Slashdot Mirror
Microsoft Quietly Releases Windows 2003 SP2
Several readers noted that Microsoft has quietly released 32-bit Windows 2003 Service Pack 2 for download. (The 64-bit edition is still showing as a release candidate on the site.) The installation of SP2 may potentially regress hotfixes that have been deployed previously; Microsoft has released a script to scan for hotfixes that may potentially regress.
even just a update roll up would be nice. When you install a new xp sp2 system there is a lot of updates that you need to.
I fired up Windows Update on my XP Pro x64 rig today and it had a 350MB patch for me.
Didn't seem to change much, if anything.
Very good point. Why does MS prefer big honkin' files over a more granular approach anyway?
Microsoft doesn't prefer it: their corporate customers do, as they have to perform lengthy and expensive tests to confirm all of their mission critical apps work with the SP (imagine doing it after every patch).
Also the GP said that in Linux updates just mean the app is "updated" and there aren't any backwards incompatibilities... Hehe, I'd love to be that naive myself. Just consider however, we don't all run amateur home servers for our php blogs.
Most of the updates in SP2 have been already released as separate patches by now. If the system was kept up to date, this SP will only download/install only the few things that are missing and you don't have to go back and re-install anything.
Basically, an SP is mainly a a convenient way of getting an outdated system fully patched-up.
> No it won't. The full 350Mb appears on Windows Update even if you're fully patched up.
That's not what happens with XP, so I'm guessing that if what you say is true then it's a mistake and not a stupid idea on Microsoft's part.
My god, how often do you run updates? When I tried to update one of my test boxes running RC2 it detected that SP2 was already installed. I had to uninstall the RC version for it to detect that the "official" release was needed.
P.S.,
This is what part of the alphabet would look like if Q and R were eliminated.
But those tests are only so lengthy and expensive because just about anything can change. If you know that there's a change in Samba, you only have to test the things that depend on Samba, you don't have to retest everything in the system. The fact that you have to test so many things when you upgrade is just a microsoft thing. There isn't a lot of things that break if your patch consists of actually just fixing a single, or small number of bugs.
/dev/rand/ which is fed entropy from HDD, mouse, keyboard and network activity. In 2.6 network activity was no longer used (security issue), and the server hand no mouse, keyboard, and all files were on a NFS share. So /dev/rand/ was "running out of entropy" and blocking.
What you're talking about is simply the wrong perception of a guy who never dealt with the issue at hand.
Tell me: how can it be less testing to test individually all components that could be affected by a patch, versus testing for all components that could be affected by a list of patches. Especially if several patches affect the same exact components.
A SP isn't a black box. You get a list of the small fixes that are contained inside, so you again know what is being changed.
Also, testing just what could obviously break is a terrible way to test. A read a story about someone, who after upgrading to Linux kernel 2.6 started having random lockups in PHP/Apache.
What changed? After long and extensive testing, it turned out that sessions use
How would YOU guess that your 2.4 -> 2.6 kernel upgrade would cause PHP sessions to lock up under heavy load, when you look at the list of changes?? Answer: you wouldn't.
You'd deploy this on the live servers and experience mysterious downtimes all the time. And THIS is why enterprises test throughly all critical apps, even for the smallest patches.
Another point to big service packs is that once SP(n) is released, marketing can admit SP(n-1)
is really quite insecure on WIN(r-3) and how WIN(r) is now strongly recommended for your shop
learn to slipstream moron, you can take this 50 minutes to learn and make a custom cd, instead of bitching and being proud of it in slashdot.
He has an update pack to 2007/02/16.
Apples and Oranges. A change to the kernel potentially affects EVERYTHING on the system. Anyone doing a kernel upgrade *should* be retesting everything on the system.
Windows doesn't have a monolithic kernel like Linux. Are you going to flame now all OS with hybrid kernels and microkernels?
You wouldn't be right anyway, since there are tons of library dependencies in Linux apps where updating a component could cause a chain reaction affecting all libs that use it, the libs that use the libs, and some app that uses the latter libs, you never suspected.
Ummm ... yes, but that is you, not a corporate customer.
A few years back I was working for a company developing a large financial platform, and they were testing a few months before getting to the next service pack (then, the sys-admin installed it on all computers). This was being done on separate machines, and a full battery of tests had to be run, before approving the upgrade company-wide.
You simply cannot afford that, when you have a lot of small upgrades, spread over the same period. Also, when considering the same updates but distributed differently (small updates vs. service-pack) their likeliness of affecting something is exactly the same.
Tie two birds together: although they have four wings, they cannot fly. (The blind man)
"You wouldn't be right anyway, since there are tons of library dependencies in Linux apps where updating a component could cause a chain reaction affecting all libs that use it, the libs that use the libs, and some app that uses the latter libs, you never suspected."
Yes.
Still, I have yet to have *any* problem on a security update on Debian "stable" on about six years. How's that possible?
I'll tell you: Microsoft updates are not *security* updates; they overly change the way Windows behaves so it's no wonder something breaks because of it. If they were as concious as Debian people are about fixing *only* security holes and doing it by introducing the less possible changes and no behaviour change at all, you could bet Windows patches wouldn't be such a nightmare.
