Windows XP SP2 In Release

mr_tommy writes "Service Pack 2 for Windows XP has been released to manufacturers (RTM), is available to MSDN customers, and will soon be available to all via Windows Update and Microsoft sites. At ~ 250 megs, the download is big, and Microsoft will be offering the option of getting it on CDs. The much awaited Service Pack comes with many security updates (new NX and DEP protection), extra features (firewall, security center), and improvements for Windows. New versions of IE and OE come with the release, as well as improvements in the wireless networking field. So far, the service pack seems to be very stable (no known major issues) and does seem to speed up most systems. A review of SP2 Final with some limited download links is available at Neowin.net. I'd urge all users (pirate users too) to deploy the service pack and benefit from the genuine effort Microsoft have made with regards to security in this release." We did cover this recently but since this is a major deal, we figured people would want to know more.

SP2

[Klar]

Even as a person who owns a legal copy of XP Pro, I am pleased that SP2 will be able to be installed on almost all copies of XP that are around. Hopefully this will help slow spyware and other annoyances down!

Also, I've heard that the download is available from the new windows update site: here and several bit torrent websites(file name: WindowsXP-KB835935-SP2-ENU.exe, MD5: 59a98f181fe383907e520a391d75b5a7, size: 278,927,592 bytes)

Re:SP2

[tgrigsby]

WHOA -- I have to be honest with you, I'm not going to trust an update of my operating system to something I drag off a BitTorrent site. Perhaps someone can alleviate the apprehension -- what are the odds that some jerkweed is going to attach backdoor warez to that download?

Personally, I'm cautious enough that I'd rather download it directly from Microsoft than try to gain some perceived savings in downloading it from a 3rd party site.

Re:SP2

man you can't have a backdoor cause it comes from Microsoft!

Re:SP2

[schon]

I'm not going to trust an update of my operating system to something I drag off a BitTorrent site.

I infer from this that you'd trust any other download from BT? Why?

what are the odds that some jerkweed is going to attach backdoor warez to that download?

About the same that some jerkweed is going to attach a backdoor to any other torrent you download.

Re:SP2

[Zone-MR]

Firstly, there were MD5 checksums posted on Neowin, and verified by a lot of people with access to the official release via the windows beta site. Unless a heck of a lot of people are in on the conspiracy, it's safe to assume the MD5 hashes are in fact valid.

Secondly, all official Microsoft updates, including service pack 2 are digitally signed by Micrsoft to prevent tampering.

My advice: Grow a little, do some research before you post, and take off your tin-foil hat. It looks incredibly silly.

Re:SP2

[Dahan]

I haven't downloaded that file, but doesn't MS always digitally sign their updates? If so, you could right-click on the EXE, select Properties, then go to the "Digital Signatures" tab to check the signature.

Re:SP2

[iabervon]

I'd hope it's signed with a key you already have from Microsoft, and has an MD5 sum that Microsoft has published on their site. If so, you can be pretty certain that you're getting the same thing that they put out. Considering that your connection to microsoft.com is going over a similarly untrusted network, you should be using similarly paranoid checks on that.

Re:SP2

[nolife]

And how is this any different from downloading your newest Linux distro ISO? I would not call your concern insightful, I'd call it pure FUD. As with any download, compare and verify the hash before you use it, if a known good hash is not available, take your chances.

Some MD5 verification apps for W32.
Here
Here
Here.
There are others.

Re:SP2

[silicon+not+in+the+v]

If your concered about the about someone planting an trojan disguesed as sp2, the checksum is 59a98f181fe383907e520a391d75b5a7 *WindowsXP-KB835935-SP2-ENU.exe

Really? Then maybe I got a bad file. My checksum says
599go6t2ch0a56s4u1ck76e82r5!1337

Re:SP2

[Martin+Blank]

Does Microsoft post MD5 sums? I know that their they use PGP when sending out security bulletins, which I thought was a major step for them to use an outside product like that, but I don't think I've seen MD5 sums from them. They prefer to use Authenticode, IIRC.

Re:SP2

My advice: Grow a little, do some research before you post, and take off your tin-foil hat. It looks incredibly silly.

Woah! You only think that because you made the mistake of taking your tin-foil hat off.

Your mind is theirs now.

Re:SP2

[jenesais]

Why bother with files-from-who-knows-where.

