Administrivia #30768 - Windows XP SP2 Feedback being sought

From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 03/30/04

Date:         Tue, 30 Mar 2004 16:22:38 -0500


Sorry about the list being quite for so long. The enormous volume of
virus laden bounces coupled with a dramatic increase in spam forced me
to dedicate some time to X2KSpamAway. I'm happy to say its now a full
VB.Net Class Dll with dynamic adjustment capabilities, full event log
logging (with source-specific messages, eventIDs and categories!), more
tests including the ability to do "all but these" attachment blocking,
and, well, far too much to mention. Considering I only started with
VB.Net a few weeks ago, I felt the need to do a little bragging given
the limited time I have.

Any, to the point of this message.

With the Release Candidate of Windows XP SP2 now available, hopefully
many of you have started examining it to determine how best to deploy it
within your corporate environments. Given all of the changes included,
there is likely going to be much consternation associated with this.

I would like to gather some of your thoughts together into a FAQ of
sorts, including problems that you've encountered, resolved, or are
wondering about. GPO's and other templates you have developed would also
be appreciated, even if its just the highlights or tricks you've found
to work.

I'll be gathering this info and, based on it and other sources, putting
up a survey together with the FAQ in the next few weeks to get a sense
of what level of adoption we can expect.

Send your comments to

In particular;

1. Do you expect problems associated with clients no longer being able
to accept connections to them by default?

- RPC changes
- DCOM changes
- SMB/TCP blocked
- other ports blocked by ICF

2. Will you have to change your plan on handling patch management after
deploying SP2?

3. Is your network so flat that you can actually use the "Local Subnet"
feature of ICF?

4. Who doesn't expect every Vendor to put their application on ICF's
"Exception List"?

5. Is a Firewall that still cannot block outbound connections all that
useful? There's lots of emphasis on preventing you from getting the next
virus/worm, but little new help if you do (and we all know many of you
will get the next one, and the one after that...)

6. Since Windows Media Player 9 is included in SP2, you're going to end
up accepting its revised EULA in the process. How big a deal is this in
your corporate environment? Will it prevent you from deploying it?

7. How soon will Memory Execution Protection mean anything to your
corporate environment? 3 months, 6 months, 1 years, later. You'll need a
processor that supports setting the NX bit.

8. Do the enhancements to Outlook Express mean anything to you in your
corporate environment?

9. Do you expect, or have you encountered, problems with the Local
Machine Zone Lockdown feature of IE?

10. What impact is WMI 3.0 going to have on your environment? Will you
deploy SUS 2.0 or are you planning on using custom apps/scripting to
make use of WMI 3.0 features?

11. Have you encountered any "largely deployed" application/service
which has broken as a result of deploying XP SP2? I'm not going to
entertain maintaining a lengthy list of shareware or one-off apps that
most don't employ. If you have encountered a problem, please mention
whether or not you have contacted the Vendor and asked about XP SP2
support, and if so, what their response was (if any.)

Feel free to add any other thoughts to this list, but also please take
the time to try and provide some feedback if you have tested XP SP2 in a
corporate environment.

You will, no doubt, notice I have focused this on the Corporate
Environment. While I fully appreciate many of you are not in large
organizations, for the purpose of this exercise I would like to hear
from anyone who has, at least, the following in their consideration;

- Windows 2000 Domain Controller or higher, with or without AD
- At least 25 client machines
- Self-hosted SMTP
- Firewall (which may be a router with ACLs)

Please indicate the number of clients and servers in your organization,
as well as the number of individual users.

Russ - NTBugtraq Editor

NTBugtraq Editor's Note:

Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.

Relevant Pages

  • Re: Upgrading to WinXP SP2 - Which way is best?
    ... Deploying Windows XP Service Pack 2 using Software Update Services ... I need to update to WSUS and WinXP SP2. ...
  • Re: sp2
    ... They are the same internal engine, it's just that XP SP2 Home is missing ... some policy editors commonly only used in a corporate environment. ... Pro has policy editors ...
  • Re: XP SP 2 via Windows Update
    ... a lot of information about how to manage WinXP SP2 ... >ICF settings in a managed environment: ... >Deploying Internet Connection Firewall Settings for ... Microsoft® Windows XP ...
  • Re: VB 2005 Express..NOT OT...really!
    ... but VB2005EE REQUIRES SP2 to be installed on an XP computer. ... "While we want customers to be evaluating Windows Vista, ... Windows XP SP2, think seriously about deploying it. ...
  • Re: BUMP - XPSP2 Deployment via SBS2k3
    ... here is a link to a tutorial that i threw together on deploying XP SP2 ... > add apps to the client thingy but the sp1 works differant, ...