The Verdict on WinXP SP2? 471
A reader writes: "Now that time has passed, people have been giving their opinions as to the effectiveness of Windows SP2. The jury has been good, but mixed." The ITMJ Product Guide is part of OSTG; what's been your, if any, experiences with SP2?
Huh? (Score:5, Insightful)
And there are no user reviews on the site - the four-day old "discussion" has been "archived".
Re:Huh? (Score:2, Informative)
You can always uninstall it. [tech-recipes.com]
Re:Huh? (Score:5, Interesting)
In my case, SP2 has been a mixed bag, but in a very strange way. At work, I upgraded our entire fleet using SUS (we're a small company of about 50 machines) after testing with a few testbeds. Outside of explaining to users what the information bar was, it installed like a dream. I was very satisfied to see even basic stuff, like the admin share, closed off via the firewall until you open it.
On the other hand, my home computer has been less than friendly. I built a cutting-edge rig with an Athlon 64 chipset, and I've run into all kinds of strange bluescreens. A lot of them have to do with DEP (data execution prevention). I want to leave it on, but I've had to create so many exceptions I wonder how useful it is. Offhand, two apps I know cause problems are UT2004 and NAV 8 (haven't tried 9 yet). I'm not too thrilled that *programs* now (not just drivers) can bluescreen a current NT OS.
Overall, I'm fairly satisfied with it though, just based on work experiences. The problems at home are addressable -- although I'd hate to be young and foolish, just building my first gaming rig, and wondering what the hell is going on.
Re:Huh? (Score:5, Informative)
After having to boot into command prompt safe mode and editing the boot.ini file, I managed to get my machine functioning fine again. AntiVirus (trend pc-cillan) claims the machine is clean, I hope it is because it seems that I can now only work with DEP set to AlwaysOff.
Other than that I have had not real issues with SP2 other than the expected things where stuff was changed from "on by default" to "off by default"
Re:Huh? (Score:3, Informative)
It hosed my video driver. I couldn't see anything once I rebooted except a weird block for a mouse cursor. Took my all night to figure out to boot to Video mode or some such. Once I put in the new driver all has been well. Though the USB mouse is still slow in returning after sleep.
Re:Huh? (Score:3)
I'm guessing MS only tested it on a newly installed system.
Working fine for me (Score:5, Informative)
A job well done, though it'll pain a moderator to let that last comment stand.
Re:Working fine for me (Score:2, Insightful)
Bad move, I'd say. As the article points out, the windows firewall is inbound only. You should still have a software firewall in case you get a rogue application trying to get outbound access. Even if you never install any more applications, you might not be happy with (for example) Windows Media Player or some other MS application 'phoning home' unexpectedly.
Re:Working fine for me (Score:2, Insightful)
Did your copy of SP2 include a hardware firewall for free then? Hint: The firewall in SP2 is intended as a basic firewall solution for those who do not already have a firewall. If you already had a firewall running you should have left it running; your existing firewall will have more features and be more secure than the one supplied with SP2.
Re:Working fine for me (Score:3, Interesting)
Before SP2, I thought that I was going to be able to quit my job and start a Windows reinstallation business because of all the spyware out there. SP2 stops nearly all of it because it disables ActiveX plug-ins by default. Although it does allow the user to install them through the 'information bar', these are the same idiots that were previously clicking 'yes' on the security warning so that they could get to the porn or MP3s
Re:Working fine for me (Score:2)
beta versions of SP2 have been available for just shy of forever, or you know, more than 6 months at least.
SP2 is risky (Score:5, Interesting)
The computer got 5 seconds in to loading Windows before getting a BSOD (which lasted less than a second) before rebooting again.
And again. And again.
After 5/6 crashes it was obvious SP2 had royally fucked the PC up. Luckily we managed to boot up in Safe Mode and use System Restore to undo the effects of SP2 and now the computer is working normally (in fact, the IE problems seem to have gone!).
Now I am very dubious about installing SP2 at work, I think we'll be forced to upgrade before long but MS clearly still have some bugs to squash.
Re:SP2 is risky (Score:2)
Re:SP2 is risky (Score:5, Interesting)
At work we're running Spybot, Ad-Aware, and a full virus scan before we even THINK of dropping SP2.