Get Windows XP Service Pack 2 Network Installation Package for IT Professionals and Developers directly from MS Technet: http://www.microsoft.com/downloads/details.aspx?Fa milyId=049C9DBE-3B8E-4F30-8245-9E368D3CDB5A&displa ylang=en/

Re:SP2

[BoomN]

SP2 has just recently been made available as an official download from Microsoft
http://www.microsoft.com/downloads/details.aspx?Fa milyID=049c9dbe-3b8e-4f30-8245-9e368d3cdb5a&Displa yLang=en/

Re:SP2

[gosand]

I infer from this that you'd trust any other download from BT? Why?

I don't agree with the original tinfoil-hatter's reasons, but consider this: If I host a BT link to the patch, I can put a dummy 250MB file in its place. If someone tries to download it, I know that they have an unpatched version of XP. And now I have their IP address, and I know it will take them a while to get the official patch.

Granted, it isn't like you are giving them Admin password or anything, but it is information.

Re:SP2

[RonnyJ]

Heres an official Microsoft link to SP2 final:

Windows XP SP2 - more details about the file here

Interestingly, it's 272.4mb, not 266.01mb as the 'leaked' release was...

Re:SP2

[Martin+Blank]

272391 KB / 1024 KB/MB = 266.01MB

Learn some math.

Re:SP2

[Martin+Blank]

No, that's where a handful of elitists are going. That "mebi/kibi" crap needs to go back to the hell that spawned it, and proves that engineers (apparently especially those that make up the IEC's governing body) should not be making up words, especially words like "exbibytes." Doesn't exactly roll off the tongue.

At best, you're being pedantic with this in attempting to defend the initial point. At worst, you're just trolling.

Makes sense

[Yeechang+Lee]

Now I know why my computer just exploded in "The Simpsons"-style flames.

odd or even

[wawannem]

Is it odd or even service packs that usually cause problems?

Install it now

[Tod+DeBie]

Install it now! Say what you will about MS, but this looks like a good improvement. Maybe I'll wait untill you all install it first...

RTM?

[boomgopher]

Ahem, it's Released To Fucking Manufacturers (RTFM), thank you.

Re:RTM?

I'm waiting for Services For Unix to be Released To Fucking Manufacturers. Then we'll have:

SFU RTFM

250MB!?!?

[afidel]

Holly cow, that's bigger than ALL of windows 98! I know there are a TON of improvements in SP2 but the size is kind of crazy, I guess SUS would have been a good idea even at small clients =)

Re:250MB!?!?

Well remember that they do not provide 'changes only' -- e.g. if they change one line in a DLL they have to provide the entire DLL. Given the breadth of fixes it's not unsurprising that many files will be replaced.

Re:250MB!?!?

[spectecjr]

Holly cow, that's bigger than ALL of windows 98! I know there are a TON of improvements in SP2 but the size is kind of crazy

That's the administrative install version that covers everything - including Windows Media Center edition, Windows Tablet PC Edition, etc. If you download the client version, it'll only download the files you need.

Re:250MB!?!?

[x0n]

This is a common misconception. SP2 is not big because "of all the fixes", but rather because XP's core has been recompiled with VC 2005 compilers to provide the latest optimizations (as well as a software equivalent of NX) among other things, hence you're downloading pretty much ALL of XP's core, with fixes/changes to only some of it. SP1 and previous were compiled with VC6 I believe.

- Oisin

Re:250MB!?!?

[Waffle+Iron]

That's bad, but my SuSE 9.1 currently has 300MB of update RPMs in its cache folder, and it's only been 4 months since release. (Actually, subtracting out multiple updates on the same package and kernel sources, that leaves only about 90MB of "essential" updates. It's still pretty ridiculous, though.)

All of this seems very inefficient to me, given that most of the time a patch fixes just a few lines of mistaken code. Maybe they should add something like a "#pragma patch" to gcc around code fix lines. It would generate the exact original binary, tack the patched code onto the end of the binary and insert a jump instead of the original code. Then most updates could be put out in a few KB of binary diffs.

Re:250MB!?!?

[AlphaSys]

What are you guys smokin? My download from MSDN says:

File
en_winxp_sp2.iso, ISO-9660 CD Image
Size
475.35 MB

My favorite part?

