Slashdot Mirror
Ready or Not, Here Comes Service Pack 2
I_am_Rambi writes "On Tuesday, April 12, Microsoft will turn off the blocking feature that has made it possible for some enterprises to block Windows XP Service Pack 2 downloads by employees who use Automatic Update. That means in companies that used the blocking tool, SP2 will be downloaded automatically to desktop computers that use Windows' Automatic Update feature." An anonymous reader adds "Microsoft has published a list of known software that will not work with Service Pack 2. Most of the software will either not run or will display a blue screen of death during installation of the software or when you start up your computer." That may be why, as ErichTheWebGuy writes, "In a survey of PCs at 251 businesses in the U.S. and Canada, asset tracking company AssetMetrix of Ottawa found that only 24 percent of the systems running Windows XP had been upgraded to Service Pack 2."
Every Enterprise that uses a Windows network should have their own SUS or something more sophisticated to manage the patches that are deployed.
with this you can control what patches are deployed and when
Thats why clever administrators will be using MS SUS Server. A free MS product that lets administrators choose when patches get pushed out.
Setup correctly with group policy you can prevent users from running windows update and installing updates themselves.
Which is essential with XP SP2 as I look after around a thousand desktops and SP2 has been NOTHING but trouble in all our testing so far.
Come on people, you have had time to get ready for this.
/250 machines, all XP have been SP2 for months since I flipped the switch in WUS //99.5% spyware free ///Properly implemented and secured Windows network
Ever feel like you are driving the getaway car?
All of the negative noise about SP2 is alot of FUD (howz that for irony). I recommend it to all of my neighbors who are inundated with viruses and [mal|ad]-ware (no way they are switchng to Linux, so don't even go there).
If you don't want your machine automatically updated, get this, turn off automatic updates!
Now wasn't that easy?
Le français vous intéresse?
C'mon Timothy. This was posted in Febuary
-gjr
> Photoshop CS runs just fine on
> my Windows XP SP2 box
Those who actually paid attention to the WHOLE list know that PhotoShop CS only fails to start under XP SP2 on 64-bit processors, and that Virtual PC simply runs XP SP2 virtual machines more *slowly* than XP SP1 virtual machines.
You know, if you want to do more than knee-jerk over the name in the left hand column.
Microsoft cheerleader, blue flag waving, you got a problem with that?
The fourth column in the table is processor type. Apparently, Photoshop CS doesn't work on a 64-bit processor with NX (no-execute protection) enabled.
FWIW, I'm running Photoshop CS on a P4 laptop with WinXP SP2 and all updates, and it runs great.
From my experience the Windows Firewall puts itself at the front of the line with the default of everything blocked (except some popular programs including Microsoft programs)
I was using Norton Internet Security and it continued to run and monitor program activity and port usage, but *behind* Windows' Firewall. After installation you have to shut off Windows Firewall and tell Windows that's okay and that you're running NIS.
(Or you could download the patch from Symantec that does that for you and notifies Windows that it's the Preferred Firewall vendor.)
Most of the software will either not run or will display a blue screen of death during installation of the software or when you start up your computer. This is simply not a true statement. A few programs will not start, but they won't Blue Screen the OS.
That nearly all the programs on that list are very old, or already have updates for SP2. Hey what the hell, it's Microsof so lets bash them anyways. Sp2 does a LOT of good things for the average Joe in protecting him from his own stupidity. ---- test ----
Anyone who is capable of getting themselves made President should on no account be allowed to do the job. - HHGTTG
Because we like compatiblity
Similarly, if you're using an older version of a product that fails to work in SP2, you should be seeking a solution (in the form of a patch or other workaround) from the software vendor, not Microsoft. If it is an internal program your company wrote itself for internal workflow, there should have been a project to make it work under SP2 all this time. Poor planning on your part does not constitute an emergency on Microsoft's part.
The security benefits of SP2 to the average user are real, and worth having. It isn't Microsoft's fault that 3rd party developers are still dragging their feet after all this time.
That said, it is unfortunate when otherwsie perfectly good software stops working in SP2 and the poor user is forced to perform a non-free upgrade to a new version. But again, this is not Microsoft's fault.
And finally, please don't tell my copies of NAV 2003 and Photoshop CS to stop working on my computer because SP2 is installed. They both work fine now, so I guess they didn't get the memo.
I'm sure I'll be modded down, but keep in mind I'm writing this with Firefox under Ubuntu. ;-)
"Why aren't we all using Macs in the first place?"
Games.
"Derp de derp."
I have Windows XP SP2 running Windows XP SP2 in Virtual PC right now. I don't see the problem.
The "problem" you missed is listed right there in TFA:
"When you run a Windows XP SP2-based virtual machine, it will perform slowly compared to a Windows XP SP1-based virtual machine."
