Windows & .NET Magazine UPDATE--A Look Behind the Windows XP SP2 Beta--December 30, 2003

Discover some of the history behind XP SP2 and learn about Microsoft's new security update processes.

December 29, 2003

13 Min Read

This Issue Sponsored By

Argent Software
http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNT

Panda Software
http://www.pandasecurity.com/gatedefender/

===============

1. Commentary: A Look Behind the Windows XP SP2 Beta 2. Hot Off the Press
- Microsoft Settles Patent Suit 3. Keeping Up with Win2K and NT
- Microsoft's New Security Update Procedure; Improved Office Update Inventory Tool 4. Announcements
- Take Our Print Publications Survey!
- 2004 Dates Announced: Connections Conferences 5. Instant Poll
- Results of Previous Poll: Economic Recovery
- New Instant Poll: Monthly Security Updates 6. Resources
- Tip: Which domain group types are available in Windows 2000 and later? 7. Event
- New--Microsoft Security Strategies Roadshow! 8. New and Improved
- Transfer Data Faster
- Handle Common File Operations
- Tell Us About a Hot Product and Get a T-Shirt! 9. Contact Us
- See this section for a list of ways to contact us. ==== Sponsor: Argent Software ====
NETWORK TESTING LABS COMPARES MOM TO THE ARGENT GUARDIAN
Network Testing Labs, one of the world's leading independent research companies, put together a comprehensive Comparison Paper on two leading enterprise monitoring solutions. Their conclusion: "The Argent Guardian easily beats out MOM in all our tests... The Argent Guardian will cost far less than MOM and yet provide significantly more functionality." Find out for yourself why organizations like Major League Baseball, GE Capital, AT&T, Harley Davidson, and Nokia all rely on The Argent Guardian for their enterprise monitoring and alerting needs. Download this Comparison Paper now:
http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNT

==========

==== 1. Commentary: A Look Behind the Windows XP SP2 Beta ====
by Paul Thurrott, News Editor, [email protected] Back in mid-1996, Microsoft was improving Internet Explorer (IE) at an amazing rate, at one point running the IE 3.0 beta simultaneously with the IE 4.0 alpha. That original version of IE 4.0 was a far different beast than the version the software giant unleashed in late 1997; the original version looked very much like IE 3.0 but included such features as Site Map--a Windows Explorer-style treeview of the layout of the site that you were currently visiting--and integrated FTP capabilities. But then Netscape announced that it would replace the Windows desktop with a project code-named Constellation, describing Windows as nothing more than a buggy set of device drivers. In Redmond, those were fighting words, and if you ever doubted that Microsoft took the Netscape threat seriously, consider what happened next: The company abandoned its original IE 4.0 project and started from scratch on the IE 4.0 version we eventually received. That IE 4.0 version included Active Desktop, which blended HTML and "push content" with the Windows desktop; an integrated IE/Windows Explorer shell; the Channel Bar so that third parties could deliver content to users' desktops; and other features that, in retrospect, were pretty obviously a reaction to features that Netscape had announced. We know how that story turned out: Netscape imploded under its unobtainable lofty goals and a reinvigorated Microsoft dominated the Web, with IE surpassing, then destroying Netscape's offerings for good. Several years have passed since this milestone moment in Microsoft history, but history is repeating itself again this year with Windows XP Service Pack 2 (SP2). This time, however, the challenge hasn't come from a competitor like Netscape. Instead, the challenge has come from the hacker community, which has branded Microsoft's products as insecure with the many massive security compromises these intruders have unleashed over the past year. For Microsoft, the timing is somewhat embarrassing because the software giant has spent the past 2 years telling its customers that the vaunted Trustworthy Computing initiative it had launched would set things right, from a security perspective. However, because Microsoft had indeed turned itself around internally, from a security perspective, it's uniquely positioned to deliver a more secure product in XP SP2 than the company originally envisioned. And that's exactly what the company decided to do. However, increased security wasn't Microsoft's original goal for this service pack. In February, internal Microsoft documentation described a feature planned for XP SP2 called "concurrent sessions." This would have enabled XP Professional Edition systems with Fast User Switching (FUS) enabled (i.e., nondomain systems) to support two concurrent interactive users. The current XP version is limited to one interactive user at a time; this user can be sitting at the XP machine locally or connecting to it remotely through Remote Desktop Connection (RDC), Microsoft's desktop version of Windows Terminal Services. Under the original plan for XP SP2, XP Pro would have supported two users, one local and one remote. This capability would have accomplished two goals. First, it would further differentiate XP Pro from XP Home Edition (an ongoing concern in Redmond) and make the more expensive XP Pro more enticing to users. Second, this feature would make Smart Displays more functional; under the current scheme, when a user accesses his or her XP Pro desktop from a Smart Display, the local system is logged out. Microsoft CEO Steve Ballmer, responding to complaints about Smart Displays, had promised that the company would add concurrent sessions functionality to the product in the future; XP SP2 was one way to accomplish this goal. But, as noted before, things change. First, Microsoft removed the concurrent sessions feature from XP SP2, deciding instead to add the functionality to a future Smart Displays update. (That update, incidentally, might never happen. I haven't confirmed this news yet, but apparently Microsoft is dropping the Smart Displays product line.) So a svelte new XP SP2, containing only bug fixes and security fixes, was scheduled for early fall 2003, about a year after Microsoft released XP SP1. The company sent out several XP SP2 betas to testers and, as you might expect from a service pack, testers had little to say: The updates worked fine and didn't appear to affect the stability or usability of the system. Then summer 2003 came and Microsoft customers were hit by SoBig.F and MSBlaster, two virulent electronic attacks that crippled Windows installations across the globe. Looking suddenly like a deer in headlights, Microsoft's response to these attacks was muted at best. Feebly arguing that it had fixed the code that allowed the attacks weeks or months earlier, Microsoft seemed to be putting the blame on Windows administrators who weren't keeping their systems up-to-date. (For what it's worth, this was the stance I took in a somewhat infamous editorial.) But internally, the company was scrambling to right things, and the first prong of its response would be a reengineered XP SP2. Changing SP2 that dramatically at such a late stage of the game would mean delays, and Microsoft quietly issued a new road map on its Web site that mentioned a second quarter 2004 date, about 9 months later than originally expected and more than a year and a half since the first XP service pack. But although XP SP2 would indeed add new features, to the chagrin of users who took Microsoft's legendary but oft-abused "no new features in service packs" promise at face value, few can complain about the steps the software giant is taking to secure Windows through this release. Indeed, thanks to a variety of safety technologies, the release of SP2 should significantly improve XP's security situation. I've installed the XP SP2 beta on various XP installations and will provide you with a report next week about the new security features Microsoft is adding to this release. I'll also look quickly at Windows Server 2003 SP1, a similar update to the company's server line. Until then, Happy New Year, and thanks for reading!