Minimum Estimated Download Times
T1 42 minutes
128 KB 8 hours, 39 minutes
64 KB 19 hours, 29 minutes
28.8 KB 43 hours, 18 minutes

Re:250MB!?!?

[Mephie]

they do not provide 'changes only'

Yes they do. As of this release/Windows Update 5, in fact. The size, as is pointed out a few posts down, is cos this is the administrative edition which contains everything. You won't need everything unless you're running a vanilla XP install that hasn't had SP 1 or a single hotfix installed.

Re:250MB!?!?

[x0n]

Well, Mr. AC,

I'm not in the habit of making things up -- except perhaps this -- but an excerpt from http://www.microsoft.com/technet/prodtechnol/winxp pro/maintain/sp2chngs.mspx:

Memory protection.
Some attacks by malicious software leverage software security vulnerabilities that allow too much data to be copied into areas of the computer's memory. These vulnerabilities are typically referred to as buffer overruns. Although no single technique can completely eliminate this type of vulnerability, Microsoft is employing a number of security technologies to mitigate these attacks from different angles. First, core Windows components have been recompiled with the most recent version of our compiler technology , which provides added protection against buffer overruns.

-Oisin

Pirate users click here!

[garcia]

Use this link for the pirates info. No sense in linking to a forum that just links to another.

Daddypants agrees.

sitting

[ryanw]

I'll be letting that one sit for about 6 months before I touch it...

Re:sitting

[wintermind]

While I see your point, I almost feel for Microsoft on this: no matter what they do, people are going to complain. I use Linux on my boxes, but I also have to feed and care for my wife's XP Home edition system. I will install the Service Pack and I will no doubt curse at it for a bit, but I am glad that MS is taking such a hard-nosed approach to security now. Better that than the alternative.

Re:sitting

[x0n]

It yells at you if you don't have virus protection enabled. It asks if you want to run your own Firewall but its is enabled by default. If you have both running it could cause you problems.

What an utterly pointless comment. It doesn't "yell" at you for not having antivirus software, it announces, and quite rightly too. Who the hell else is going to yell at the countless morons who unknowingly infect their machines by clicking on every EXE that arrives and are not prevented by having up to date AV software. Next time you check your inbox pal and delete the countless virus spam messages, think about how you'd like to "yell" at the tit who sent it to you.

I don't particularly care for the pop-up blocker and I can't imagine that most users will care for it either.

Another ridiculous thing to say. The popup blocker was the most requested feature, and anytime anyone dissed IE in the past, it included that particular lack. Where do you get these ideas from?

This is going to be a big hassle for people who don't know what they are doing and it's likely going to be a big hassle for everyone else too.

Another ridiculously empty statement: yes, it may be hassle for some people, but they have to learn somewhere. How hard can it be to click "next", "next", "finish"? For every person that goes through installing it, it means _less_ hassle for the rest of us, not more. At this point, it is clear to all that you are just engaging in pointless FUD, either for the sheer fun of trolling or perhaps regrettably, you are as dumb as you sound.

- Oisin

Re:sitting

[garcia]

It's a godsend, and it works pretty well.

While it may work pretty well (depending on your own definition of that) it is certainly NOT a godsend.

It's certainly not a "godsend". If anything it is just an annoyance that most people (who will even get it installed) will shut off if they can.

Please...

[superpulpsicle]

RTM usually means there are about 60 hotfixes to follow.

I swear among all OSes, AIX is the only OS that has figured out how to pack near perfect patches. M$ still has alot to learn from IBM, even in 2004.

Missing features...

[dave-tx]

Sure would have been nice if they had included a new solitare game in the release. I've already got my machine firewalled, and have never had an issue with security on this box. I mean, hell, at least give me something I'll use!

Only being half sarcastic, actually.

Already disabled the firewall

[Microlith]

After it harassing me left and right about programs connecting to the internet. Even after letting it run for a while, it never spotted a program connecting that wasn't supposed to be.

I imagine things will continue as they have. No firewall. No spyware, no trojans, no 0wn3d machines. Just proper patches and Mozilla.

Re:Already disabled the firewall

[darien]

After it harassing me left and right about programs connecting to the internet. Even after letting it run for a while, it never spotted a program connecting that wasn't supposed to be.

Maybe you didn't like it, but I imagine Zone Labs are feeling pretty nervous right now...

Re:Already disabled the firewall

[Nick+of+NSTime]

What's your IP?

