Monday, August 23, 2004

Windows XP SP-2 update risks

Since Microsoft has announced the major patch, Service Pack 2, for Windows XP, users are scrambling to understand whether the security improvements are worth the trouble to obtain.

Users of Windows 98 and Windows ME are happily unaffected by this change.

SP-2 is a 'fix' for flaws in Windows XP. It is so major, it's almost like getting a new copy of Windows. But it requires disk space and memory to run. It requires a huge amount of disk space, and a long time to download. For people using dial-up, it might be more effective to order the CD from Microsoft.

Microsoft recommends turning on Windows Update and letting it download a little bit of the program every day. That eases the burden on their download servers more than it helps us, but it is probably a good idea. Also, remember to use System Restore frequently to set a restore point so you at least have a chance of undoing the changes if you run into trouble.

Disk space
You'd think Microsoft was profiting from the sale of hard drives, with their expansive need for disk space to download the patch. Their web site suggests you need almost one gigabyte (1 GB) of disk space free on Windows XP Home and 1.5 GB on XP Professional. This is for the service pack itself, working space, space for files it will delete and room to keep track of what it's doing.

The rewards
The patch is intended to fix the security flaws in the Microsoft operating system and in Internet Explorer. These products are vulnerable to hackers and have cost corporations millions of dollars to set defenses, buy redundant protection, and clean up from hacker attacks. Companies have put significant pressure on Microsoft to do something about the weaknesses in its program, and this is their solution.

Oddly, as users we won't see much of the benefit of this increased security, but we will be frustrated by it when it hinders something we used to do just fine before this alledgely helpful 'fix.'

The risks
Some vendors, such as SBC Global, are already aware of conflicts caused by the Microsoft patch and have a work-around. So now this necessitates visiting their web site and downloading the patch that will keep your DSL connection working. Many other vendors will be tagging along, cleaning up the mess left behind by the Microsoft upgrade.

Because of the firewall feature, users of Internet games, Instant Messaging and even ETrust and Norton Anti-Virus may run into trouble. It's interesting that Microsoft has added it's own anti-virus program in the service pack, thereby effectively disabling the anti-virus software we bought from other vendors. In most cases the solution just requires telling the new Microsoft firewall to open a port allowing these programs to send data out from your computer, but it sure is annoying to have this forced on us by Microsoft.

Just as when we first moved to Windows XP, there are some programs and devices that won't work with the upgrade. And, with the unfriendly firewall, you'll be surprised by the intrusion of it's messages every time you want to access the Internet. Like a new puppy, the program can be trained to know what "out" means, so you just need to exercise patience along with your mouse finger when the messages appear. Bear in mind, for a firewall to be effective, you can't ruthlessly say "yes" to everything, or you'll be defeating the purpose of the protection.

Well, there will be more news on this as pioneers report all the problems they discover with the patch. Stay current by reading CNet at www.cnet.com or PC Magazine at pcmag.com, and check back here for more articles soon.