SP2 didn't break the PC, SP2 exposed bad practices in PC ownership. (and BTW, I'm no MS fanboy, I'm MS-free at home and a full-time Mac tech).
Re:SP2 is risky (Score:4, Informative)
There were no updates from Windows Update except for SP2. As SP2 is officially endorsed by Microsoft you would assume that if the PC was working before the upgrade then it would continue to work after the upgrade was installed, right?
There is no denying the fact that SP2 was responsible for making the PC reset part-way through the bootup procedure.
Re:SP2 is risky (Score:2)
So let me get this straight... (Score:3, Insightful)
So let me get this straight... Microsoft's ueber-update to improve Windows security works great, as long as you install it on a machine that was already secure enough not to have malware/spyware on it?
Re:So let me get this straight... (Score:3, Insightful)
It's really not hard for a reasonably intelligent person to understand - SP2 replaces windows system files with new versions
Re:So let me get this straight... (Score:4, Insightful)
OK, now please breathe deeply, step back, cut the implied ad hominem attacks, and think.
The problem here is not the malware, unless a patch in SP2 is intended to remove that malware. The malware is, well, "mal", but it was before anyway. The problem is that installing SP2 on many systems is making the situation worse. Please see my reply to the AC, and note the trivial steps that could be taken to fix most of the mess in the situation you guys are describing. Also consider that if installing SP2 results in more downtime than all the security flaws in recent history, as has been the case for many of the people I know who've been brave enough to try it, maybe that's not progress.
Then you might like to check the numerous tales of woe from technically competent people whose systems were swept for the usual gremlins before the install, but who still had their OS taken out. Blaming the mess entirely on malware is a cop-out, unless you consider installing the only drivers available for numerous hardware devices, which worked fine prior to SP2, to be installing malware on your system.
Of course they could do better (Score:3, Insightful)
Not in 100% of cases, but at the very least they shouldn't make those systems any worse. By the arguments people are giving in reply to my previous post, no security patch can ever install reliably, yet strangely, many have until this point.
For a start, Windows XP is supposed to have filesystem protection in place to prevent permanent changes to key Windows system files. This was one of the much-hyped benefits of upgrading, if
Re:SP2 is risky (Score:2)
Re:SP2 does not fix computer problems for you (Score:3, Insightful)
If IE or any part of the system was borked, you should have run a virus scan, spyware scan, and troubleshot the problem before slapping SP2 on.
Never assume a security update can solve already existing errors within the operating system. SP2 is not to blame here, refusal to solve the problems before upgrading the system is on your side.
although it *does* fix a lot of stuff (Score:2)
Re:although it *does* fix a lot of stuff (Score:2)
Too many variables to slap on a huge system upgrade when holes and bugs could exist in things the user did, and thus not something an sp2 could fix. Don't rely on
agreed (Score:2)
Re:SP2 does not fix computer problems for you (Score:2, Insightful)
Re:SP2 does not fix computer problems for you (Score:2)
Well, SP2 is also a service pack, which generally points at also including fixes.
If the problem is the result of a bug in Windows (which is definitely not the only option, but one of the more likely options) then installing fixes is the only way to solve that problem, and the past decade has tought people that
I agree. (Score:3, Informative)
Re:SP2 is risky (Score:5, Informative)
If you're unlucky and have a notebook from Acer before October, it's at risk of crashing horribly, for example. Acer said they didn't support SP2 before that date and refuse to give support for any problems caused by their conflicting drivers they didn't fix before SP2 went RTM, by testing with the numerous public SP2 betas.
Re:SP2 is risky (Score:3, Interesting)
Actually, Windows is simply very volitile when it comes to upgrading to any service pack. No matter what service pack it is for what MS product, you always hear someone with a horror story about how upgrading to the new service pack totally destroyed their data, killed their cat, and phone in a bomb threat to the White House.
While I am not discounting your first-hand experience, becuase it does truly happen, more than likely the culprit was some poorly-written anti-virus software, or some spyware/malware
Fine for me (Score:2)
Re:SP2 is risky (Score:2)
If you are happy with SP2 and want to save disk space:
In the windows directory, delete:
$NTServicePackUninstall
SoftwareDistrib
This should bring your XP installation below 1.5GB (still stupidly big, but smaller than before).
