Microsoft officials have indicated that although they are taking steps to prevent problems from occurring when SP2 is installed, security is the priority -- and there will be no quarter given to unsecure applications that introduce vulnerabilities.
Microsoft (Nasdaq: MSFT) is making it clear that Service Pack 2 (SP2) for Windows XP -- a more than 220-MB software update dubbed "XP plus" and "mini-Longhorn" by some industry watchers -- will have a sizeable effect on other applications as it seeks to shut out security weaknesses in enterprise systems.
The Redmond, Washington-based software giant claims it has worked hard to test the impact of SP2's security features, such as a default-enabled firewall. However, the company also is spending a fair amount of energy and resources to warn developers about applications that could be at risk in an upgrade.
"They're making a lot of noise with the development community that they need to look at their programs and do the testing," Meta Group vice president Steve Kleynhans told TechNewsWorld, noting that service packs have changed from the days when they were mere collections of bug fixes.
"Now, service packs are like mini-releases in terms of the testing [Microsoft does] and the cautions to the market," he said.
For Security's Sake
Microsoft officials have indicated that although they are taking steps to prevent problems from occurring when SP2 is installed, security is the priority -- and there will be no quarter given to unsecure applications that introduce vulnerabilities.
Kleynhans said that while all software would be created according to proper procedure in a perfect world, the reality of programming shortcuts and developer ignorance means security brings sacrifice.
"When you're tightening down, you're taking away certain functionality," he said -- but if some of that functionality is used by other applications, "you break them."
Kleynhans added that Microsoft has been particularly vocal in its warnings about SP2 because of the service pack's new security settings.
Put to the Wall
Gartner (NYSE: IT) vice president Richard Stiennon, who has called the recent spate of viruses and worms the price Microsoft must pay for "making protocols willy nilly just to get the job done," said SP2 likely will be treated as a completely new platform for companies.
"This service pack is a major upgrade and should probably fit into most organizations' test and deployment procedures in place now for switching between platforms," Stiennon told TechNewsWorld.
The analyst, who predicted slow uptake of the service pack, indicated the security emphasis marks a change for Microsoft -- one the company has been forced to make as vulnerabilities loom large.
"They're making a bigger deal out of [SP2] because it addresses so many security issues," Stiennon said. "It's a pretty big change in direction, but they're being pushed to the wall. They have to do this."
Taking IT Medicine
Despite Microsoft's efforts to help developers and other software makers avoid breakdowns during the SP2 rollout -- the company is offering online training and assisting larger vendors -- there is still some sentiment that Microsoft is trying to spread the blame for its security woes or is leaving out some developers.
However, Meta Group's Kleynhans said that, for the most part, any improvement in Microsoft product security mitigates the misgivings of developers and companies whose products might be affected.
"There's been a little bit of grumbling, but who's going to argue with Microsoft doing something about security?" he said.
PARC Aims To Smarten, Lock Down Mobile Tech March 05, 2004
PARC's new wireless security technology -- intended to make security simple enough to be widely used -- requires a two-step, two-minute process to set up 802.1x for a WiFi logon at its highest security level, compared with a more than 30-step, 90-minute process using traditional installation, according to the research center.
Related Stories
Microsoft Moves To Lock Down Developer Tools March 01, 2004
Microsoft said the design of the .Net Framework, also known as Whidbey, will be the security role model for developer products.
Windows XP Upgrade May Bridge Gap to Longhorn February 27, 2004
"From a security perspective, Microsoft is promising to bake it all into Longhorn -- that it's going to be more secure from the ground up," Gartner analyst John Pescatore told the E-Commerce Times. "The question is how long customers are willing to wait for that."
Microsoft Piles On Security with XP Service Pack 2 February 24, 2004
Meta Group vice president Steve Kleynhans, who called XP Service Pack 2 more of a product change than a rollup of fixes, told TechNewsWorld that despite previous statements to the contrary, Microsoft has been forced to release the sizeable, security-oriented Service Pack 2 because of attacks on Windows.
Microsoft Releases Monthly Patches, Delays Explorer Fix January 14, 2004
In a statement to TechNewsWorld, Microsoft indicated it is still actively investigating the Internet Explorer vulnerability to determine the appropriate course of action, which might include a fix through its monthly patch-release process or an out-of-cycle patch released specifically for IE.
Windows XP Service Pack 2 Goes Beta with Default Firewall December 16, 2003
Meta Group vice president Steve Kleynhans described two flavors of service packs: a rollup of fixes or an update that would change the product. He told TechNewsWorld that the Windows XP Service Pack 2 is more of a change of product.
Related News Alerts
More by Jay Lyman
Open Source Developer Dumps Novell Over Microsoft Deal December 26, 2006
A key open source developer, Jeremy Allison, who cofounded the Samba project, has resigned from Novell in protest over the company's recent agreement to enter a collaborative arrangement with Microsoft. The deal has created an uproar in the open source community because it does not treat all recipients of the GPL equally and thus violates the spirit of the license, critics say.
Financial Firms Tap Microsoft for Linux December 22, 2006
Three major financial institutions are among the first companies to go to Microsoft for Linux services, provided through an agreement the software giant struck with Novell. Although a recent survey showed customer approval of the collaboration, many members of the open source community view Novell's move as sleeping with the devil.
Mozilla Beefs Up Security in Firefox 2.0 December 21, 2006
Mozilla's latest update to its open source Firefox browser includes security measures targeting phishers. Phishing scams that use social engineering techniques to dupe Web surfers into revealing personal financial information have become an effective way for cybercriminals to conduct their nefarious activities on the Internet.
Headline Feeds
Talkback: 
