With Microsoftís latest service pack one thing is certain; security is definitely a huge deal for Microsoft and it shows with the beta that I am reviewing today. I can just imagine Steve Ballmer chanting to the XP developers ďSECURITY, SECURITY, SECURITY, SECURITY, SECURITY, SECURITY!Ē. If he did then he must be an excellent communicator because this latest incarnation of Service Pack 2 is loaded with new and improved security features.
I am going to hit the highlights and go through what I see to be the most obvious and important changes to XP in SP2.
The SP2 beta I installed was from CD. It took about 25 minutes to install which is comparable to what SP1 was. Nothing special to report as itís largely the same install process as SP1.
Included is the option to backup your files and if you have system restore turned on you can undo the SP2 installation later as well.
The control panel contains a new group called security options.
From the new control panel item you can get directly to the Internet Connection Firewall which is being renamed to Windows Firewall.
Windows Firewall received some significant updates since the last version. After installation, the new Firewall automatically enables itself by default. This change will significantly increase the security of people connected to the Internet. I canít tell you how many machines I have seen without the firewall enabled that could have prevented the worms that made their rounds the past couple of years.
Windows Firewall now has the ability to monitor outgoing connections as well as incoming which was a big feature missing from the previous version. You can enable network access per app, per port, and can even restrict applications to responding only to communication requests from the local subnet. They really did a good job here and I believe it to be very easy to use.
As you use applications that need access through the firewall you get a popup asking you if you want to allow the application to run.
This was the first thing that I checked out after installation. I really, really like the new firewall in SP2. I have used Tiny Personal Firewall, Kerio, and Zone Alarm, but through all of these I prefer and recommend this new firewall. It's simple, functional, and doesnít bring the computer to its knees when running.
Internet Explorer also received a number of security enhancements but I am sorry to report that a lot of the known rendering issues with Internet Explorer are still not fixed. As far as I know the rendering engine hasnít changed at all from the previous version. With having said that, there are many changes to like here for every IE user out there.
IE finally includes a popup blocker! It does the job and is pretty simple to use.
At the bottom right hand corner of IE a new icon is added that shows you when popups are blocked and a sound is played when any popups get blocked.
You can add exceptions to the popup blocker if sites you visit require this functionality to work.
This should finally push all of the advertisers away from popups to more menacing means of advertising like the full page flash ads or the whole page ads in-between pages.
My favorite new feature for IE is the Add-ons manager. Whenever an activex control is asking to be installed a new dialogue pops up as usual asking you if you want to install. With SP2 the default action is cancel. You answer this question once and thatís it for the page. If I had a penny for every time I have been browsing around the Internet and someone decides they want to install software on my PC, I would be a very wealthy man. If I clicked no and it would ask me the same question four or five more times before I could get out of the browser window. The great thing is I now have the ability to disallow the installation of certain resource hogs that poor souls still run on the Internet.
Additionally you can now remove all of the cruft that installs itself into IE. Previously I didnít know of any way to remove add-ons to IE if the applications didnít include an uninstall utility. Shady Internet Marketing companies would trick users to install their software and include their toolbar on IE without any way of getting rid of it. I have seen a ton of computers like this and the users end up feeling helpless and hate the stuff that installs. Fortunately, users now have the ability to manage what add-ons run with IE.
You can disable/enable add-ons on the fly and can even update them.
After these new updates I feel a lot safer browsing the web with Internet Explorer. The one feature that I really enjoy that is lacking right now are tabs. Unfortunately, I think I might have to wait until Longhorn is released to get this feature built into IE and even then itís not guaranteed. The rendering engine for IE is also largely unchanged which is disappointing seeing the improvements being made to competing browsers like Safari and Mozilla/Firefox. That being said I remain a staunch user of IE as those browsers still donít match up with IE but are getting closer every day.
The big change that I see in Outlook express is blocking external HTML content like images and script. This is important because it will prevent spammers from knowing when you read the 500th email they send you about refinancing your home. Images that you receive in HTML email will now be blank and marked by a red x.
If you wanted to see the images you can just click the toolbar and it will download the images. This feature is a lot like MSN 9ís and Outlook 2003 although MSN and Outlook both have far better implementations. If you donít like this feature you can turn it completely off.
Windows update is also updated in SP2. The build I reviewed uses the new v5 Windows Update site, which is a decided improvement from the current version employed in XP. I am not going to review the website as I am sure it will change some more before release and is not an required process for people now with autoupdate.
The autoupdate component of windows update has changed a bit as well.