Can't fight it. (Score:2)
Eventually we're all going to HAVE to upgrade, MS isn't going to support SP1a forever. May as well do it now, if your apps run (don't have any t
so DO IT RIGHT (Score:2)
Oh yes they can :-) (Score:3, Informative)
They'll support it as long as megacorps are refusing to upgrade their desktops to SP2 because of all the instability problems. I work for one, and we're all under strict orders not to download the update until it's been properly checked out by our IT guys. Go on, tell me you haven't heard that from millions of others as well. :-)
It's just like dropping support for old versions of Windows itself: MS would love to, but
Re:Can't fight it. (Score:2)
Our policy for September was 'wait and see' because we hadn't tested it. Now it seems OK but the network managers are dragging their feet on giving us the go-ahead (it's not really their say anyway, it's desktop's). I've been pushing it since October, and now the desktop team is pushing it to any machine that gets reimaged or comes through the shop.
As for educating to use the firewall, there's more to it than that. we've got two desktop techs (myself included) for 1,3
My experience? (Score:3, Interesting)
Since installing it on my brother's computer, my Mum and Dad's c computer. I've found myself having more time to watch TV, then trying to rid their computers of adaware and trying to explain to them why hundreds of screens pop up all the time.
I am not a Windows fan by any lengths, but hey. It's saved me some hassles so I am a happy camper.
I demand a mis trial (Score:2, Informative)
EULA (Score:2)
A Simple Plea (Score:5, Funny)
Please keep the Service Pack 2 shot my mother and buggered my dog posts to a minimum.
Thanks,
Re:A Simple Plea (Score:5, Funny)
Re:A Simple Plea (Score:5, Funny)
SP2 mothered my dog then shot my bugger. It was a very bad day for the Hive that morning, I'll tell you.
Love,
Ender
problems (Score:5, Informative)
1) Search no longer working
2) Windows installer no longer working
and the fixes MS lists involve long registry edits that don't usually work. And these problems happen on most machines I put SP2 on. :-\
and they don't for the millions of machines (Score:2)
what does this tell you?
Re:and they don't for the millions of machines (Score:4, Informative)
The root cause of a lot of these problems are viruses, spyware, and adware, which is funny because those problems are what SP2 is supposed to fix. Anything that mucks around with any system files gives SP2 fits, especially the network stack. Luckily, most people have either got SP2 now, or have automatic updates disabled until such time as they can reinstall Windows so that they can update their machines again.
XP Search never worked. (Score:2)
Justin.
Did not RTFA... (Score:2, Interesting)
So I understand the reason why most of the big Swiss companiesI am working with decided to stay on Windows 2000 (with ActiveX and VBScript deactivated).
Re:Did not RTFA... (Score:2)
I say it's positive overall (Score:2, Interesting)
Re:I say it's positive overall (Score:2, Informative)
All machines upgraded so far without a hitch. The (newish) firewall seems fair enough and it's actually quite nice when it pops up a window and tells you that something is trying to talk to the world. Downside? Some MS related programs (and Yahoo messeger to name but one) automatically open ports in the firewall.
Even installed a laptop from scratch with a slipstre
Re:I say it's positive overall (Score:2, Informative)
The popup killer is also better than the one I was using previously.
I'll give SP2 one thumb up.
it broke shareaza (Score:2)
as for me, I have a hardware firewall thank you very much.
Re:it broke shareaza (Score:2)
Stability SLIGHTLY worse, but otherwise good... (Score:2)
It's a Dell Inspiron 1100.
Re:Stability SLIGHTLY worse, but otherwise good... (Score:2)
things were just suddenly working (Score:3, Funny)
"After spending an hour on the phone with Microsoft's India-based support team, I resolved the problem. Unfortunately, I never figured out the cause or the fix; things were just suddenly working."
HE resolved the problem without knowing the cause or what he did! WOWSA, it's like magic DOODZ! Better grab this guy for your support team, he's worth his weight in gold!
MS Hint: When speaking to Indian based MS support, for best results, hop up and down three times on left leg. Please contact support if leg is inoperative, leg is missing, or gravitational challange is experienced. A patch will be provided.
The jury has been good, but mixed. (Score:3, Funny)
Or do they mean that the verdict was good, but mixed. Which means...mixed, and not good.
It looks like the grammar and spelling of the articles posted here are being dumbed down to the level of most of the comments!