Signed,
Nigerian Scammer

Re:Already disabled the firewall

[MindStalker]

Whats really funny, is in RC2 (don't know if its fixed yet). It bugged me about every program. Except my network print server, it just blocked access to completly, without any notification. Had to turn firewall completly off to use it couldn't find any way to unblock.
Yes I told microsoft, if they listened is another story.
(Incase anyone is interested it was linksys wireless print server WPS54GU2)

Re:Already disabled the firewall

[AKnightCowboy]

127.0.0.1

Fool, that's your localhost address. Your real address is the one assigned to a physical adapter. For example, mine is 192.168.10.20. Feel free to hack me all you want.

Re:Already disabled the firewall

[maird]

Hey, that's on my subnet and you don't respond to ping and port-scan shows no response on any port. You hackers are really clever.

Re:Already disabled the firewall

Wait a minute! That's my subnet. What are you two doing on my subnet?

I'll fool you both though. I'll disconnect the modem!

The short answer

[lildogie]

> Is it odd or even service packs that usually cause problems?

Yes.

Re:Fast download!

[Clemensa]

I have dial up. On a two hour cut off basis. I'm thinking my system may stay unpatched !

Mirrors...

[ares284]

It's the top three downloads on Filemirrors.com, for those of you having problems getting working links.


-Ares

Re:Mirrors...

[RonnyJ]

You can now download it from Microsoft here

Re:BitTorrent?

[Izago909]

Yea. Try this post that was made in the original article:
http://it.slashdot.org/comments.pl?sid=117069&cid= 9905241

Big Push with the Automatic Updates

[electricmba]

Every time they update a Microsoft O/S, the "Automatic Updates" feature is more in your face. Also, didn't I hear a while back that the "Scanning for Updates" plug-in captures and sends all sorts of extra info, like # of HD's in your comp, available space, hardware installed, etc.? Wonder what this new and improved plugin grabs.

Re:Big Push with the Automatic Updates

[osu-neko]

Unfortunately, not in your face enough -- Windows users have gotten too used to closing any window that opens unrequested without even reading what it says. I finally went around and set Windows Update to just automatically install the updates for people, as they would never do it themselves no matter how many times I urged them to stay on top of their updates.

List of patches

[Lisandro]

Does anyone know where i can find a list of bugfixes that this service pack includes, in addition to the already mentioned new security features? I've been battling with USB in XP (a webcam/digicam that makes the system reboot), and got nowhere so far.

How to change your pirated XP key

[rnelsonee]

If you're using one of the two widely pirated keys for XP (XXXXX-640-0000356-23XXX or XXXXX-640-2001765-23XXX), SP1 didn't install for you, and neither will SP2. So go ahead and change your key using Microsoft's own process. Search the web for valid keys....

Re:How to change your pirated XP key

[darkmeridian]

SP2 does work with pirated keys. MS has given up banning "stolen" keys. Anyways, search for the Windows XP key generator for the corporate edition. There is a way to make your edition a corporate edition by editing a file before you burn your CD. Search for it on Google because MS hunts down these links so they change. And if I link to it here, then the MS moles will just shut them down even quicker.

So, use some elbow grease.

Re:How to change your pirated XP key

[typobox43]

SP2 still blocks the keys that SP1 blocked, for the few people still using those keys.

Service pack or what it should have been?

[PipoDeClown]

Well Microsoft finally donnit. Iam glad they brought the final version of their XP operating system after using the beta version for over 2 years now. Looking forward to bugfixes to this version.

Quick question about system restore

[Typingsux]

Any excerpts from any links telling if I run a system restore point before SP2 will I be able to go back?

Re:Quick question about system restore

I did that with a beta, no problems at all.

Slashdotting the Internet?

[yndrd]

Let's see...millions of Windows users all downloading 250MB at once....

I guess this is the nuclear attack we've been waiting for to see if this whole "Internet" concept really works.

Re:Slashdotting the Internet?

[DrEasy]

Heh, maybe we can run Microsoft to bankruptcy by running their internet bill to crazy levels! Let's all download SP2 once a day in the background! ;-)

MAKE SURE YOU CHECK THE MD5, SIZE, SIG

[holy_smoke]

Just a friendly warning for the non-geekier readers out there: there are a LOT of bogus copies of this out on the net and P2P. Some are trojaned, some are pre-RTM. If its not the right size, md5 hash, or not digitally signed by MS and dated 8-4-04 don't install it. Have to give MS kudos on this one. The security center is a good addition, if a little annoying at first until you customize it to fit your situation. It even recognized AntiVir as my anti-virus program. System is running fine, no problems during or afer install except for a "cannot back up atapi.sys" warning (no big).

