How Will Apps Fare with XP SP2?By Jacqueline Emigh | Posted 2004-08-09 Email Print
IT pros point to Norton AntiVirus, legacy products and some custom apps as particularly vulnerable to incompatibilities with Windows XP Service Pack 2.How huge of a headache will Windows XP SP2 implementation actually turn out to be? The answer will hinge largely on what types of application software people try to deploy, according to security and Windows professionals.
For certain customers, the XP beta has been a walk in the park. Take, for example, DRPA, an environmental consulting company in Houston, Texas.
"We've tested SP2 [Service Pack 2] with our standard desktop productivity applications for more than 30 days now, and we really haven't had any incompatibilities. We've done all our due diligence, and there weren't any showstoppers for us," Stan Hoffman, CISSP (Certified Information Systems Security Professional) and a network engineer at DRPA, said in an interview last week.
"The very definition of 'beta' is software that's still too full of bugs to be released yet as a product," said Ron Martell, a Microsoft MVP who runs an SMB (small and midsize business) consultancy called The Computer Doctor in Duncan, British Columbia.
"I don't see any of my Windows XP customers holding off on SP2 deployment," Martell added.
Still, though, Martell cited a couple of areas that might emerge as lingering concerns, including Symantec Corp.'s Norton anti-virus software.
"For quite some time now, Norton's had trouble working with just about every OS you can think of, anyway," Martell said.
Indeed, Symantec has posted a notice on its own Web site stating that it's working on an upgrade for SP2, to be released Aug. 10. Symantec also has asked customers to postpone SP2 installation until the Norton patch is complete.
Beta testers report on compatibility problems.
Other factors might sometimes be the true culprits. But the postings also indicate that, although Microsoft may have solved some compatibility issues in SP2, other difficultiesboth major or minorremain.
In an April 26 posting to the "general" Microsoft Public Windows XP newsgroup, a user from Autodesk complained that in build 2055 of the SP2 beta, users were unable to access the Autodesk Buzzsaw Web site via Internet Explorer. In build 1096, however, the problem "went away."
In a posting to the "beta" section of the same newsgroup on July 19, a developer from Tech-Pro Utilities claimed that when build 2149 was installed, the company's freeware utilities stopped working.
The developer added that he's discovered a workaround, but that it involves renaming the company's VDSPOPUP.DLL to something that doesn't use the word "popup," and then recompiling the whole app.
During interviews last week, IT pros cited several specific types of apps that might keep glitching. These include remote-access products, older versions of other types of apps, and customized, mission-critical software that integrates customers' business processes.
At the same time, though, some IT pros are also looking forward to SP2 enhancements, particularly on the personal firewall side.
"The Internet Connection Firewall in SP2 is much more like a real firewall. Now, it acts more like ZoneAlarm. If one of your applications is trying to go out and access the Internet, it will tell you. This should be a big help in dealing with viruses, especially Trojan horses," Hoffman said.
Somewhat surprisingly, a Linux administrator and CISSP from San Diego lauded Microsoft for being "forthcoming" about XP software problems.
"Microsoft's been getting information out to people a lot better than it ever did before. The fact that Microsoft is publicizing the incompatibility issueand the press is hyping itshould help to bring attention to SP2," said the San Diego-based security specialist.
"A lot of peoplehome users, especiallyhave been ignoring the need for patches and upgrades, and this has all contributed to the virus mess."
In certain situations, but surely not all, SP2 testing and implementation might not turn out to a very big deal, according to some experts.
"Large companies uniformly perform regression tests, anyway," Hoffman said. Prior to working at DRPA, Hoffman was employed in a network engineering capacity with PM Consulting, Cospace, Rare Medium and Fidelity National Information Solutions/Realec Technologies.
The security pro from San Diego, who works for the San Diego Supercomputer Center, mainly concurred with Hoffman about upgrade testing. But he also emphasized that testing and enterprisewide implementation can take much longer whenever mission-critical businesses processes are integrated into the organization's application software.
In a previous position at SDS (Strategic Data Systems), the CISSP from San Diego performed security consulting across Linux, Solaris, AIX and Windows environments for customers including the U.S. Navy and several major manufacturers.
"Organizations whose business processes are integrated into software will lag behind in SP2 adoption," he said. "They tend to be very slow about putting in security upgrades and patchesand SP2 will be no different in that sense. I wouldn't say it will take forever for these organizations to upgrade to SP2. But it clearly won't be the next day, either."