To many in the IT industry, it might have been better described as XP Service “Packed” 2.
The glowing tributes I read online this week as Microsoft finally pulled the support plug on the popular Windows update reminded me of the obituaries newspapers run of actors who were often ignored for much of their lives but are suddenly celebrated in death. I was around when Windows XP Service Pack 2 was released, but there was little fanfare at the time. During its successful six-year(!) run in enterprise IT environments, it wasn’t often cited as a great Microsoft success story. Indeed, the favourite comments on Tuesday were packaged around a sense of regret and disappointment, as though Microsoft were at fault for not further prolonging SP2’s life.
I’m not disputing the good comments made, mind you. As the service pack which introduced data execution prevention to block attacks, an on-by-default firewall and a security-service dashboard, this was by any standard as well-developed and comprehensive offering to IT managers. The question is why Microsoft shouldn’t remain focused on maintaining that standard, or continuing to raise the bar.
“It’s the end of an era,” an nCircle executive told Computerworld U.S. Really? Why should we give up on the idea that service packs can not only fill in the security gaps, but include features or functionality that bring increased value to existing IT investments? Particularly at the OS level, this seems more important than ever. Since Windows XP Service Pack 2 was launched in 2004, we’ve seen the rise of botnets, Conficker and all sorts of other emerging threats, far more sophisticated than anything which came before them. The rapid pace at which such potential attack vectors manifest themselves demand more frequent solutions than would happen in a typical upgrade cycle, which means service packs are the ideal vehicle for them.
Microsoft seems to have missed this opportunity. Other than promising extended “downgrade rights” for another 10 years and pushing users towards Windows 7, the company did little to articulate its strategy for building on the plaudits Windows XP SP 2 earned. The security industry’s subtle insult – that all subsequent service packs from Microsoft have been also-rans – has gone unchallenged. Not good for a firm that’s constantly being slammed for its failure to innovate.
It must be frustrating to come up with a product offering so successful that customers turn their nose up at everything which follows, but what better incentive for an in-depth, and perhaps public post-mortem about what went right? (Microsoft certainly endures enough of the other variety.) Instead of treating the end of this service pack as a death in the family, Microsoft – and its customers – should do what they’ve always done: look forward with optimism and imagination to the next generation of technology which will do even better.