, in fact, depend on new kernel features)?
Did you also miss the fact DX10 GPU's can natively multithread?
Or that they can use virtual memory?

Now, whether you can get it on XP or not: port enough of the Vista bits back and you can get everything in XP, you can in fact just slap XP label on Vista and call it a day.

Whether Microsoft should do that is another issue. It's perfectly legitimate of them to put major efforts on their new OS. I'll be happy if they, however, are quicker next time with the stability/security fixes on their legacy OS. I've been waiting for XP SP3 forever.

Re:

[TheRaven64 (641858)]

It's not that it can't be implemented without the new driver model (after all, NVIDIA's already supporting DX10 equivalent OpenGL extensions on XP - and Linux), just that it has been implemented that way. There's no way MS will spend money doing a massive re-write/back-port of DX10

They might if game designers start looking at nVidia's OpenGL extensions and thinking 'if we used OpenGL, we could get the same graphics quality as DirectX 10 with the same potential audience as DirectX 9. Maybe we could even do a Mac port cheaply...'

DirectX 10 support?

[shawnmchorse (442605)]

It might actually get some traction that way, if it's not just being used to shove Windows Vista at people...:p

New features, backported from Vista ?

[Hymer (856453)]

But didn't Microsoft say that it is impossible to backport features to XP from Vista due to major differences in the system ?
...and since it is possible, will we be getting DirectX 10 on XP too ?
...and if not, why not ?
--
btw. how can this be good for Vista ?

Re:New features, backported from Vista ?

[realdodgeman (1113225)]

It will make XP slower and it will feel more like Vista. So everybody will go "hey, now the difference is so small, I could just upgrade and get DX10 anyway".

Blackhole Avoidance?

[99BottlesOfBeerInMyF (813746)]

Does anyone have any details on the blackhole routing avoidance feature? While the summary claims blackhole routers are "rogue" routers, blackhole routing is the most common way to stop DDoS attacks and excessive worm traffic from giant botnets of Windows machines. If the OS now offers botnet operators an easy way to bypass that rerouting of malware traffic, this could have serious detrimental affects upon the internet as a whole.

Re:Blackhole Avoidance?

[the unbeliever (201915)]

black hole routers are not null routes.

black hole routers just drop packets that are "too big"; null routes are self explanatory, and are how most ISP's stop DOS attacks.

Re:Blackhole Avoidance?

[Slashcrap (869349)]

Regardless of what you want to call it, if Windows is starting to try some sort of verification and automated avoidance of such routes it could interfere with said defenses, possible resulting in routing loops, DDoSing a router somewhere, or use of more advanced defensive techniques.

You seem slightly confused about how the Internet works, so I'm guessing you work in sales. How exactly is your average Windows machine going to avoid these routes? Or influence the paths that its packets take once they've gone past the first router in any meaningful way whatsoever? Theoretically you can do some tricks with the various lesser known ICMP message types to change the routes that your packets take, but you don't seriously think that shit still works in real life do you? Just try doing some source routing from an average ADSL connected host and see how far you get. I guess if the Windows box was acting as a router for an ISP and running BGP then it could be an issue, but we're getting into the realms of surreal comedy here. Just remember that as a general rule your ISP decides how to route your packets, not you.

I'm pretty sure that the "black hole" stuff they're talking about is the old PMTU black hole issue. I'm equally sure that Windows 95 had a registry setting that turned on black hole detection, so I'd love to know what's actually new here.

Mirror.

[antdude (79039)]

NeoSmart server seems to be down. Here's a mirror [networkmirror.com].

I hate new features.

[khasim (1285)]

I was a service pack to only fix the bugs.

If there are new features, release them as a separate "upgrade".

Having both mixed together makes testing a real pain.

Re:I hate new features.

[tacocat (527354)]

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).

