Windows XP Service Pack 2 Resources

Overview:
Windows XP Service Pack 2

Windows XP Service Pack 2 promises to be a landmark release. If SP2 lives up to its reputation, XP with SP2 will be more secure "out of the box", easier for non-technical users to secure, and more resilient to attacks than any previous version of Windows.

Service Pack 2 is only recently released, and early reports vary widely regarding application compatibility and stability. You will no doubt read reviews, good and bad, about XP2. Flaws and exploits discovered in XP SP2 will draw enormous attention. The strongest early indictments against XP SP2 express dissatisfaction with anti-spyware measures, disappointment with Windows Firewall, and uncertainty regarding compatibility with antivirus and application software.

Be smart. You can improve the security of your Windows XP computers using SP2, but don't rush into SP2 deployment, and don't overlook other useful methods of hardening Windows XP such as the Benchmark/Security Scoring Tool and Security Templates available from The Center for Internet Security (CIS). You should also keep watch for Microsoft Baseline Security Analyzer (MBSA Version 1.2.1) for Windows XP SP2 Support.

Use the resources on this page to learn what Windows XP SP2 offers and how SP2 alters XP's security profile.

No matter how secure Service Pack 2 proves to be, always think about protecting your PC with layers of defense. Visit Corecom's Phishing and Identity Theft and Spyware Resources for more information.

I will also use my Weblog to post information and experiences about Window$ and other security-related topics, including firewalls, VPNs, spyware, phishing, viruses and worms, and more.

Scan for Spyware before
Installing XP SP2

If you have a choice, a clean install on your primary partition will produce the best result when installing Service Pack 2. If you choose to upgrade, Microsoft and every reputable antispyware vendor recommends you scan and remove spyware before upgrading to XP SP2. The reasons are simple: during the SP2 upgrade, you may modify registry settings and DLLs of "removal resistant" spyware, which can render your system inoperable. Read more about spyware...

Does Windows Firewall have a back door?

Habeñero Networks posted a claim that Windows Firewall has a back door. The claim is that, when logged in as Administrator, anything you run (or any spyware pest that infests your computer) can add an entry into WF's Internet Connection Firewall Exceptions list. This is simply how Windows XP and other OSs work: applications executing from a user account with Administrator priveleges by definitionhave Administrator write and execution privileges. If you want to avoid such problems, create a user account that has no administrator privileges. Use this account for daily work, and only use the Administrator account for program and OS maintenance.

Deployment War Stories

To date, I've installed XP SP2 on 26 systems. I've used several upgrade paths: from XP Professional; from XP Pro with SP1, and from Windows 2000 (using a CD of XP Pro with slipstreamed SP2, see URL below); and clean installs on systems that previously ran Windows 95/98/ME.

I also had a small problem when I upgraded a laptop that had Zone Alarm installed prior to the SP2 upgrade could not access LAN or Internet once upgraded. Reinstalling Zone Alarm resolved the conflict.

I'm using Windows Firewall on eleven (11) of the upgraded desktop systems over WLANs, and 2 on wired Ethernet. I have configured several exceptions (allow ICMP echo, allow MFS/SMB) but have not as yet configured IPsec security policy to restrict outbound traffic.

Thus far, my "users" have had not problems with any program other than Ethereal, and the latest Ethereal for Win32 works fine with all 10/100/1000 NICs. I've had to resolve one hardware driver incompatibility (WinDVD). Casual observation is that SP2 doesn't seem to have an adverse impact on performance.

I'm currently working with several volunteers to upgrade the computing and networking facilities at my daughter's private school. We've installed Windows 2003 and will eventually have 24 client PCs running XP SP2 in a predominantly wireless network. Stay tuned for our migration from WEP with static keys to PEAP-TLS using MSCHAPv2.

Windows Firewall Fails to Start

Windows Firewall service failed to start following every Windows 2000 upgrade I have attempted. While the first incident gave me an opportunity to confirm Microsoft's boot time security, the problem has become annoying. You can resolve the issue by removing a key from the Windows Registry.

WF failed to start on one system I recently upgraded from a Windows XP SP1 OEM installation (Dell Optiplex GX280, 5/22/2005). The indeterminate state of WF seemed to interfere with communications between this system, which ran Watchguard WSM 8.0 and my Firebox X firewalls. Restarting Windows and disabling WF solved the problem.

WLANs and XP SP2

I've upgraded my home and office WLAN networks to 802.11 b/g using a Watchguard Firebox Edge 15W and Linksys WAP54AG Access Point. I'm currently using WPA2 with pre-shared keys and can roam without configuration changes from one AP coverage area to the other. My multi-AP topology improves bandwidth and airlink security over my original installation.

Which Linksys WRT54G Firmware?

During one call to Linksys support, it was suggested I upgrade WRT54G firmware to "improve compatibility" with XP SP2. During a recent installation of a wireless range extender (WRE54G), I was told to downgrade the firmware. Was this a case of "you can extend your range, or you can run XP SP2, but you can't do both?" More...

What does Windows Firewall Really do?

Depending on whom you believe, Windows Firewall either single-handedly breaks countless business-critical applications, or it doesn't do anything. As usual, the truth lies somewhere in between. Before you decide what role Windows Firewall can play in your network, this article can help you sort the myths from realities; learn what Windows Firewall offers; and consider ways it can help your organization improve client system security. More...

Are 10 reasons enough to
upgrade to XP SP2?

Does Windows XP Service Pack 2, which Microsoft claims is "the most important update ever for Windows XP", deliver the promised goods? More...

Linksys WMP54G Client
Autoplay failure

As part of an upgrade of HP Pavilion 6835 PCs for my daughter's private school, I installed Linksys WMP54G WLAN adapters, erased the Windows ME partition, reformatted c:\ to NTFS, and then installed XP SP2. I could not get the Linksys CD to autoplay, nor could I run setup after opening/exploring the CD. I tried other CDs (MS Office 2003, Educational software, and games) and autoplay feature works fine for these.

I succeeded in installing the drivers for these PCI adapters by using "add and remove hardware". XP SP2 does not auto-discover the card, but you can select the adapter, which is identified as an "unknown network controllers" on the list of available hardware, and XP SP2 will detect that drivers are not present. Use the Linksys CD to install the drivers in this way. Windows zero configuration immediately detects available wireless networks, and the adapter works fine.

I still haven't figured out how to install the Linksys client in this 'clean install' scenario, but we don't really need it.

This issue did not surface when I upgraded a Windows 2000 laptop with a Linksys Wireless A/G notebook adapter. XP SP2 detected the hardware and both the Linksys client and Windows zero configuration work as expected.

Windows Firewall Does not Start

On several Windows 2000 to XP SP2 upgrades, I've encountered the error, Could not start the Firewall/Internet Connection Sharing (ICS) Service on Local Computer. Error 0x80004015: The class is configured to run as a security id different from the caller Find the discussion and key here.