Re:The jury has been good, but mixed. (Score:3)
BLAH.... (Score:2)
the verEdict on slashdot editors... (Score:2)
:D and neither do I (nt) (Score:2)
I think it's very simple (Score:4, Interesting)
SP2 improves security. This is Good.
Some applications rely on insecure functionality. This is Bad.
SP2 breaks some of these applications. If this affects you, you will need to find different applications before you install SP2, or secure your system in a different way.
The upshot is that Real operating systems and applications are not affected by this.
Re:I think it's very simple (Score:3, Interesting)
SP2 breaks some of these applications. If this affects you, you will need to find different applications before you install SP2, or secure your system in a different way.
While it is easy to say that, in practice, it's not that simple. At home I have no real issues with SP2. At work though, my company has many issues with it. SP2 breaks many custom applications that we use, and I think many other businesses are in the same situation. In ou
Re:I think it's very simple (Score:4, Interesting)
They are there because of their own choices, though. They went with an operating system whose APIs had not been exposed to the test of a networked world. Now it turns out these APIs did not withstand that test. It's a risk they took, and now they have to pay the price. Supposedly they saved money back in the day by choosing Windows over UNIX, so it's not all that bad.
I am on linux you insensitive clod (Score:2)
Oh I do got my windows game machine but that is windows 2003 (it ain't xp wich is why it is better).
No SP2 for that either then again it is firewalled with a proper firewall and only runs games. Nothing else.
Intresting eh? Considering MS own figures on XP takeup this is not all that rare. Many many people are still on w2k or 98. Until recently for home use their was no reason to upgrade. I think only Star Wars Battlefront claimed to re
Security center is a bitch. (Score:2)
It does not detect my (kerio 2.15) firewall. (and running 2 firewalls makes the system less secure than running 1!). Was this so hard?
It did not detect my norton antivirus.
What updates? I want uptime, not updates! The new settings for updates rebooted my computer once without me at th
SP2 sometimes breaks VNC (Score:2)
Has anyone else had problems or s
Working great for me (Score:2)
I use Kerio's firewall instead of Microsoft's (which should really have controls for outgoing traffic) and Firefox instead of IE so these are unused and can't really comment about them.
Re: (Score:2)
Overall no problems. (Score:2)
At work we have had 2 problems on home computers, had a few others but that was because they already were running a firewall and left the SP2 on one, disable that it started working. The first one could not get links to work anymore using outlook express and internet explorer(no firefox comments). The other was a problem with a power outage in the middle of
My systems been hosed 3 times (Score:2, Informative)
No Problems on 3 Machines, But No Real Change (Score:3, Informative)
Well, I've installed it on four machines now (my one at home and three at work), and I haven't had any problems with it. All four machines came up and worked as expected.
About the only change I noticed was that the Security Center was yelling at me on my home machine for not having virus protection, a firewall, and not having automatic updates installed. So I disabled those alerts. (I have my reasons for not using any of that on my home machine - the biggest one being that it's behind an actual firewall that blocks all incoming connections.)
Since I don't use IE and instead use Firefox on all four machines, I haven't noticed any real change with IE yet. About the only thing I noticed was that it apparently doesn't run JavaScript on local HTML files without prompting first, which is kind of weird. Oh, and it warns you before running programs you've downloaded off the Internet, even if you don't run them through the Download dialog.
So, ultimately: no problems, yet, but no real improvements that I've noticed. Granted, most of the improvements were supposed to be added security, so it's not like I'd magically notice my box was more secure. They just kind of run like they've always run.
According to MS ... (Score:2)
IIRC, wasn't SP2 first mentioned when their new Trustworthy Computing initiative was announced?
Let's see... (Score:5, Insightful)
Although I'm not an NT admin, I did install SP2 in a couple of places, and here's my take:
1. Added a simple, probbably far-from-what-we-here-on-/.-would-call-decent but TURNED-ON-BY-DEFAULT firewall to joe-clueless-user. IMHO, this will severely reduce virus infections on the vast amount of joe-user machines that are not properly mainained with good up-to-date malware-protection.
Yes, a minority of 'joe-average's will have stuff break due to this, but the majority will benefit.
2. Enabled windows update by default. Again, will severely increase resilience of a vast number of joe-poorly-mainained-user boxen.