When the AutoUpdate find updates you will get a popup window asking you to install them. This then starts a new UI for updating windows:
Hitting express install will install everything Windows Update found for your computer. Custom Install lets you choose which updates you want to install and more importantly lets you look at the details for updates you are installing.
With the new update process updates can now prompt you to agree to EULAís. I am not sure I am too happy about this. It seems odd that a critical update would require its own EULA. This is something that the Mac OS X update utility does which I think is incredibly boneheaded. I suppose its required so all of the lawyers have something to do to keep making a living.
Click next and the window minimizes to the system tray and you can continue your work.
After installing your updates Windows Update will ask you to restart if needed:
If you donít restart immediately you will start getting reminder bubbles to restart your computer. These get annoying fast and make it easy to remember to restart your computer after an update. This will hopefully annoy people into rebooting after installing updates, although maybe a guilt trip would make it easier. Something like ďif you value your data at all reboot now or I am going to erase your presentation due at work tomorrowĒ. Maybe something like that would work better.
All in all the update process is simplified and easier to use. I donít see my parents having any trouble with this system at all. The previous version I didnít think passed the mom test, so kudos to Microsoft for making this process easier.
Wireless connections are now much simpler to setup in SP2. The biggest changes are mostly cosmetic but make wireless connections much easier to work with. The new GUI is much easier to understand and it seems faster recognizing my network than the previous version.
In the system tray the network icon has now changed to reflect the type of network connection. You can immediately tell which network you are using by glancing at the system tray, which is going to make my job troubleshooting network connections easier.
Additionally SP2 includes built in support for WPA which is a new encryption standard for wireless networks. WPA is much more secure than WEP and most of the newer access points support it. I have the Microsoft MN700 and it works great with WPA. The best thing I like about it is using the Pre Shared Key I can use a normal strong password that I can actually remember as opposed to 26 digits.
The coolest thing about all these updates is that they are all for free. I have an apple laptop and in order to move my wireless infrastructure over to WPA I had to purchase the latest OS from Apple to get that functionality. Obviously thatís not a good thing and my primary purchase decision was based on getting WPA functionality. I canít even imagine the uproar if Microsoft did something similarÖ
Additionally SP2 includes support for Bluetooth adapters natively. I donít have a Bluetooth transceiver or any Bluetooth devices so I couldnít test this feature. If anyone wants to send me a Microsoft Natural Bluetooth Keyboard I would be happy to test this out.
Remote Desktop Concurrent Sessions
SP2 brought with it a lot of hype concerning concurrent remote desktop sessions. I can report that the bits are in SP2 but to enable them you have to change some registry keys. It works beautifully and the system seems responsive even with two people using my desktop, a middle of the road computer.
You can have one person logged in at the console and another come in over remote desktop. Or you can have two people logged in on remote desktop as different user accounts. My apple laptop I now use primarily logged into my desktop through remote desktop. This is really a great feature and makes SP2 an extremely attractive update just for this feature alone.
feature that I have read about but couldnít test is the new Execution
Protection. Newer processors from AMD include new instructions to make
windows computers secure. Execution Protection allows Windows to mark areas
of memory as non-executable unless they explicitly contain executable code.
This should help to prevent a large majority of the buffer-overrun attacks
that have plagued Windows over the past couple of years. This feature gives
me a good excuse to go purchase a new AMD64 machine
Windows XP Service Pack 2 is already great update and I canít wait till it gets out of beta and is released. Until then, the improvements will only get better. Other items of note are the inclusion of Windows Media Player 9 series and Windows Installer 3.0. Stability has been on par with SP1 which is great considering this is beta software.
The fruits of Microsoftís push for security really show in this new update. I can see in the near future a Windows operating system that is going to be THE model for secure operating systems. We arenít there yet but this update is a giant step in the right direction.
ActiveWin.com Featured Partner:
CCIP stands for Cisco certified internet work professional, offering great opportunities for IT professionals with reliable IP networking solutions by employing the devices of the latest technologies competitively. 70-227 exams provide the guidelines for the installation and configuration of MS internet security and acceleration server 2000 along with the basic information about DNS, HTTP, IMAP, FTP, RDP, SSL, HTTPS, SMTP etc. 642-502 exams are designed for those IT professionals who want to be proficient in managing Cisco routing and switching network with safety measures. 70-299 exams have the elective option for the candidates of MCSE and MCSA, providing the latest technological information and expertise for the installation and configuration of MS windows server 2003 network. 70-553 exams of MS certification are very significant for those IT specialists who desire to get updated knowledge of IT industry for the improvement of their professional skills.