Windows XP Service Pack 2: a first look
The forthcoming Service Pack 2 for Windows XP is actually a significant upgrade for Microsoft's OS, delivering much-needed security enhancements. We highlight the key changes.
Service Pack 1 (SP1) for Windows XP, which was about 130MB (compressed) in size, fixed 324 errors in the operating system. Service Pack 2 (SP2), which will ship in mid-2004 at the latest, is nearly three times as large, at 360MB (Build 2082). The main focus, apart from the fixing of well-known problems, is on security. More and more of today's PCs have always-on Internet connections. Although business computers are relatively well protected against Internet-borne attacks by corporate firewalls, this is not generally the case with home PCs. Microsoft is partly responsible for this undesirable state of affairs: after installing Windows XP the integrated software firewall (Internet Connection Firewall) is currently switched off by default, leaving the system unprotected from hacker attacks. Last year's Blaster worm proved how important a firewall can be: even today, a newly installed Windows XP system will be infected after few seconds' connection to the Internet if the firewall is deactivated and the Blaster patch is missing. XP SP2 offers improved security in four areas:
(1) Improved network protection
(2) Protection from memory overflow
(3) Safer email handling
(4) More secure Internet browsing
The following pages describe these changes in more detail.
Improved network protection
Network protection is greatly improved in Service Pack 2. Windows Firewall (previously called Internet Connection Firewall) is now always on, and is also more configurable. The firewall now protects the computer against attacks during startup: the network driver is only loaded once Windows Firewall is activated. Likewise, when shutting down, the firewall provides effective protection by switching off the network driver first.
As mentioned above, Windows Firewall is always active, with all network connections. The user can configure the firewall by default, although the network administrator can disable this option in the profile editor if necessary.
There is also better access to Windows Firewall's options. Instead of wading through dialogue boxes, as before, a system tray icon appears as soon as the network connection is active. Security-related features are also gathered together in the new Security Center front end.
Protection from memory overflow
Under Service Pack 2, protection from memory overflow -- which can be exploited by malicious code -- is ensured by new processors that support the NX (No eXecute) feature in hardware (AMD Athlon 64, AMD Opteron, Intel Itanium).
PCs that use the Pentium 4 and other chips that do not offer hardware-enforced execution protection (the NX feature), must rely on execution protection built into the operating system. However, this procedure – known as 'sandboxing' -- is not as effective as the hardware implementation in NX-enabled chips.
AMD and Microsoft are currently planning a campaign to promote the value of the NX feature to users.
Safer email handling
Many worms, viruses and Trojan programs arrive via email as attachments. In Service Pack 2, Outlook Express matches many of the security features of the fully fledged Outlook application.
Outlook Express can now block pictures and HTML content in external email, and prevent potentially dangerous attachments from being opened.
More secure Internet browsing
With Service Pack 2, Internet Explorer finally provides an effective pop-up blocker. This feature has been available since 2002 in the form of third-party add-ons such as Crazy Browser, which adds a tabbed interface and a smart pop-up blocker to the IE engine. Microsoft has taken until 2004 to implement something similar.
However, a pop-up blocker does not make the browser safer – that is provided by the new Manage Add-ons feature. The new Internet Explorer prevents dangerous HTML code from being implemented on the local PC by listing add-ons in the Manage Add-ons dialogue box, where they can be enabled or disabled by the user. If a Web page tries to load a disabled add-on, a warning is given – however, the user can ignore the warning and permit Internet Explorer to execute the code.
In our tests, Internet Explorer warned about the execution of parts of the iBench Internet benchmark, even though this contains no dangerous code. If such errors persist in the final version of SP2, some companies' intranet applications might be affected. The warning might concern many users, resulting in an IT support call -- which surely is not the intention.
Improved Windows Update
Microsoft recommends that you activate its automatic update service. Currently it is pointed out during the installation of Windows XP that your PC is better protected with Windows Update enabled. However, many users report that automatic updating causes problems. Therefore, this feature is often switched off.
The new update service in Service Pack 2, which automates the installation of patches, also allows individual updates to be removed if problems subsequently arise.
Administrators of large networks should try out this feature first on a single computer. If the feature works perfectly, it can be switched this on for all the other computers on the network.
Performance and memory requirements
A glance at the number of the processes, threads and handles shows clearly that more is happening under Service Pack 2 compared to its predecessors. The fact that Windows Firewall is active and Security Center (which examines all security-related features) runs in the background also makes for a higher memory load.
At the moment, Windows XP with Service Pack 2 is slightly slower than its predecessors. However, this may change when the final version is released.
| XP Service Pack 2: performance & memory requirements | |||
| XP installation | Windows XP SP1 DX9b | Windows XP SP1 (updates 11.3) | Windows XP SP2 (build 2082) |
| Files/folders | 9780/710 | 10104/738 | 11596/830 |
| Footprint | 1,212.9MB | 1,286.8MB | 1,856.7MB |
| Handles | 3,178 | 3,277 | 4,512 |
| Threads | 252 | 242 | 302 |
| Processes | 15 | 15 | 19 |
| Memory | 522.99MB | 522.99MB | 522.99MB |
| Available | 419.4MB | 415.7MB | 391.5MB |
| System cache | 62.9MB | 83.8MB | 130.3MB |
| Kernel memory | 12.6MB | 12.6MB | 16.8MB |
| Paged | 7.7MB | 7.8MB | 11.4MB |
| Non-paged | 4.9MB | 4.9MB | 5.3MB |
| Windows XP startup | 20s | 19s | 25s |
| Comanche4 | 70.6fps | 70.9fps | 70.0fps |
| Business Disk WinMark | 10.3MB/s | 9.9MB/s | 9.4MB/s |
| CPU utilisation | 7.2% | 7.6% | 7.6% |
| High-end Disk WinMark | 24.9MB/s | 25.0MB/s | 26.1MB/s |
| CPU utilisation | 2.96% | 3.2% | 3.4% |
| Business Winstone 2004 | 25.9 | 25.7 | 23.9 |
| CPU utilisation | 55.1% | 54.9% | 53.7% |
Conclusions
With Service Pack 2, Microsoft has clearly made Windows XP safer. Activating Windows Firewall by default should prevent some attacks: for example, the Blaster worm cannot penetrate a system that's protected by a firewall.
Windows Firewall is now more configurable and easier to administer. Microsoft also provides access to all security-related options via the Security Center. Users with systems powered by AMD's Athlon 64 processor enjoy more protection than those with comparable Intel-based PCs: Service Pack 2 activates the NX function in the Athlon 64, which prevents the execution of dangerous code from a memory overflow. Intel currently only offers this feature with its high-end Itanium processor, but may well implement it in it desktop CPUs before long.
Some additions that Microsoft is offering in Service Pack 2 have long been available from third parties, including pop-up blockers for Internet Explorer and protection from dangerous email attachments. Even so, many people exclusively use programs that come with the OS, and these users are now catered for. The integrated pop-up blocker in Internet Explorer makes Web browsing a more pleasant experience, while the protection from dangerous email attachments in Outlook Express is also welcome.
Windows XP with Service Pack 2 now offers the best protection that Windows has ever enjoyed. However, security can still be compromised: if you click on email attachments like 'I Love You', don't be surprised if strange things happen with your system. You should delete emails from people you don't know.
With a firewall -- which for XP users with Service Pack 2 is installed by default -- and an anti-virus program (which does not come with Windows XP), most attacks on your computer can be repelled. But before you start opening attachments all over the place, remember: these measures do not offer one hundred percent protection.
Update
Microsoft has now made Release Candidate 1 (RC1) of Service Pack 2 available for download.
Screenshots