3. Tags files that were downloaded from the internet as such, and gives a proper warning when attempting to execute it. Another simple idea that will decrease suffering of people from malware.
4. [...Finally] added a decent popup blocker.
5. IP configuration GUI improvements. After 9 years of renewing a DHCP lease from the command line, they finally put a "right-click-on-tray-icon--->>REPAIR" option that gets a new one. right-click-->STATUS was also complemented with a new tab that... SHOWS MY IP ADDRESS. BRILLIANT!
Sheesh, and it only took them 9 years. Buy hey, better late than never, I say.
6. After 2 years with flaky, unstable, bugged, alpha, crappy user UNfriendly blowatware bluetooth drivers based on the WIDCOMM "my-dog-can-write-better-software" SDK, Microsoft finally threw in their long awaited BT stack. And boy, was it a sight for sore eyes. It supports all my BT plugs out-of-the-box, Its simple and intuitive to use, and works like charm. BT network driver works great, as does syncing with PDA and a symbian phone. No more 30-minute battles with the Nokia suite, the BT tray icon that stopped responding and a guess-list of 12 serial port drivers to sync my phone with Outlook.
I tip my hat to MS for issuing an *excelent* BT driver suite, albeit 2 years overdue.
And yes, they crippled raw packet API on the TCP/IP stack, so nmap had to write a little workaround.
So go ahead and bash MS all you like, but as far as both myself and quite a clueless family members I inevitably get to support are concerned, SP2 did good. If fewer people have to spend their time, money and nerves treating virus-related computer problems, all the better.
Kudos Microsoft, and thats coming from a hardcore UNIX geek and fulltime Linux/Solaris admin.
Flame away kids.
SP2 == Big Improvement (Score:3, Interesting)
The XP SP2 security center is the greatest thing to come out of Redmond since the start button. it forces users, through alerts to be aware of the vunerabilities of their own system. if they are without Antivirus, Firewall or automatic update, it tells them, and keeps telling them, until they fix the problem. This alone has saved me countless hours of explaining why security is important to people who just don't give a shit. For some bizarre reason, lecture after lecture from a techie on security will result in a user who still installs spyware ridden file sharers and smileys, browses on IE and won't install a simple antivirus, and who thinks your being paranoid. And yet a simple taskbar bubble proclaiming 'Your computer may be at risk' grabs and holds their attendion, to the extent that they actually do secure their PC(In as much as a windows PC can be secured).
Security Center Rocks!
Time for a Gnome Version methinks.
P.S.
BITS is also a lifesaver! Now at least when little annie stops downloading MP3's for 5 minutes, updates will actually be downloaded.
P.P.S.
Remember to set the install time for the updates when you fix computers for friends and family. I find 0600 is good. Everyone is in bed, so no panic results when the installer dialog pops up. Of course the computer must be on 24/7 , but just tell them that turning it on and off too much will break it.
SP2 is good for lusers (Score:3, Insightful)
1) Application warnings
In a similar way to some adware programs (such as WinPatrol), SP2 warns when new applications are trying to add themselves to your startup and gives quite a good explanation as to what is going on.
It also warns if applications are trying to contact the internet like some of those personal firewall things.
2) Internet security warnings
You know those dialogs "This is a really complex technical thing about running ActiveX controls and you know nothing about them, hey, so just click Yes or press Enter because that's what we've decided to default this dialog to". Well those are now quite different. The Action button to say yes is actually disabled for about 5 seconds or so to encourage reading of the dialog (and its better worded) and they also don't default to evil actions.
A few other things I like:
* They've hidden all of those pesky updates from Add/Remove programs, you can turn them on with a checkbox. My Add/Remove was becoming ridiculously long with all the automatic update patches showing up as installed applications.
* Much improved Wireless networking capabilities. Made it user friendly enough for lusers to understand and configure without impacting on advanced capabilities.
I haven't had any major problems as some others seem to have had (and neither have the 100 odd people in my company who have also updated), so I can't comment on that. All I can say is that I've updated certain "stuff" on my linux boxes before that has broken other things, so lets not get overly critical about one or two teething problems.
As much as I hate to admit this, I think that MS have actually done quite a good job with SP2.
"official" Blue Tooth support.... (Score:5, Insightful)
Oh yeah.. the WiFi support and interface is MUCH bettter too.