Now that there is a continuance of XP in the market, the best thing that Microsoft can provide that customer base with secure products. If they fail to then it gives credence to the competition laying claims on security. If I remember, one of the points Microsoft was selling XP on was the security it provided above the Windows 2000/98/95 platforms. So there is something of a commitment they have made to keep it secure.

If there's a diminished reason to migrate to Vista, as already demonstrated, then what?

Re:I hate new features.

[hedwards (940851)]

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

That's one way of looking at it. Another way is that if they backport a few features it might make less technically inclined people a bit less apprehensive about getting a new computer with Vista on it.

I suspect that the features aren't going to be any of the most important ones, and will probably be ignored by XP users, but I doubt that it will really hold people back from upgrading. The main reasons people are not upgrading have little to do with the new features, and much more with things like the lack of driver support.

Re:I hate new features.

[ShieldW0lf (601553)]

That's another way of looking at it. Another way is that they were given a shitload of money from people in the large media industries, and a red carpet right into the service-provider model that they so desperately want, only people are attempting to rebel against this, so they need to find another way to deliver the locks and keys onto peoples desktops.

Re:I hate new features.

[cmacb (547347)]

I suspect that the features aren't going to be any of the most important ones,

Right.

The most important features of Vista were dropped before it ever hit the street.

Re:I hate new features.

[suv4x4 (956391)]

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

I've been thinking the same thing, and still, I don't know if pressure alone made them backport Vista features. People just want the patches rolled up in a SP. Vista security features was unexpected move.

Put this next to the toned down Vista campaign.

I have the feeling Microsoft are fully aware of the problems of Vista, and I wouldn't be too surprised to see them gradually backporting the better accepted core/security Vista features to XP until they arrive at a slimmer Vista, and throwing away or redoing the ill mouthed Vista features (such as the current allow/deny security model which often asks the wrong questions and doesn't learn, or clarify the source of the action).

If only they realized this, they wouldn't waste 5 years on grand vision ideas and arriving at an OS that's basically worse than the sum of its parts.

Vista: the spare parts OS. Backport and reuse as needed.

Re:I hate new features.

[RAMMS+EIN (578166)]

``Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).''

In Soviet Russia, government controls commerce.

Re:I hate new features.

[Allador (537449)]

Funny, I'm an IT department for many companies, and I'm not cringing in fear or having nightmares over Vista.

For corporate IT, Vista is easy. Roll it out when and only when, its been tested, proven, and your organization is ready for it. Until then, just dont roll it out. Easy as pie. Now, if you've got end-users buying machines and trying to connect them to corporate resources without your control, then thats not corporate IT, thats just a bunch of people doing whatever they want.

And the black hole router detection is useful, and makes a lot of sense. If you're seeing problems with it, then it just may not be fully baked yet, and you need to give it time to settle out.

I mean geez, its not like anyone is forcing anybody to upgrade or anything. Your orgs should probably be at least considering buying vista with all new machines now, or as part of your VM purchasing, and just use the downlevel install options for now, that way you own it when you're ready.

If you're encouraging your clients to install Vista, when you know they're not ready for it, and its not ready for them, then you're a bad consultant.

If you're telling them its not ready, and they're doing it anyway, and then calling you for help, then you deserve every penny and more from those hours, cause you've got bad clients. :)

Re:

[Bacon Bits (926911)]

I doubt it. Windows 2000 SP4 was still shipped with IE 5.01 (the version that shipped originally), and, indeed, it is the only way to apply the last service pack for IE 5.01.

Re:Windows Product Activation?

[HaloZero (610207)]

2K SP3 & SP4, and XP SP1 and SP2 provided the ability to merge the service pack into the base install for the operating system. The final product is usually referred to as a 'slipstream' install - it allows you to install Windows XP without having to patch to the absolute gills, just the muck from after the latest slipstreamed service pack.

After slipstreaming SP2 into my base XP install disk, a flat-format install did take a bit longer, but device propagation was FAR, FAR IMPROVED. There were a few other niceties, but they go beyond the scope of this post. I wouldn't be surprised if they're referring to changes made in the slipstream of the base install.