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
b/c they basically sucked until OS X came out.
Before this gets out of hand, let it be known that SP2 is only downloaded it is not installed.
In order to install the service pack, the user has to be an admin and aceept the EULA as well as click through several disclaimers before manually installing the service pack.
THERE IS NO AUTOMATIC INSTALL OF SP2
Corporations have a lot of custom software. I know that even in a small law firm that I used to work for (about 25 people), we couldn't install Service Pack 2 simply because our core software wasn't compatible. MS only lists commercial software (obviously) but I've come across a ton of custom apps and older shareware and stuff that is less popular that breaks in many ways under SP2. It's not FUD, you jsut aren't in a situation to experience it. For home users, there really isn't any excuse not to install it (in most cases) and I highly recommend it, but for businesses its a different story.
Regards,
Steve
Photoshop CS runs fine on my XP SP2 64-bit processor machine.
A couple of points...
First, in regards to Mac software in stores, you might want to look a little closer at the PC section, where you'll be surprised to find that some of those CDs work just fine on Macs. Of course, they don't put this in the Mac software section because it also works on PCs. My local MicroCenter, for example, places these sorts of titles in a separate aisle with a little sign in the Mac section saying "More software available in Aisle 13."
I may be wrong but, for example, World of Warcraft ships on a disk (CD or DVD, I don't know) which contains both the Mac and Windows version. Go to the Mac section of a computer store and you probably won't find it. Thus, there's no "World of Warcraft" for Mac.
Second, if you're referring to the sum total of software titles, there can be no argument. There is simply more software available for Windows than Mac. However, if you break it up into categories, you'll find the Mac is pretty well represented in the types of things it can do. However, the names of the companies may not be ones you recognize.
For example, for years I was told that Macs couldn't do accounting because there was no QuickBooks from Intuit (there is now). The fact that there was AccountEdge and probably three or four other products was beside the point--no QuickBooks, no accounting.
That said, I'd also point out that you may have less competition in the Mac market. For example, a few years ago I thought it would be fun to learn some Vietnamese (my roomate is Vietnamese). Not having time for real classes, I figured I'd buy one of those programs that is supposed to teach you the language. On the PC, there were three or four choices. On the Mac? One. Take it, leave it, or write your own.
Where I find the Mac falls short is in software that interfaces with external devices--usually proprietary devices. For example, years ago when I had some money burning a hole in my pocket, I was debating getting an AIBO. Of course, the software to program it was only available for Windows. Another example is some cool software that let me read information off the chip in my car--nope, Windows only. These both sound like fun projects, though, and someday when I don't have paid work all over me, I'd still like to write something to handle it...
The other place is in "brand" software--almost exclusively games. You want to play Doom 3--not some other FPS game. Fun analogy: Everyone else can watch "Three's Company" and all you can watch is "Man of the House." Yeah, it's basically the same show, but...
I won't disagree with you when you say that there is "less software available for the Mac." But short of programming robots, tuning your car, running a sewing machine, or playing the latest "hip" game, you'll probably find that you are fine with a Macintosh.
It only shows up when I log in. I close the popup and it's done with until I next log in.
If thats your reasoning for not using a MAC then go get yourself a Logitech mouse. Its supported in the OS.
How do you make this simpler?
1. The baloon that says 'click this baloon to fix this problem'
2. The big button marked recommendations that includes the option to not monitor.
3. The menu that includes the option not to monitor.
Those are your choices, after clicking 1, you can follow 2 or 3.
Seriously, how do you make it simpler? It's already popping something up to tell you how to change it, do you need some kind of loud alarm and flashing lights to go with it?
Take Windows XP gold, unpatched and put it on a public network, it will be compromised in 15 minutes and a bot within an hour. But do the same think with the contemperaneous release of Red Hat and OS/X, do the same thing and guess what they will all be compromised within a couple of days.
I'd like to see someone compromise a default Red Hat install from at least the past couple of years. Hint: no listening services == no way you can touch me in the fashion you describe. I'm told the same goes for OSX, but I can't speak from experience on this front.
If you're alluding to people running 4 year old software ("contemperaneous release"), then perhaps. However, I'd love to see what kind of exploit you can come up with that compromises a box that refuses all incoming connections. Which, sadly, Windows still doesn't do (no, a software firewall isn't quite there yet).
Short of a busted TCP/IP stack (and at that point there's very little you could do regardless), have fun taking over my machines.
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
"Sure there is a version of Linux that has been secured by the NSA. Well whoopdeedo, how many people run it every day? answer almost none."
SELinux was added to Fedora with Fedora Core 2, with FC3 they now use 'targeted' policies (like theres a policy for what Apache can do, and other services to prevent what can happen even if there is a f'in massive security hole in it). SELinux isn't the only security project, most distributions are actively working on security as well, like Gentoo has the hardened patchset aimed at servers (and they are working to expand it to work fine with desktops).
