The security benefits of XP SP2 are probably worth the risk of disrupting your system when you install it, says Simon Moores
It works - my laptop PC that is, following my decision to install Windows XP Service Pack 2 (SP2).
Without having fully backed-up my “production” work machine, I’m not yet confident enough to try it out without at least a week’s experience of SP2 in operation elsewhere, so the Hewlett Packard laptop was volunteered as the guinea pig for the experiment.
Having read through the experiences of others, I was worried that my wireless network would cease to function and my anti-virus protection would become invisible. In fact, the network carried on quite happily but did ask me if I wished to beef-up its security. Norton anti-virus, I’m told by the Symantec website, is still there, although Windows now warns me that it isn’t and a “Live-update” of my anti-virus software confirmed that everything was working as it should be.
The only change I’ve really noticed is the Windows Security Centre, which encourages me - and millions of other users - to take more care of my system’s security, while automatically switching my firewall on. Rather like the Norton Personal Firewall, Windows now asks me if I trust any application that appears to be breaking its security rules, an example being a Bluetooth application for my Sony Ericsson P900 phone, which I had to look up on the web before I knew what it was.
In the real world, however, readers have more systems to worry about than I have and many organisations are reportedly blocking Windows SP2 from automatically updating end-user PCs until they are completely satisfied that it will not break any vital applications. With this in mind, I have included a list of resources from Microsoft with this column that may be of help until you have made up your own mind.
Service Pack 2 is an optional update at the moment and Microsoft has given the world until next year before it becomes mandatory, a major step towards making this sorry industry a more secure place. Just to illustrate the depth of the problem, last month, a large IRC "botnet" controlling more than 10,000 personal computers was shut down by the security staff of Norwegian provider Telenor. Increasingly, such networks of remote-controlled PCs’ are available “off-the-shelf” to criminal gangs, commonly from Russia, who can quite literally rent them for extortion operations involving distributed denial of service (DDoS) attacks from supermarket-style underground websites.
“Bot” networks aggregate computers that have been compromised with “rats”, Remote-Access Trojans, allowing them to be remotely controlled by hackers. Netcraft reports that in the past year, the proliferation of e-mail borne viruses and auto-downloading trojans has dramatically increased the number and size of botnets, which now have economic value as Spam engines and tools in DDoS blackmail schemes. Compromised "zombie" machines were recently found on the networks of the US Defense Department and the Senate. In an earlier Computer Weekly column you may remember that I have questioned how secure our own public sector systems are following the Department of Work & Pensions scandal.
In a month’s time the UK government, business and the IT industry, will be fighting back with a national IT security awareness programme code-named “Operation Endurance”, which is still under wraps but has already started leaking to the press. The ultimate question is whether a government-funded initiative or the arrival of SP2 is enough to turn the tide or whether we have now reached a critical mass of insecurity which makes any short-term vision of a secure knowledge economy a hopeless aspiration rather than a sensible proposition.
Help with Windows XP SP2
- Windows XP SP2 - A site aimed at IT professionals, with useful information and White Papers on Windows XP SP2, including a whole section on deployment
- Executable to temporarily block delivery of Windows XP SP2 to a PC through Automatic Updates and Windows Update - This Microsoft signed executable creates the registry value and sets the associated value that temporarily blocks the delivery of Windows XP SP2 to the system via Automatic Updates (AU) or Windows Update (WU)
- Executable to un-block delivery of Windows XP SP2 to a PC through Automatic Updates and Windows Update - This Microsoft signed executable removes the previously created registry value that temporarily blocked the delivery Windows XP SP2 to the system via Automatic Updates (AU) or Windows Update (WU)
- Toolkit to temporarily block delivery of Windows XP SP2 to a PC through Automatic Updates and Windows - While recognising the security benefits of Windows XP SP2, some organisations have requested the ability to temporarily disable delivery of this update via Automatic Updates (AU) and Windows Update (WU)
Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies, and specialises in the areas of e-government and information security.
For further information on Zentelligence and its research, presentation and analyst services, visit www.zentelligence.com
Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.
This was first published in September 2004