Related link: http://www.ttgnet.com/daynotes/2004/2004-34.html#Tuesday
Bob Thompson writes this morning:
“Windows XP Service Pack 2 shows all the early signs of becoming an unmitigated disaster. IBM issued an internal memo telling their employees not to install SP2 until further notice, if ever. Several of my readers have said
that they have no plans to install SP2, despite the fact that Microsoft labels it a critical update. The problem is that SP2 breaks other software. Lots of other software. And the workarounds for a particular broken package, if indeed there are any, can be pretty complex, involving editing the registry, opening or closing particular ports manually, and so on. Not something you want users doing, and not something that IT departments have the resources to do machine by machine.”
I have great respect for Bob, but he’s off the mark with his assertions here. Let me take them step by step.
IBM did issue a memo halting installation of SP2. They did the same when Windows 2000 was first released, saying here were issues with TCP/IP and DNS, as I recall. But what smart company doesn’t delay installing a new service pack for any application, including an operating system, until proper testing has been done? My thinking is that IBM wants to spend a few months ensuring their own applications will work with SP2, which is a smart step.
Perhaps several of Bob’s readers don’t have any plans to install the update, and that’s fine. I don’t see how that is a reliable metric that indicates a real problem with the service pack. I have no plans to buy a new car, but that doesn’t mean I don’t want one or think one would be put to good use. To say that “no plans” is a representative statement of the quality of the service pack is imprecise at best.
SP2 does break software, but it breaks software that was doing security wrong. Microsoft finally says, “Hey, program, we’re not going to allow you to do this that way.” They are enforcing security standards and programs
that break were doing things incorrectly. Besides, SP2 has been in beta for months and months and months. I do know there were last minute changes before RTM, but they broke one-off applications that aren’t in wide, wide use. The fact that Symantec products don’t work is only the fault of
Symantec for not being more proactive in development and testing.
Workarounds to make these products that are all but purposefully broken are complex, and you know why? Because you have to work at making SP2 do things the wrong way. Oh, what a problem.
I’m really growing weary of hearing everyone take Microsoft to task for the company’s lack of fundamental security awareness. These same people then take Microsoft to task for incorporating improvements into an operating system that break other insecure applications. So you want security, and you want applications that work. Don’t blame Microsoft for this one. I’ve been running SP2 for months and months and it’s the most stable OS I have used to date. And I run a business on Linux.
Do you think SP2 is a disaster?