Also since either version 1 or 2 of Fedora it has included prelink with the exec-shield making buffer overflows harder (still can overflow the buffer, but it makes it a hell of a lot harder to execute code with it).
Security is something thats very important to most Linux developers, thats why all the mentioned things exist. There are also ways that an admin can make their system even more secure, such as using Bastille Linux to harden the system even further.
Also I believe that it was found that it took in the months range for a *nix box to be compromised.
There's a Service Pack for Virtual PC that fixes the issue.
Life is like a sewer; what you get out of it depends on what you put into it...
Only because OSX actually numbers their patches. If WinXP changed a version number every time they patched something, we'd have a lot more than 30.
Whoever stated that signature sizes should be limited to one hundred and twenty characters can just go ahead and kiss my
I can't remember off the top of my head about dragging an object to create a shortcut, but to copy as apposed to move, just hold down [alt] while you drag. you'll see a little green (+) appear on the icon indicating this will copy as opposed to moving. Diq
WSUS (nee WUS) isn't out of beta yet and MS will not support it in production, as they state in bold letters on their web site.
SUS is still the supported the "current" product.
I guess it keeps the context of the thread. The guy who spent $120 on his PC obviously didn't pay full retail for Windows + Office.
nitpicking: From the context it seems unlikely that he actually stole his friend's copy of Windows. I think borrowed is the right word.
I have XP SP2 and an Athlon64.
/NoExecute=OptIn flag.
/NoExecute=OptIn from any of the boot lines.
/NoExecute=OptIn from any of the boot lines.
It has never had any problems what so ever with any application I have ever used, with exception to windows itself.
However I will repeat myself on how to get rid of those things that cause SP2 to screw up applications.
First: Turn off NoExecute, easily done by altering your boot.ini to remove the
Method 1: Hit start and go to Run... Type cmd
- Type: attrib -s -h -r %SystemDrive%\boot.ini
- Type: notepad %SystemDrive%\boot.ini
- Remove all instances of
- Save, Exit, and Type: attrib +s +h +r %SystemDrive%\boot.ini
- Reboot and NoExecute is now gone.
Method 2: Right click on My Computer and go to Properties
- Click on the Advanced tab and hit the settings button located in the Startup and Recovery section.
- Hit the edit button undernear the first set of check marks.
- Remove all instances of
- Save, exit, reboot.
Turn off the windows firewall
Method 1: Install a 3rd party software firewall first before continuing.
- Hit Start -> Run... and type: services.msc
- Navigate down the list until you get to Windows Firewall, double click on it.
- Hit the stop button and change the Startup type combobox to Disabled.
- Hit ok and close this.
- If you wish to turn off nagging (if your firewall does not support telling windows about itself) continue to the following.
Get rid of those firewall/antivirus/update warnings
Method 1:
- Go to your control panel. In either classic view or category view, open Security Center
- On the Resources bar, click on "Change the way Security Center alerts me"
- Uncheck all that you want the security center to quit nagging about.
- Hit ok. You are done.
I do not condone usage of windows sp2 without these key features, designed to prevent virii and attacks on your computer, without actually knowing what the hell you are doing, or at least have a viable replacement for them. NoExecute, in my view, is a waste of cpu cycles and memory space because most devices out there do not support the NX bit flag properly. Even on my Athlon64 3000+ I can see a pretty heafty performance hit in applications such as Photoshop CS when NoExecute is enabled, and other applications such as WindowBlinds (other than their was-then beta for SP2 users) and DesktopX become extremely unstable. Clearly microsoft did not have application compatibility in mind when they added this feature, but at least with the new revision of windows firewall it had a little more (of much needed) power. I like it how it can configure my router's hardware firewall as well as provide an additional layer of security for my systems. It does lack the configurability of the much loved Linux Firewall, and there are alternative firewalls I can use, but they tend to cause other conflicts with my other applications. So the jury is out with the Windows Firewall, but damn. The security center was by far the most annoying thing I have seen microsoft implement. I hope these corporate users have fun if their admins forget to turn that annoying service off.
[!] No, I can't see my comments. They are not worthy of +3 moderation.
You don't even have to go that far.
d efault.mspx
Allow my to introduce my friend for managing updates over a large Windows domain: SUS.
http://www.microsoft.com/windowsserversystem/sus/
I just pulled the update from a subnet of 12 PCs for a group who wanted to check before/after issues (It was a bug in our code if you must know). I can still roll out new updates over the network very easily, but SP2 just isn't installed.
How many people can read hex if only you and dead people can read hex?
After that, the whole windows-update thingy becomes mostly irrelevant.