Slashdot Poll - what will we see first?

so MS XP SP2 won the poll then?

i was hoping on HL2 =(

I use Gentoo

[vuvewux]

Can I just `emerge` this service pack?

Does it work on pirated workstations ?

[mvballegooijen]

I was under the impression that Microsoft had withdrawn the report, that SP2 would work on pirated workstations ? Source: http://news.bbc.co.uk/1/hi/technology/3774567.stm I for one would be glad if it DID work on pirated workstations for the obvious reasons (worms).

Good job

[IamTheRealMike]

Seems like they've done a good job, judging from the screenshots they have nice, straightforward UI for a lot of things. In particular, their DEP UI (I'm assuming DEP is a direct equivalent to execshield on Linux) impressed me: when execshield came out there was no such control system for it. Now, the only program that I'm aware of which it broke is Wine which is a special case, but I would not be surprised if there were other programs out there which it would have broken too. It's this sort of "GUI for everything" approach the Linux community still needs to catch up on.

The new security center looked nice too, I can't imagine many people misunderstanding it.

Suprnova

[Penguinoflight]

I'm not going to link to the site I got from... probably would go against DMCA, but here's a like to a torrent with like 180 seeds already. http://66.90.75.92/suprnova//torrents/2355/Windows XP-SP2-RTM-exe.torrent

That's what the MD5 hash is for.

[Otto]

The MD5 hash of the real file is 59a98f181fe383907e520a391d75b5a7. If you download it, then you can check it with any tool to generate the MD5 hash, and if they match, you can be certain it hasn't been messed with.

That's the whole point of telling people what the hash of the file is.

Re:That's what the MD5 hash is for.

The MD5 hash of the real file is 59a98f181fe383907e520a391d75b5a7. If you download it, then you can check it with any tool to generate the MD5 hash, and if they match, you can be certain it hasn't been messed with.

That's the whole point of telling people what the hash of the file is.

No, that's just to verify that the file you just grabbed is the same that the ancestor posted about. And now you. Point to a MS-site displaying the hash, then we'll get somewhere.

Re:That's what the MD5 hash is for.

[dragonman97]

And not to be overly pedantic, but unless I download the file from Microsoft, how do I know that's really the MD5 hash? I'll wait until it's totally released, and download it once, and only once, test it, and once satisfied, will deploy it.

Re:That's what the MD5 hash is for.

[southpolesammy]

No offense, but unless Microsoft themselves put up a statement with this MD5 checksum as being valid, I think I will pass on the BitTorrent method in this case. Chances are that it is 100% legit, but given the nature of the patch, I'll go with better safe than sorry and download it directly, even if it takes hours or days.

Re:That's what the MD5 hash is for.

[slug359]

The file has a genuine Microsoft digital signature that you can verify by right clicking and going to properties, it'll show you the signature details and the cert chain.

Re:That's what the MD5 hash is for.

[ManxStef]

He has a point. It's all about trust: if you don't trust any of the posters that say, "I've downloaded the original and its MD5 hash is the same as that of the torrent" then, no matter how many me too's there are, you should steer clear and get the file from a trusted source. Simple as that.

Personally, I check MD5s and GPG/PGP signatures of the binary tools I use whereever possible, but not all of them are supplied with these so it's a little impractical. It doesn't hurt to be cautious though: do you really, absolutely, positively need it [whatever it is] RIGHT NOW, or would you rather wait for a guaranteed source that doesn't stand a chance of being the latest German beta/trojan/Goatse.cx vs. Tubgirl animated Flash EXE?*

Considering that installing a Service Pack (or equivalent OS update) should NEVER be taken lightly, I'd rather spend a few hours ghosting the machine and/or making sure that everything important was backed-up and verified, rather than rush to "be the first", especially in light of the previous Slashdot XP-SP2 coverage (as unscientific and unproved as the linked article was for that topic). Besides, wouldn't you rather that Microsoft paid for the bandwidth? ;)

*(Of course all of this is hypothetical; I haven't checked the torrent or its source or tried to confirm the hash with a trusted source. It may very well be the real thing, and from the amount of news coverage starting to spread SP2-final does appear to be out.)

