Cutting through the Service Pack noise

A few days before this writing, Microsoft released its Service Pack 2 for Windows XP to manufacturing, meaning you’ll see it in about a month or two.

It’s one so widely encompassing that one analyst calls it more akin to a full Windows upgrade. It’s also largely security-focused, containing changes to default security settings and a new patch management system, among other fixes. And it came only two days late. All things considered, the process went well. So why does Microsoft find itself at the centre of yet another controversy?

Because in being so diligent in working around security issues, Microsoft has made some concessions, namely around compatibility. So it’s urging IT departments to test the update before rolling it out. Users of Microsoft CRM 1.2 software, for instance, are being asked to download a patch before installing SP2, as the two have been found not to mix.

Surely of bigger concern to Redmond is the reaction of IBM, home to 400,000 Windows desktops. In an internal memo leaked to our affiliate, IDG News Service, officials ordered employees not to download SP2.

“IBM’s large number of Web applications will need to be tested and some modified to work correctly with SP2,” IBM tells its employees in the note. “When the current issues and concerns have been addressed, IBM will deploy a customized version of SP2.”

And, just in case this seemed over simple, Microsoft is also updating its Windows Update Service to accommodate interruptions because, for most users, the download will be between 80MB and 100MB in size, according to Microsoft.

None of this is getting in the way of Microsoft’s advice, which is for XP users to install SP2 as soon as they can.

Put aside the fact that only about 14 per cent of the computing world uses XP. When it comes to this patch, Microsoft is right.

Two issues have plagued Microsoft for years, and for good reason — security and reliability. Windows 2003 and XP helped alleviate the latter, and now Microsoft is working on the former. What’s more, the user community has been calling on Redmond to make security fixes. To say there’s a long way to go is an understatement, but the patch is a welcome addition to the security arsenal.

The only failure here is one of communication — Microsoft should have and must be upfront about the need for SP2, and be frank about the concessions it had to make in order to release it. In theory, developers can work forever on patch. In practice, Microsoft weighed the pros and cons and acted. Now we should do the same.