Re:Windows Product Activation?

[corychristison (951993)]

It should be noted that Slipstreaming is not as daunting as most people expect... nLite [nliteos.com] can help that problem and adds a lot of 'hacks' for the install as well. These hacks I speak of are more like features, such as adding Vendor information, as well as including the Serial # right in the install. You can setup an Unattended Setup... that is, you can pre-set all of the questions Windows Setup usually asks during installation.

:-)

Re:Windows Product Activation?

[nmb3000 (741169)]

nLite can help that problem and adds a lot of 'hacks' for the install as well.

nLite can also completely frak up an XP install. One specific instance that we encountered when someone in our office used nLite was the inability for anyone who was not an administrator to use USB devices. None. The only way Windows would recognize and install the drivers for things like mice, keyboards, and flash drives was if you were an administrator. I've seen others, but this was one of the most problematic.

I very strongly recommend that nobody use it in a business setting or anywhere else you care about stability. If you want to customize an aspect of the Windows install process, do your homework and learn about it. Don't trust a black box to do it all for you.

Re:Windows Product Activation?

[DigiShaman (671371)]

I've never used nLite, but I have slipstreamed manually before. It's not hard at all! You can find a nice walk-through on performing your own slipstreaming and ISO building (bootable) here [winsupersite.com]. The instructions are practically spoon-fed. =)

Witch! Burn her!

[Oriumpor (446718)]

Don't throw something out because you don't understand it. nLite can be a very powerful tool in business to do the things you need to get done with a very nice pricetag. I've seen nlite do wonders for thousands of systems to streamline automated deployments.

What nLite did to windows in that instance the user TOLD nLite to do to windows.

Re:Windows Product Activation?

[schnikies79 (788746)]

If you just want to slipsteam, don't mess with nlite as it can really screw up an install if you don't know what you are doing, instead try autostreamer. [softpedia.com]

Re:Windows Product Activation?

[Dunbal (464142)]

Why would I need to enter the product key? After all, it comes in a .txt file called "serial" on the installation CD...oops

Re:

[ultramkancool (827732)]

Nah, on most cracked CDs you don't even have to enter it cause they're slipstreamed... you also don't have to do any activation cracks because they're enterprise... oops :)

Re:

[ahaning (108463)]

Please take a hint from your buddy [slashdot.org].

Re:But...

[Bacon Bits (926911)]

Yes [vmware.com] it does [microsoft.com].

Re:

[TheRaven64 (641858)]

Not the best example. Try this [colinux.org] instead.

Full text

[sr243 (944609)]

Following our coverage of the Windows XP SP3 beta leak almost a month ago in August, here's some more info on the official beta, which just had its first authorized distributable released earlier today. Say hello to Windows XP SP3, build 3205!

While the newly-released build and the one leaked a month ago (Build 3180) may share the same name, we can exclusively reveal that they are not identical releases. This release, also shipped as windowsxp-kb936929-sp3-x86-enu.exe, is 334.2 megabytes and has been made available to tier-one Windows Server 2008 and Windows Vista SP1 beta testers. Hashes are as follows:

CRC: 56e08837
MD5: c8c24ec004332198c47b9ac2b3d400f7

Along with the standalone installer redistributables (in English, Japanese, and German), Microsoft also provided the usual release notes and a list of all the hotfixes included in this release. Contrary to popular belief, Windows XP SP3 does ship with all-new features - not just patches and hotfixes, most of them backported from Windows Vista:

        * New Windows Product Activation model: no need to enter product key during setup. Thank God for that!
        * Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. You can read more about NAP here.
        * New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services.
        * New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.

Windows XP SP3 is compatible with all versions of Windows x86, included Embedded, Fundamentals, Start, Professional, Media Center, and Home Editions.