Re:That's what the MD5 hash is for.

[zangdesign]

I'm with you. Furthermore, I'm absolutely not going to trust information like that posted on a site known for being distinctly anti-Microsoft.

Re:That's what the MD5 hash is for.

[slimak]

really? Last time I checked most distros take up multiple CDs. Mandrake is 3 full CDs and I believe SuSE and RH are similar.

Sure, 250 is a lot, but after a clean install of Mandrake 10.0 the updates were something around this 250 MB too (I don't recall the exact amount as it was a couple of months ago). Granted, this updated more than just the OS and core apps, but its still a heafty download.

I hope he updates it.

My Windows box is pwned by a 12 year scripty kiddy I hope he remembers to install this useful update.

This is not stable

I work with a CRM finance program named Made2Manage. We were informed by them that this service pack breaks the connection between them and SQL. We have heard the same thing from another software vendor for a sql based e-mail system. Supposedly, when MS turned on all of the security features for this SP they eliminated the way in which a number of vendors communicated with SQL. To date I have not received the go ahead for this service pack. M2M evidently contacted MS about this issue but received little or no assistance in resolving this issue.

So be warned. If you are running third party SQL based software this service pack may break it.

AbortRetry
Damn, now I need to create an account

Re:This is not stable

[spectecjr]

work with a CRM finance program named Made2Manage. We were informed by them that this service pack breaks the connection between them and SQL. We have heard the same thing from another software vendor for a sql based e-mail system. Supposedly, when MS turned on all of the security features for this SP they eliminated the way in which a number of vendors communicated with SQL. To date I have not received the go ahead for this service pack. M2M evidently contacted MS about this issue but received little or no assistance in resolving this issue.

Perhaps they didn't receive any assistance because all of the information they need is already on the web and has been on the web for the past two or three months?

Microsoft's SQL Server with XP SP2 FAQ

Q. How does Windows XP SP2 affect SQL Server?

A. SQL Server will have access to the local subnet by means of file and print sharing, which will enable access to named pipes, also known as multi-protocol, that use Port 445. TCP/IP and UDP will be turned off by default. Applications that connect to a SQL Server database by means of a network will not be able to accept or make connections. This setting change helps protect the customer system by making it resilient to malicious worms that send port requests to a computer in an attempt to create a denial of service attack.

Q. What if my application needs SQL Server to listen to the network?

A. In cases where your application needs to use TCP/IP or named pipes to access the network, we recommend that you set up access on an as needed basis. We also recommend that for TCP/IP, you use a static port assignment. For applications that use a named instance of MSDE with dynamic TCP port selection enabled, you can open the UDP port 1434 and the TCP/IP port as appropriate. For named pipes, we recommend that you use the Windows Firewall tool to open file and print sharing with Port 445 enabled. Microsoft does not recommend the use of multi-protocol to connect to SQL Server or MSDE.

Small warning

[veritron]

If you have a processor that supports NX, SP2 will not be compatible with some programs, especially dynamic recompilers.

As R. Belmont pointed out to me on a different message board, dynamic recompilers allocate memory, fill it with x86 instructions, and then jump to it. NX specifically prohibits executing allocated memory, so dynamic recompilers should crash in SP2 on processors that support NX.

Expect this feature to break many current emulators (Mame will be fine.) The feature supposedly can be turned off in Windows, but since I don't have a processor that supports NX, I don't know where one would do so in the interface. The newer Athlon chips - specifically, the Athlon 64's, and future Pentium 4s, support NX, so keep that in mind when upgrading to SP2.

Re:Small warning

Actually, this is a matter of syntactical correctness more than anything else. The code segment fills the data segment with code, and then has to (by specification) mark the appropriate segment as code to the processor, which will grant it execution rights upon the system.

Previously this was unenforced, but if you're going to be developing this kind of application for processors with NX support, the least you could do is adhere to the damn specifications.

-SG

It fixes the holes, but does it break the fixes?

[Jonah+Hex]

Ok, I've read up on the new features, think it's about damn time and all that. However I'm really wondering how this thing is going to effect all the programs my little computer repair biz have been installing since, well, always. ;) Firefox, Thunderbird, Ad-Aware, Spybot S&D, SpywareBlaster, SpywareGuard, GoogleToolbar, AntiVir, Protowall, Blocklist Manager, a Firewall, etc. And the biz's which usually use a mix of Symantec/Norton alongside something even more esoteric if your unlucky.

