Many enterprise IT managers are delaying for months any rollout of Microsoft Corp.’s long-awaited and often-delayed Windows XP Service Pack 2, saying it is breaking too many of their applications.
As a result of the customer push back, Microsoft, of Redmond, Wash., last week delayed the automatic delivery of SP2 through Windows Update/Automatic Update until the middle of this week at the earliest.
Meanwhile, many corporate customers, though not ready to deploy SP2, are still eager to test the release with their custom and third-party software. To assist these users, Microsoft released last week a tool kit that temporarily disables the automatic download feature of Windows Update/Automatic Update.
In a note to corporate users last week, Microsoft said, “Since your organization may not yet be prepared to deploy Windows XP SP2 … we recently made available a mechanism for temporarily blocking the download of Windows XP SP2 to those machines using Automatic Update.”
Click here to find out why some IT managers don’t trust SP2’s security.
Brian Riley, a senior programmer and analyst at a large U.S. health care services company, is holding off on full deployment after too many red flags. “We have $1.5 billion a year in revenue that rides on our network, and we are not intending to upgrade any clients until we test what it will do,” Riley said. “We are going to test this sucker to death first in a test environment. Straight to production? Dream on!”
Riley said he is also concerned that products and programs developed in-house that use SMTP servers, automatic network updates or automatic file transfers could be broken by SP2. If that happens, “we will not have a clue where or why,” he said.
Microsoft released SP2 to manufacturing Aug. 6 and has made the update available to some customers. PC makers and retailers are likely to begin offering SP2 this fall.
In addition, Microsoft last week published a list of approximately 50 applications —including some of its own—that may not work properly with SP2 without users performing manual modifications. The list includes Web servers, remote desktops, file-sharing applications, FTP clients, multimedia streaming software, e-mail notifications, systems management applications and games.
Some enterprise users, such as Chuck Kramer, chief technology officer at Social & Scientific Systems Inc., in Silver Spring, Md., are surprised by the number of applications that break with SP2, especially those from Microsoft. Kramer said he does not expect to roll out the update of security fixes and patches for several months.
“I just rolled it out as a test to my IT staff using XP, and we have had a few problems. Besides the obvious items it breaks, which even Microsoft acknowledges, we have discovered that it messes with our security,” Kramer said.
Social & Scientific will have to do a lot of training before it rolls out the update to non-IT staff, Kramer said, adding that he is also concerned about the potential spike in help desk calls once SP2 is installed. “One particularly annoying item is the automatic pop-up blocking, which interferes with Outlook Web access,” he said.
“Our current plans, which could change, are to produce a complete set of documentation for our users, taking them through what happens at install, then exactly what they must do before running any other applications. We hope that will cut help desk calls by a large percentage,” Kramer said.
Kramer is unlikely to endorse SP2 for release across the company until October or November. “We have not yet tested it with our Altiris management system to perform the rollout. That is on the plate for early September.
“If I had to venture a wild guess, I would say we won’t endorse it, with some exceptions here and there as security concerns arise, until October/November. It’ll take us that long to complete all the testing and documentation needed,” Kramer said.
Click here to read eWEEK Labs’ review of SP2.
An IT administrator at a major university on the West Coast agreed that early experiences with SP2 have not been encouraging.
“SP2 breaks too much for us,” the administrator said. “The SP2 pop-up blocker interferes with a couple of our major Web-based applications. We already have [Internet Security Systems Inc.’s] BlackIce as a centrally managed firewall, and there have been reports of problems with the Cisco [Systems Inc.] VPN, which a couple of our groups use to communicate with internal systems while at home or on travel.
“Basically, until we have the right patches, registry settings, Group Policy Objects et al. for SP2, which will probably take a couple of months, I’m not going there,” the administrator said.
Microsoft this week published a complete list of resources needed to roll out SP2. This is the first time the company has published the full list in a white paper, and some users told eWEEK they would have liked this information earlier, especially since SP2 has some 600 Group Policy Objects, almost as many as the 800 in the original XP release.
Check out eWEEK.com’s Windows Center at http://windows.eweek.com for Microsoft and Windows news, views and analysis.
Be sure to add our eWEEK.com Windows news feed to your RSS newsreader or My Yahoo page