Windows XP SP3 now contains 1,073 patches/hotfixes, not including those in previous service packs. Of the 1,073 included updates, 114 are for security-related issues. The remainder are updates to performance & reliability, bugfixes, improvements to kernel-mode driver modules, and many BSOD fixes.

As with Service Pack 2, these include both previously publicly-available updates (whether through support.microsoft.com or via Windows Update) as well as any and all privately-redistributed updates for select customers or partners with specific problems/scenarios.

The first included update: KB123456 (April 7, 2006). The last: KB942367 (September 29, 2007).

We're checking with our MS contacts if we can provide you with the actual comprehensive list of updates included in Windows XP SP3, along with their descriptions and KB article links.

Re:Vista Sound

[Lennie (16154)]

The pulseaudio [pulseaudio.org] sound daemon does this.

screenshot [0pointer.de]

It allows for setting the volume per audio source.

Re:

[QBasicer (781745)]

It works by giving in addition to the main volume slider in the mixer/taskbar, providing a slider for each individual program using sound, like this picture. [arstechnica.com] The way, you can have Gaim/Pidgin sounds quite low, while you listen to relaxing music, but are waiting urgently for that important e-mail notification. I've played games where the sound is quite low to begin with, but then I get a message on my IM client, which seems fit to play a deafingly loud sound. IMHO, it's the only thing that Vista got right

Re:Vista Sound

[nuzak (959558)]

> knowing nothing about Windows Vista that sounds like an extremely stupid feature.

Sounds like you've distilled the standard slashdot response to any Vista article.

Of course as soon as Linux copies the feature, then it's a great idea.

Re:Slashdotted

[thsths (31372)]

> Never mind. I should get on with work I suppose.

Work? Didn't you get the memo that Sunday is off?

Re:Protection against black hole routers?

[pchan- (118053)]

So that when Windows wants to secretly download an update or send your data back to Microsoft, and you prevent them from doing so at the router level, they'll be able to detect it?

No. A black hole router is a router that incorrectly handles MTUs that are bigger than it can pass. That is, instead of fragmenting the packets, it just silently drops them. This makes for some very unreliable connections as only the bigger packets get dropped and smaller ones get through. This is usually a problem at the ISP level and has nothing to do with Windows updates. I now return you to your regularly scheduled tin foil hat.

Re:adding gasoline to the fire

[owlstead (636356)]

Don't be an idiot. The libraries that do this have been within Windows for ages. Besides, you can easily use XOR encryption if you just want to hide something. Not really secure, but you'll have to do crypto-analysis to get to the code anyway. Hell, you could use ROT-13. Are you going to look for assembly XOR or ADD routines? You'll probably find a few. Calls to this specific Windows API will be much easier to find.

I've been trying to find out what cryptographic features have been added to the FIPS security module in SP3. I'll be very surprised if there finally is some Elliptic Curve support or anything like that. It seems that .NET has some support for them, but Windows unfortunately still seems to lack support, even though the market is starting to show clear interest in EC crypto.

Anyway, the only thing I can find using Google is some page of Microsoft that's 7 years old. For the same FIPS module - for W2K of course. Does anyone have a link to more recent information? Currently there is little to discuss (unless you mention the missing PKCS#11 support by this arrogant monopolist).

Re:

[suv4x4 (956391)]

so now those viruses that morph and encrypt themselves to prevent detection ... we can't search for the little bit of code at the start that decrypts them because they'll just use a nice convenient windows API.

The cryptographic API-s in Windows, just like the cryptographic API-s in OSX and Linux, are used for hashing and crypoting data using industry standard algorithms.

This is what IE uses for SSL sessions, for example.

Let me ask you something: why do you have to speak about things you have no clue about a

Re:

[dbIII (701233)]

They would obviously want a driver for that chipset since that is really what an OS is about anyway. Some motherboards can pretend to be generic IDE anyway. I have seen win98 installed on a system with only SATA drives (the systems have very expensive A/D converter cards not supported by Win2k/XP).