News

Analysts see Microsoft SP2 rolling out with few major problems

• By Rich Seeley
• September 1, 2004

After a month of hype and alarms, analysts say they see Microsoft XP Service Pack rolling out with few major problems, and they seem cautiously optimistic about the patch's ability to fix security holes plaguing the OS.

Microsoft advertises SP2 as a way to 'help improve Windows XP-based computers' ability to withstand malicious attacks from viruses and worms.' The Redmond software giant offers an auto-update for home users with XP-based machines, while IT departments must handle corporate installations.

'It's going reasonably well,' says Rob Enderle, principal analyst with Enderle Group, adding there have been 'no major incidents.'

Simon Yates, senior analyst, computing systems at Forrester Research, agrees, but notes most enterprise IT departments are still early in the process at the end of August.

'The number of downloads has been nominal,' he says. Drawing on firsthand experience, however, he says, SP2 downloaded to his personal PC 'without any problems.'

Once enterprise IT departments begin deploying the patch, Yates expects them to find it a 'fairly straightforward process.' The only holdup is the extensive testing required to check for compatibility issues among the all the applications in the enterprise. Although Microsoft and other software vendors did significant testing to resolve issues beforehand, Yates points out, there's no way for Microsoft to pre-test for all the locally developed vertical applications built on its OS. So, if companies have built or hired consultants to build their applications, they will have to test them to make sure they run correctly once the patch is in place. He cautions that deploying SP2 and hoping for the best can lead to time-consuming troubleshooting if there is a problem with local applications.

'It's hard to fix machine by machine,' Yates says.

Whatever testing needs to be done, IT managers and executives need to make sure to deploy SP2 in their enterprise as soon as possible, urges Enderle. That's because this is a security patch and not a set of cool features, such as enhanced graphics, for end users. Although a feature update can wait, a security patch cannot.

'With security you really don't get a choice,' he says.

If IT puts off SP2 and then its company is attacked by rogue software that the patch would have prevented, IT execs will be held accountable. So his advice is: 'Deploy this as quickly as possible.'

Links: Further information for IT professionals and developers is available from Microsoft at http://msdn.microsoft.com/security/productinfo/xpsp2/default.aspx/ .