XP SP2 - at your service?

It was supposed to solve the gaping holes in Windows XP's defences almost at a stroke, and in the run-up to its August 2004 launch Microsoft promised an unrelenting campaign to persuade businesses and individuals to upgrade at the earliest opportunity. But the optimism surrounding Service Pack 2 (SP2) is leaking away by the day.

From today, Microsoft is downloading SP2 into computers that have XP's Automatic Update feature turned on. But such has been the apprehension among IT managers about the 80-100MB upgrade flooding into their users' desktops that Microsoft was forced to issue a tool that temporarily blocks the auto-update feature. This is supposed to give businesses more time to test their internal applications for compatibility. More than 40 applications (including several of Microsoft's own) have so far been identified as breaking under SP2, although many of these are mended simply by opening the relevant port in the new Windows Firewall (which is turned on by default in SP2).

There have also been questions raised about the quality of Windows Firewall (specifically, it lacks outbound blocking, which protects against spyware and is supported by almost all third-party firewalls). Meanwhile, security flaws are beginning to emerge in SP2 that will sow further seeds of doubt in the minds of potential upgraders.

So is SP2 more of a spent round than a magic bullet? Clearly, there are a lot of useful new features in SP2 and it's free, so once you've made sure that all your applications work under it, there's little reason to give it the cold shoulder. But equally clearly, it's no panacea, and unless Windows can overhaul some of its evolutionary baggage to make it less structurally susceptible to malware of all kinds, then it's still going to catch a cold on a regular basis.

If Service Pack 2 turns out, as is likely, to be a plucky but ultimately doomed stand against the forces of darkness, what's next? In the short term, we'll have to carry on regularly patching our systems to counter new threats -- and SP2 will help in this respect. Perhaps Longhorn will provide Windows with a fully functional immune system, but getting there might involve even more delay and a longer list of incompatible applications than Microsoft may feel comfortable with.

What's certain is that the question marks against Windows' security aren't going away anytime soon, and sensible companies and individuals should be evaluating all OS alternatives in the meantime.