A Few Bumps on the Road to Windows XP SP2

A Few Bumps on the Road to Windows XP SP2

Mary Jo Foley

Since Microsoft began its staged rollout of Windows XP Service Pack 2 (SP2) late last week, there have been a few bumps—but, at least so far, no major potholes—on the road to deployment.

Microsoft has characterized SP2 as a “critical” must-have update. The company’s overriding message is that all Windows XP users should deploy as soon as possible the SP2 collection of security updates and other new features and fixes.

But some customers who want the service pack still can’t get it. And other users who aren’t ready to deploy it yet are finding themselves needing to take extra precautions to block SP2 from downloading automatically.

So far, Microsoft has made SP2 available to its Microsoft Developer Network Universal subscribers. It also is allowing individuals who want to apply the update manually on multiple computers to obtain SP2 and the accompanying network installer tool from its IT Pro portal site.

Microsoft has said it will begin pushing SP2 out to individual users via its Windows Update/Automatic Update feature starting on Aug. 16. PC makers and retail outlets will begin carrying the update in September or October. The company also has committed to providing a CD version of SP2 “soon” for users who don’t have high-speed Internet connections. Microsoft officials have said they plan to distribute widely the CD version.

Not everyone is champing at the bit for SP2, however. Some IT shops have said they are waiting to thoroughly test SP2 with their applications before deploying it companywide.

To prevent SP2 from downloading automatically onto these more cautious users’ systems, Microsoft has developed and posted for download a toolkit that is designed to temporarily disable the automatic download feature of Windows Update/Automatic Update.

Microsoft is warning customers not to be fooled by fake downloads purporting to be SP2.

“All versions of the Windows XP SP2 code distributed through Microsoft’s site, beginning August 9, have a genuine Microsoft digital signature that you can verify by right-clicking and viewing the properties setting. The MD5 checksum of the real file is 59a98f181fe383907e520a391d75b5a7,” according to a corporate statement that ran in some of the company’s free e-mail newsletters this week.

“A network-install version released to MSDN subscribers between August 6-8 did not include this certificate and yields a different MD5 checksum; however, to ensure you have the latest release, we recommend checking for the presence of a valid certificate before installing any network-installable version,” the company warning continued.

Separately, Microsoft also warned users that the current version (1.2) of its Microsoft Baseline Security Analyzer tool is not compatible with SP2. MBSA 1.2.1, an updated version that will fully support SP2, will be available some time later this month, Microsoft officials said.

Microsoft has warned its customer base that SQL Server 2000, Microsoft CRM 1.2 and a few other Microsoft applications are not currently compatible with SP2.

<< Back to home

Copyright © 2004 Ziff Davis Media Inc. All Rights Reserved. Originally appearing in Microsoft Watch.