Please understand that has nothing to do with being Windows or Linux but about how serious they are about how upgrades have to be done: Debian is rock solid; Red Hat a bit of a concern; Gentoo almost doesn't pay attention to it; Microsoft is about as good as Gentoo.
http://support.microsoft.com/kb/898073 = [IE6 crashes on] digest proxy authentication [to https sites] http://support.microsoft.com/kb/918005 = Battery power may drain more quickly [after unplugging or undocking] http://support.microsoft.com/kb/918837 = power management is turned off [after disabling WakeOnWirelessLAN] http://support.microsoft.com/kb/924078 = [error opening] Properties [...] for a network printer on [WinXP] http://support.microsoft.com/kb/924301 = AutoComplete feature [broken after following javascript link in IE6] http://support.microsoft.com/kb/925020 = [Lockup when using] USB device on a multiprocessor computer http://support.microsoft.com/kb/925240 = warning message [...] new password that does not meet the requirements http://support.microsoft.com/kb/925513 = Error code Winsock [...] "WSAECONNABORTED (10053)" http://support.microsoft.com/kb/926047 = [Misplaced] AutoComplete box [...] in Internet Explorer 6 http://support.microsoft.com/kb/926132 = ...WMI does not clear event registrations when the corresponding sink...
http://support.microsoft.com/kb/926754 = STOP: 0x000000D1 (parameter1 , 0x00000002, 0x00000000, 0xf27b4e8e)
http://support.microsoft.com/kb/926940 = SQL Server 2000 Service Pack 4 stops responding
http://support.microsoft.com/kb/927291 = Dfsutil /import" command takes a long time to finish
http://support.microsoft.com/kb/927493 = Winsock programs may exhaust the system's non-paged pool
http://support.microsoft.com/kb/929620 = increased paging to the hard disk when you run an SAP R/3
These fixes are regressed, but they're not published on the public Knowledge Base:
"919757" "925290" "926305" "926513" "926583" "927197" "927436" "927893" "928194" "929066" "929759" "930620" "933452"
I'm so glad I don't have to test too many things:
joe@joes-laptop:~$ sudo apt-get dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
gtkhtml3.14 libgtkhtml3.14-19 libkexiv2-0 libwxbase2.8-0 libwxgtk2.8-0
linux-headers-2.6.20-10 linux-headers-2.6.20-10-generic
linux-image-2.6.20-10-generic linux-restricted-modules-2.6.20-10-generic
The following packages will be upgraded:
acpid app-install-data apport apport-gtk apport-qt apt apt-utils at-spi
bsdutils capplets-data console-setup cupsys cupsys-bsd cupsys-client
cupsys-common deskbar-applet desktop-file-utils dia-common dia-gnome
dia-libs digikam eog epiphany-browser epiphany-extensions espeak espeak-data
evince evolution evolution-common evolution-data-server
evolution-data-server-common evolution-exchange evolution-plugins
evolution-webcal f-spot feisty-session-splashes file-roller foomatic-filters
gdebi gdebi-core gdm gedit gedit-common gnome-about
gnome-accessibility-themes gnome-app-install gnome-applets
gnome-applets-data gnome-control-center gnome-desktop-data gnome-doc-utils
gnome-icon-theme gnome-keyring gnome-media gnome-media-common gnome-menus
gnome-orca gnome-panel gnome-panel-data gnome-power-manager
gnome-screensaver gnome-session gnome-system-monitor gnome-system-tools
gnome-terminal gnome-terminal-data gnome-themes gnome-utils gtk2-engines
gtk2-engines-pixbuf hal hal-device-manager kate kcontrol kde-style-polyester
kde-systemsettings kdebase-bin kdebase-data kdebase-kio-plugins kdepasswd
kdeprint kdesktop kdm kfind khelpcenter kicker klipper kmenuedit konqueror
konqueror-nsplugins konsole ksmserver ksplash ksysguard ksysguardd ktorrent
kubuntu-artwork-usplash kubuntu-default-settings kubuntu-desktop
kubuntu-docs kwin language-pack-en language-pack-en-base
language-pack-gnome-en language-pack-gnome-en-base libasound2 libatk1.0-0
libatspi1.0-0 libbonobo2-0 libbonobo2-common libbonoboui2-0
libbonoboui2-common libcairo2 libcamel1.2-10 libcupsimage2 libcupsys2
libcupsys2-dev libebook1.2-9 libecal1.2-7 libedata-book1.2-2
libedata-cal1.2-6 libedataserver1.2-9 libedataserverui1.2-8 libeel2-2
libeel2-data libegroupwise1.2-13 libespeak1 libexchange-storage1.2-3
libgail-common libgail-gnome-module libgail18 libgnome-desktop-2
libgnome-keyring0 libgnome-media0 libgnome-menu2 libgnome-window-settings1
libgnome2-0 libgnome2-common libgnomekbd-common libgnomekbd1 libgnomekbdui1
libgnomeprint2.2-0 libgnomeprint2.2-data libgnomeprintui2.2-0
libgnomeprintui2.2-common libgnomevfs2-0 libgnomevfs2-bin
libgnomevfs2-common libgnomevfs2-extra libgpgme11 libgtk2.0-0 libgtk2.0-bin
libgtk2.0-common libgtksourceview-common libgtksourceview1.0-0 libgucharmap6
libhal-dev libhal-storage1 libhal1 libkonq4 liblircclient0 libmetacity0
libmozjs0d libnautilus-burn4 libnautilus-extension1 libnm-glib0 libnm-util0
libnspr4-0d libnss3-0d liboobs-1-3 libpanel-applet2-0 libpango1.0-0
libpango1.0-common libpoppler1 libpoppler1-glib libpoppler1-qt libslab0
libtotem-plparser1 libvlc0 libvte-common libvte9 libwnck-common libwnck18
libxul-common libxul0d linux-686 linux-generic linux-headers-generic
linux-image-generic linux-libc-dev linux-restricted-modules-common
linux-restricted-m