I'm really not looking forward to dealing with this major of a Windows architecture switch, if only for the fact that most Windoze users love to find a brick wall and slam into it, even if that means insisting on using VirusScan OuttaDate straight off their Restore Disks labeled "Year 2000 Compliant!" Thanks Microsoft, long overdue fixes for Windows and job security all in one.

Jonah Hex

250 megs?

[DroopyStonx]

Try 475. At least, the one that's up on MSDN is 475.

Re:250 megs?

[pdawson]

The network install of SP2 is ~250 megs, the file up on MSDN is an .iso image of the full CD that includes SP2, .Net runtimes, and other such updates.

Re:250 megs?

[Fallen+Andy]

Prob a full XP + SP2 CD image...
But er. Why can't they learn the concept of binary diffs a la .RTPatch?

I'm still going to wait a couple of weeks at least to see whether they have to release an SP2a before commiting to this - at least it would be good to know what scenarios it breaks in (aside from old pirate keys)....

No big rush , even the script kiddies are on holiday :-).

Now it's stable?!?!?

[invisik]

So, that RC2 was soooo unstable (3 of 5 machines wouldn't boot afterwards) and now the release is stated as "stable" ? I find it hard to believe that they were able to fix it that quickly.

Does anyone have a GM they've tested yet?

I'm still worried about having everyone install it right away... Will probably recommend to wait until September.....

Thanks for any additional info!

-m

Re:Now it's stable?!?!?

[freeze128]

>Does anyone have a GM they've tested yet?

Windows XP SP2 is for Computers running Microsoft's Windows XP. It won't run on anything made by General Motors.

Re:Now it's stable?!?!?

[dfj225]

I have RC2 installed on my system and I haven't had any problems yet. No BSODs, no crashes of other software that I use, and I have even been playing Doom 3 with no problems. To me it seems that RC2 was pretty stable. Now I might just be one of the lucky 2 of 5 that works and it might have something to do with the fact that my system only has quality hardware and drivers installed, but I am pretty happy with RC2. In fact, I have even noticed an increased performance in my wireless connection. It seems to me that the installation of the final SP2 should go pretty smoothly, at least on my system anyway.

Re:Now it's stable?!?!?

The definition of stable varies. The problem in the heavily biased tests was that driver-level hooks to the operating system were being used to enforce the reinstallation of software that should not have been there in the first place. These hooks were not designed to work with the new configuration, and as such fail, causing all manner of wierd and wonderfuls.

While SP2's final release does not contain specific code to deal with this, if your system is completely comprimised then any good security institution will tell you that a system rebuild is in order. It is your personal task to obtain software that secures a system in advance of a major upgrade. You wouldnt start fitting new locks on the car while driving down the road at full throttle, after all :)

As a matter of fact, the industrial success rate for non-compromised systems when deploying XP SP2 was near enough 100% amongst the test cases as to make no odds. Don't forget, the same source that claimed 3 out of 5 was also the one saying it'd been delayed again just last week.

Re:Fast download!

[Neophytus]

Windows BITS will download SP2 incrementally every time you are online using spare bandwidth (assuming you dial in directly) when you enable automatic downloading of updates. In a couple of months (years ;)) you'll be prompted that it's ready to install, assuming you haven't ordered your cd by that time :)

An issue to note

[AviLazar]

Please be aware that SP2 will cause some problems with official MS products (i.e. CRM). So you may want to backup your system (obvious) prior to installing this update.
Someone sent a friend of mine a BSOD graphic after they installed SP2 on their computer. Their computer now needs a fresh install. Though I like to do a fresh install whenever an SP update comes out (good for the soul).

Microsoft software breaks Microsoft software.

[Futurepower(R)]

Microsoft says Installing Windows XP Service Pack 2 (SP2) will prevent Microsoft CRM versions 1.0 and 1.2 from running correctly. Version 1.2 is the latest.

