Microsoft recently released a lengthy list of programs that will not properly run after SP2 is installed. One bulletin, "Microsoft Knowledge Base Article - 875357" explains that the new firewall can create some problems with some software, and explains how to enable those programs. "Microsoft Knowledge Base Article - 842242" lists dozens of programs, many of which are popular, that may not run properly with SP2 installed, citing possible conflicts with the new SP2 firewall. These programs include multi player games played online, and files exchanged through instant messaging programs such as AOL Instant Messenger, ICQ, Microsoft Messenger, or Yahoo Messenger. Also many FTP clients, typically used to upload and download files from an internet server, will have difficulties or conflicts with the Microsoft firewall. Other problems listed where formerly functioning programs may cease to function include multimedia streaming software (such as streaming audio and video; RealPlayer was explicitly mentioned in one published article), and the new mail notification functions of some email programs. According to Microsoft, some of these programs may function if the new SP2 firewall is appropriately configured when a dialog box appears saying that the program has been blocked. According to Microsoft, "1. In the Security Alert dialog box, click Unblock this program 2. Click OK."
Some of the better known and popular programs listed by Microsoft in bulletin 842242 that may have problems after SP2 is installed include Symantec
AntiVirus Corporate Edition versions 8.0 and 9.0; Smarterm Office 10 and Smarterm 11; Cute FTP 5.0 XP; AutoCAD versions 2000, 2002, and 2004; Backup Exec 9.1; Xerox Windows Scanner and Camera Wizard; McAfee NetShield 4.5; and Computer Associates eTrust 7.0. Some popular multi-player games that may not function properly after SP2 is installed include Chess Advantage III: Lego Chess; Need for Speed Hot Pursuit 2; Atari Unreal Tournament 2003; Atari Unreal Tournament Game of the Year Edition; Midnight Outlaw: Illegal Street Drag 1.0; Atari Scrabble 3; and Star Trek StarFleet Command III 1.0. According to Microsoft, the publishers of these titles are aware of the problems and may either provide a patch or upgrade to enable these programs to run on computers which have had SP2 installed. Symantec, the publisher of Norton AntiVirus, has already posted a patch on its website, and is encouraging its users to download and install the patch prior to the installation of SP2. Other antivirus programs, not listed on the Microsoft list, that recently posted SP2 compatibility patches include F-Secure (F-Prot), and Trend Micro (PCcillin), have posted patches to improve SP2 compatibility. Zone Alarm, one of the most popular firewalls, recently posted an upgrade on its website that is compatible with SP2 and which will properly interact with the new SP2 "Security Center".
There have also been several published reports that some (many?) computers will fail to boot after SP2 is installed, despite the notice that the upgrade was successful. Other reports have stated that the upgrade was more difficult to install than expected, and recommended downloading individual patches from the Microsoft website (windowsupdate.microsoft.com) rather than installing the complete package. For these reasons, as well as many other reasons, it is absolutely imperative that a full backup of the hard drive must be created prior to the installation of SP2. With a full backup, if the upgrade to SP2 fails, the computer can be restored to its pre-SP2 functionality.
In other cases, some computers cannot connect to a VPN (Virtual Private Network) due to a "loopback" problem acknowledged by Microsoft in Knowledge Base article 884020, where a "hot fix" is also provided.
Despite its recent release, a variety of sources have already identified real and potential security flaws in computers patched with SP2. With millions of lines of code, it is nearly impossible to have a perfectly secure operating system, and as often happens, some security holes are newly discovered, and as one hole is closed, other vulnerabilities appear. Immediately after the release of SP2, the first new vulnerabilities were identified by security specialists and hackers. One of the first is referred to as a "drag and drop" vulnerability. The vulnerability in Internet Explorer allows a malevolent website to insert a program into the user's startup folder, where the program would load and run the next time the computer is booted.
Some users may have problems loading some legitimate websites in the newly patched Internet Explorer due to its enhanced default security settings. These new default settings restrict ActiveX, reduce popup windows (many popup windows are legitimate and not unwanted advertisements), restrict downloaded files, and may stop Microsoft Java Virtual Machine (MSJVM) from executing. There is not much users can do to resolve these problems, other than lowering the security settings in IE (not recommended) or switching to an alternative browser such as the excellent Firefox or Opera browsers. To help the webmasters modify their web pages to be compatible with the SP2 upgrades to IE, Microsoft has posted a guide on its website, "How to Make Your Web Site Work with Windows XP Service Pack 2".
Despite all of the potential problems, in order to have the security enhancements, I will install SP2 when I get a copy on CD ... but first I will make a full backup of my system, just in case. Murphy is alive and well, and his laws apply now even more than before.
For more information on the Tulsa Computer Society click here