Re:My experience? (Score:2, Interesting)
Of course I'm exaggerating the "works great" part. My GPRS enabled celphone stopped being a modem and became a phone. That means it could no longer work for dialup networking.
This problem means little or nothing to anyone who doesn't own a Sony Eriksson T220. To me it's the difference between internet access or staying offline.
Re:My experience? (Score:2, Funny)
Re:My experience? (Score:4, Insightful)
Quiz: How many of you run Linux only? Now how many of you are blown away by Half-Life 2? I rest my case.
Re:My experience? (Score:2, Insightful)
Half life 2 may be a cool game and all but until they release a Linux release [re: never] I won't play it on any of my machines.
Tom
Re:My experience? (Score:3, Interesting)
what's this windows you speak of?
Re:My experience? (Score:4, Interesting)
Finally, some combination of turning ot off, rebooting, logging in, turning off, etc, finally got my user account to turn the thing off (I use ZoneAlarm Pro). However, when my wife logs in on her user account, the firewall is on again, and she can't turn it off.
Otherwise I haven't had any problems with SP2. I disabled the security center process too while trying to figure this mess out.
Re:Don't know if it's XP, or XP-SP2 (Score:2)
Re:Don't know if it's XP, or XP-SP2 (Score:4, Informative)
Re:It sucks (Score:2, Informative)
It's got all the goodies you want, including allowing full-access to specific processes and ports.
The firewall was there in SP1 too though, it's just on-by-default in SP2. I fail to see the big deal with it. It's almost an admision of defeat to install the firewall by default.
Also, if I were MS, I'd ask 'do you share files in your home with Network Places?' with a default of 'no' and remove the 'file and print sharing' service, which is a HUGE
Re:It sucks (Score:3, Insightful)
Why? Is there a reason that a computer should by default allow all traffic to flow in and out without any user interaction at all? Firewalls are not just an indispensible first line of defence (for while you're getting those patches, be your OS Windows, Linux, BSD, whatever), but also an essential tool for you to retain some control over your network/internet connection.
Re:It sucks (Score:3, Interesting)
It is a simple segregation of duties issue - a sensible defence from the internet is a filtering router, firewall, DMZ if you need it, AV on your mail gateway and PCs.
And then you need to seriousl
Re:It sucks (Score:3, Informative)
You can get Cable/DSL "routers" for less than $100. They're not full blown firewalls, but they can provide NAT and at least removed the machine from being directly connected to the internet.
Re:It sucks (Score:5, Insightful)
Every linux distro I've installed in the past 8 years has come with a firewall on by default, and most of them were configurable during the install.
I guess it isn't only MS that's defeated.
Bummer.
B
Re:It sucks (Score:3, Informative)
The TCP port filtering still exists in SP2 as well.
Re:It sucks (Score:2, Interesting)
In addition, it's an application level firewall (AFAIK the internet connection firewall in WinXP was only a level 3 'block any incoming connection' solution).
As I said, neither state-of-the-art, neither jun
Re:It sucks (Score:3, Insightful)
Re:WHAT?! (Score:2)
See that little "Advanced" tab beside the firewall? Yeah, you might want to take a look at that beforehand.
Re:WHAT?! (Score:4, Informative)
I never said it could do outgoing, and I did say that there are better alternatives out there. Don't get me wrong, I know the firewall in SP2 is limited, but I also know that the information the parent poster provided was completely inaccurate. MeErely wanted to clear up a few things.
And yes, you are entirley correct. The custom section does have that minor exploit, but since the SP2 is targetted moreso with home users 255.255.255.0 would only be their brother/father's/sisters/dog's computer on the same network as them, and thus only someone on the same home network could have unlimited access with default FW configurations. Of course, if I'm wrong please correct me. Also, if a buisness or anyone other than a typical home user network wanted to focus on security, then let's hope their tech knows enough to have a hardware firewall/router and not depend upon software alternatives.
Re:It sucks (Score:2)
As far as I know, the per application/port items on the advanced properties sheet do not apply to outbound traffic.
Re:firewall (Score:2)
Re:firewall (Score:2)
Re:It's a conspiracy I tell ya! (Score:2)
Re:My bluetooth was injured by XP SP 2 (Score:2)
Click on the link "change the way Windows alerts me" and uncheck all of the check boxes.