Re: To SP2 or not to SP2?

• Previous message: Krohon: "Re: To SP2 or not to SP2?"
• In reply to: rladbury_at_kittymail.com: "To SP2 or not to SP2?"
• Next in thread: Bob Ladbury: "Re: To SP2 or not to SP2?"
• Reply: Bob Ladbury: "Re: To SP2 or not to SP2?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 18 Mar 2005 16:16:26 GMT

On Thu, 17 Mar 2005 22:19:55, rladbury@kittymail.com wrote:

> I'm sitting on the fence as far as downloading the new
> Windows XP Sp2 service pack. I've read a lot of reviews,
> good/bad, but still don't know enough to decide whether
> I should install the SP2 pack. I note that some "security
> people" prefer not to touch any windows updates at all.
> I'd like to get some opinions on precisely why (or if) I
> should install SP2 (after you read my background!). If I
> can determine this thing will be of no use to me, I'd rather
> keep my computer resources intact and avoid it.
>
> I'll go through the PRO's side first, because they don't do
> anything for me:

There are other security-improvements that you didn't list.
Note that some of the most-recent "buffer-overflow" exploits
do not affect computers running SP2 -- Microsoft proactively(!)
fixed many potential exploits, by recompiling most of the source.

In addition, the pop-up blocker within IE does work, if you do use IE.
  
> - Installs improved Firewall:

The "base" one works fine, for an "end-user" computer,
i.e., one not part of a SOHO network. The updated firewall _is_
improved.

> - Security Improvements to IE and Outlook Express: I don't use Internet
> Explorer and avoid it like the plague. I only use it if a site won't
> work with an alternative browser, and even then, I set the security
> settings as tight as I can. I also don't use Outlook, or any MS program
> if I can avoid it.

If you do get a virus/worm/trojan on your computer,
it may exploit IE or OE or Outlook, unless you've patched them.
Either way, your computer is still infected.
  
> - Security Center: This is nothing short of a joke.
>
> - Wireless/Bluetooth Improvements:
>
> - Improvements to Windows Media Player:
>
> - DEP Feature:

> - Automatic Updates:
>
> CON's:
>
> So far, I haven't seen a legitimate reason to install SP2, only many
> reasons not to. Including the fact that you are taking your life in
> your hands if you try to uninstall it (I once trashed one and a half
> years of work trying to install SP2). It takes hundreds of megs of HD
> space, and I'd rather use that for something more suitable, if
> necessary.

Disk-space is cheap!

Yes, it takes some space to download the SP file(s).
When you run the file(s), they unpack to a "temporary" directory --
more space.
It writes a backup of the about-to-be-changed files into an
"uninstall" directory - more space.

When the install is complete, and you're happy with SP2,
you can delete the above files, and reclaim the space.

> On the other hand, I want to do all I can to protect my PC from
> net-based malware, which is the only reason I'm seriously considering
> SP2. If SP2 can protect it in ways that I can not achieve with 3rd
> party software, Windows gurus, please enlighten me.

As I said above, Microsoft has "proactively" patched many _potential_
exploits.
All the updated/recompiled code makes the size of the download of SP2
larger.

> Yes, I realize just installing SP2 means I can begin receiving regular
> Windows updates, which I won't be able to under my present SP1.

Huh? Automatic updating is available in SP1.
(My Computer -> right-mouse click -> Properties -> Automatic Updates
tab)

> But I'm also nervous
> about the Windows Updates, from all the horror stories about people's
> PC's slowing down, crashing or worse, after taking windows updates.
> Hackers always seem to treate new updates and service packs as a
> challenge to circumvent anyway, and I've also read of SP2's security
> being compromised by such hackers. Maybe in that sense, SP1 machines
> are safer?

Safer? Not in my opinion. To be safe:

* run a firewall, to block net-based attacks.
* run a _quality_ anti-virus product (
http://www.my-eTrust.com/microsoft )
   to scan what you allow into your computer via E-mail attachments,
   malicious content on web-pages, P2P-content, USENET newsgroups, et
cetera.
* practise "safe-computing".
* try the free Microsoft spyware-scanner (
http://www.microsoft.com/security )
* update everything (WinAmp, putty, RealPlayer, AcrobatReader, WinZip)
   that you have chosen to install.
* apply SP2, and then allow Automatic Updates to download the post-SP2
fixes.

My $0.03 (CDN).
 

• Previous message: Krohon: "Re: To SP2 or not to SP2?"
• In reply to: rladbury_at_kittymail.com: "To SP2 or not to SP2?"
• Next in thread: Bob Ladbury: "Re: To SP2 or not to SP2?"
• Reply: Bob Ladbury: "Re: To SP2 or not to SP2?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]