More Microsoft CRM stories: Shortly after Microsoft began using its Customer Relations Management software, we got a call from a Microsoft representative inviting us to a meeting in New Jersey. This caused some confusion until the rep said the Microsoft CRM database showed we were based in New Jersey. (Correct answer: Oregon.) Last Friday we got a call from someone at Microsoft who invited us to a local meeting. Three minutes later we got another call from the same person. She didn't realize she had called the same number.

please be accurate in the headline so

folks will fully understand

the 260MB download is only for the full network install...the msdn download includes tools and comes in at over 400MB.

folks using automatic updates are apparently looking at a 70-90MB download as the updater reads and downloads only what is missing.

and also point out the svc pk update cd will be mailed FREE OF CHARGE around the world.

IBM?

[Daengbo]

Well, IBM isn't recommending that anyone deploy it at all just yet.

Re:IBM?

[YU+Nicks+NE+Way]

That isn't quite accurate.

IBM is recommending that its internal people not install SP2 yet -- not because of SP2, but because IBM's web apps might be broken. Windows used to tolerate that brokenness, but SP2 now demands proper compliance with the security rules of the platform. IBM is telling people to wait until they've tested the web apps and fixed any broken ones before shifting.

For my part, I don't understand why they didn't start fixing their apps months ago. The design of SP2 was fully fleshed out by the time RC1 rolled around. One of the reasons Microsoft sent out the RC's was so that businesses and partners could update their applications.

<irony>I'm a trifle puzzled by the delay: the fixes that SP2 requires are fixes that should have been in place previously; why would anyone delay putting in necessary security fixes in their code?</irony>

Re:IBM?

Well, it also doesn't hurt that Microsoft's firewall thinks that IBM's internal system tracking software is spyware, and blocks it from broadcasting. :)

Re:Perhaps a related problem?

Here's a quote that might help:-

This patch was issued in response to a surge of malware intended to steal the unecrypted key from the private data store of users. This was unavoidable, and a design decision we had to make given the relative time and urgency.

Given the nature and scope of SP2, a full and considered solution to the matter was developed that does not as-easily allow a single comprimised client to open up an entire private network.

Re:What?

[EdMcMan]

The cd is offered for free by MS. If you don't want to download it, order it for free.

Also, Microsoft has updated their background downloading, so supposedly modem users can download this in the background (over a long period of time).

BitTorrent and validity

[TheSHAD0W]

BitTorrent is designed to transfer data while verifying its validity, but in order for that to work the metafile (.torrent file) must come from a trusted source. In this case, you aren't retrieving the file from microsoft.com, so you'd better have an alternate method of figuring out whether or not it's been tampered with.

Re:"RTM"??

[Dmala]

It's also handy because, when a release is so many weeks late (varies by company), "Release To Manufacture" changes to "Release The Motherfucker"

Ugh, big download

[mackman]

If you're on a slow connection, try submerging your computer in your bathtub. You'll be just as secure and you're about as likely to reboot successfully.

Oddness

[jb.hl.com]

As an aside, one odd change I've noticed is that instead of saying Windows XP Professional, the boot screen now says only Windows XP...

Not that I'm complaining, SP2 kicks ass, but a usable IE is a long way away :)

Firewall, schmirewall

[Fryth]

Running without a firewall is not smart, but not necessarily stupid, either. Once you run all the windows update patches, and disable file sharing on your WAN adapter (or at least use a good password and disable the guest account), what's left for people to hack? The only difference between this situation and one with a firewall, is that your ports will be replying to requests with a connection reset packet instead of staying silent. It shows that your PC is up and running, but nothing else. To be exploited, one must be already running trojans or spyware that allow this sort of behaviour. You don't open *those* attachments, do you? So run your machine without a firewall all you want, just be sure to keep it up-to-date.

Also, ZoneAlarm works as promised, and it's free. This isn't a hearty recommendation, but it's not broken, either. If you don't have a hardware solution (router), use ZA.

Re:Windows security alerts

[TheAwfulTruth]

Does no one even bother looking at the security center that comes up after first reboot?

Ok after that trollish intro, do this:

* Open Control panel
* Open "Security Center"
* Click on "Change the way security center alerts me"
* Turn off any alert options like virus scanning or firewall that you do not have or do not intend to have installed.
* Tray icon goes away!

Now released to the general public

[NilsK]

You can download now without any login required from MS.
Guess this will be breaking down within minutes...

Nils

Re:Warez File Server

[sqrt(2)]

What kind of idiot script kiddie makes there trojan run a process called "Warez File Server"?