From a security perspective, is there anything notable about Windows 7 Service Pack 1? Do we need to proceed with...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
SP1 if we are already up to date on our patch rollouts?
In previous versions of Windows service packs, the releases have been a big deal. Microsoft used them as an opportunity to address major security issues; the Windows XP Service Pack 2 for example added major new security features including the Windows Security Center, a firewall, an early version of Data Execution Prevention (DEP) technology, and various other security features. But, possibly due to the benefits of Microsoft's Security Development Lifecycle, Windows 7 is widely considered to be Microsoft’s best and most secure “version one” client operating system.
Service Pack 1 for Windows 7 is more product housekeeping than a radical update. It includes all previously released security, stability and performance updates stretching back to 2009. If your PCs have been kept up to date using one of the Windows Update services, there’s not much to gain from rushing to install this service pack. By the way, Windows 7 SP1 smaller if you update using Windows Update, as there are only minor updates and tweaks to the operating system to download.
If your PCs aren't fully patched, then I would definitely look to install Service Pack 1 soon, as there have already been some high-profile fixes released, such as MS10-061, which fixed the Windows Print Spooler Service vulnerability that was used by the Stuxnet worm. Discussions on various forums suggest there are no widespread installation issues with SP1. I would still run Microsoft’s System Update Readiness Tool to check for any potential conditions that could cause problems; for example, there have been problems reported on systems that have Phyxion's Driver Sweeper utility installed. You can also create a manual System Restore point or an image backup of the system drive before installation so you can roll back the update in the event of a problem.
If you're a network administrator and want to test SP1 before deployment, you can use the Internet Explorer 9 as it will install any missing system components that are part of SP1.
Dig Deeper on Windows Security: Alerts, Updates and Best Practices
Related Q&A from Michael Cobb
A malicious app called Black Jack Free was able to bypass Google Play's app store security. Expert Michael Cobb explains the threat and how ...continue reading
SandJacking, a new iOS attack technique, uses an XCode certificate flaw to load malicious apps onto devices. Expert Michael Cobb explains how the ...continue reading
Oracle has moved from using a modified version of CVSS v2.0 to CVSS v3.0. Expert Michael Cobb explains criticism of the old version, and the changes ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.