XP SP2 greatly improves XP’s network and memory protection and email handling and contains a new firewall called Windows Firewall. Windows Firewall is enabled by default; however, if an application tries to access a blocked port, the firewall lets the user opt to grant the application access to that port. XP SP2 also includes a new Control Panel feature called Windows Security Center, which the figure at Figure shows. Security Center provides an interface to the firewall configuration and ensures that Automatic Update is enabled and adequate virus protection is running. You can manage the Windows Firewall configuration through Group Policy. Microsoft has also enhanced the Remote Procedure Call (RPC) service in XP SP2 to let some parts of the service run with lower privileges (i.e., under the local system context) and make RPC less vulnerable to intruders.
XP SP2 is large (approximately a 250MB download) because Microsoft rebuilt much of the XP code with enhanced memory protection to help avoid problems such as buffer overrun when an application attempts writes that exceed its allocated memory space. XP SP2 also includes code that works with new hardware processor features to block the use of memory areas to execute code, thereby preventing the execution of worms. In addition to providing beefed-up security, XP SP2 includes some “nice-to-have” features, such as a pop-up blocker for Microsoft Internet Explorer (IE) and improved integrated Bluetooth wireless network support.
XP SP2 is a much-needed release that you should take advantage of; nevertheless, you should roll out the service pack with care–it provides several fixes that could prevent your applications from working correctly. Before you deploy XP SP2, test every application on a dedicated test platform and roll out application updates where needed. For example, the XP Messenger and Alerter services are disabled by default in XP SP2. If any of your applications use these services, you’ll need to either enable them or update the application so that it doesn’t use them. As another example, an application that incorrectly addressed memory but worked before XP SP2 will no longer work now that Windows is “fixed.”