News Stay informed about the latest enterprise technology news and product updates.

Microsoft tries to clear confusion over SP2

Service Pack 2 has been plagued by a reported security glitch and a list of applications that must be tweaked for compatibility.

A week after releasing Windows XP Service Pack 2 to enterprises, Microsoft is trying to quell confusion over an apparent security flaw and applications that won't work without adjustments.

The software giant acknowledged Wednesday it's investigating reports of a method attackers can use to bypass SP2's Attachment Execution Service. The feature is designed to help protect users from executing files from unknown sources or untrusted locations.

Read all about XP SP2

Enterprises should educate users before deploying Microsoft XP SP2
Despite significant advances in security software and configurations, experts say that Microsoft XP's Service Pack 2 (SP2) shouldn't be implemented without first educating the user base. Incompatibility issues are another concern.

XP SP2 finally arrives. Now what?
IT managers say they'll study Service Pack 2 very carefully before deploying it across their networks.

Keeping your cool during an XP SP2 installation
This desktop Windows refresh is no ordinary service pack, and its complexity will test the skills of administrators deploying it.

XP SP2 security features at a glance
A quick look at what you get once the security-oriented update is finally installed.

"Microsoft has investigated these reports and is not aware of any instance in which an attacker could specifically bypass the service in e-mail or a Web browser to allow a malicious attacker access to a user's system," a company spokesman said.

Though the company reiterated its recommendation for users to turn on Automatic Update, it has delayed using the service to distribute SP2 for a week. "To provide corporate customers with additional time to configure Windows XP-based machines running Automatic Updates, we have adjusted the AU delivery date to Wednesday, Aug. 25 for Windows XP Professional customers only," a Microsoft spokesman said. "We made this adjustment … in response to customer feedback."

Meanwhile, antivirus vendors whose applications are on the tweaking list are trying to reassure customers that their products will work with SP2. The list on Microsoft's Web site includes directions on how to make everything work properly and includes applications from New York-based Computer Associates and Cupertino, Calif.-based Symantec Corp.

Symantec released a statement within an hour of SP2's release to manufacturing Aug. 6 saying its products work with SP2. The company clarifies on its Web site that while it is compatible, the Windows Security Center feature in SP2 may indicate otherwise.

"By design, Symantec includes tamper-protection features to make it difficult to scan the status of its products," the company said. "As a result, the Windows Security Center can detect the presence, but not the status, of some Symantec security software." The company is developing an update to ensure the security center shows the status of its products as "green (on)." It also announced that its 2005 product line is SP2 compatible.

Computer Associates's CA ARCserve, eTrust 6.0.100 and eTrust 7.0 are also on the list. Toby Weiss, senior vice president of eTrust security management solutions for the firm, said those are older releases that can be tweaked for compatibility on the company's support site. "Our newest solutions work with SP2 out of the box," he said.

Weiss said IT practitioners shouldn't be discouraged by SP2's challenges. "Any big change like this requires a good, careful management process," he said, adding that experts have said all along that "testing is key, and some tweaking will be needed along the way."

SP2 is designed to make Windows XP more ironclad against attackers who have successfully exploited its multiple security holes, most recently in the form of Sasser, Dowload.ject and new strains of Mydoom. Among its security enhancements, SP2 turns on the Internet Connection Firewall (ICF) by default, closes ports except when they're in use and improves the firewall configuration interface. It also improves Internet Explorer controls and user interfaces to block malicious ActiveX controls and spyware.

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.