==========

==========

==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected] Microsoft Settles Patent Suit Microsoft recently announced that it's agreed to settle a patent infringement suit for $60 million with SPX after a US District Court jury awarded SPX $62.3 million in damages. Charlotte, North Carolina-based SPX's Imagexpo unit makes whiteboarding software. The company garnered a patent covering this "method and apparatus for interactive computer conferencing." Imagexpo sued Microsoft, claiming that Microsoft NetMeeting, the videoconferencing software in Windows XP and earlier, infringed on Imagexpo's patent. The two companies began negotiating a settlement in the time between the damages award and the final motions in the case. The settlement obviates the damages award. For the rest of the story, visit the following URL:
http://www.winnetmag.com/article/articleid/41270/41270.html ==== 3. Keeping Up with Win2K and NT ====
by Paula Sharick, [email protected] Microsoft's New Security Update Procedure; Improved Office Update Inventory Tool
According to the Microsoft Security Bulletin Search site ( http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/current.asp ), this year Microsoft published 51 security updates across all product lines, or an average of 4 per month. Of the 51 updates, 25 were for the Windows 2000 platform and 15 were for Windows Server 2003 during the 6 months after the product hit the street. During 2003, we also digested and assimilated 6 cumulative updates for the supported versions of Microsoft Internet Explorer (IE) on every system in the enterprise. In case you missed it, Microsoft released the latest security rollup for IE on November 11. To read more about Microsoft's revamped security update procedures and learn about Microsoft's improved version of the Office Update Inventory Tool, visit the following URL:
http://www.winnetmag.com/article/articleid/41296/41296.html ==== 4. Announcements ====
(from Windows & .NET Magazine and its partners) Take Our Print Publications Survey!
To help us improve the hardware and software product coverage in the Windows & .NET Magazine print publications, we need your opinion about which products matter most to you and your organization. The survey takes only a few minutes to finish, so share your thoughts with us at
http://websurveyor.net/wsb.dll/12237/editorsproduct.htm 2004 Dates Announced: Connections Conferences
Save these dates: Windows & .NET Magazine Connections will be held April 4-7, 2004, in Las Vegas, Nevada. Microsoft ASP.NET Connections, Visual Studio Connections, and SQL Server Magazine Connections will run concurrently on April 18-21, 2004, in Orlando, Florida. Early registrants will receive the best discounts, so go online or call 203-268-3204 or 800-505-1201 to register.
http://www.devconnections.com ==== 5. Instant Poll ==== Results of Previous Poll: Economic Recovery
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Do you believe the technology sector will see a significant economical recovery in 2004?" Here are the results from the 199 votes:
- 53% Yes
- 34% No
- 14% I don't know (Deviations from 100 percent are due to rounding error.) New Instant Poll: Monthly Security Updates
The next Instant Poll question is, "Do you think Microsoft's plan to release monthly security updates will significantly help enterprises with patch-management tasks?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, b) No, c) I don't know.
http://www.winnetmag.com/magazine ==== 6. Resources ==== Tip: Which domain group types are available in Windows 2000 and later?
by John Savill, http://www.windows2000faq.com Three types of groups are available in Win2K and later domains:
- global--This group type can contain user and computer accounts from the group's domain. If you set the domain level to Win2K native or later, global groups can contain other global groups from the local domain.
- domain local--This group type exists only on domain controllers (DCs) and is used to assign permissions to a DC's resources (for member servers, you'd use the standard local group type). Domain local groups can contain users and global groups from any domain in the forest. If you set the domain level to Win2K native or later, domain local groups can contain other domain local groups and universal groups.
- universal--This group type is available only in Win2K native mode and later and belongs to the forest rather than to a specific domain. As a result, universal groups can contain users and global groups from any domain and other universal groups. You can give universal groups access to any resource in any domain.
Take care when using universal groups because Active Directory (AD) stores them in the Global Catalog (GC). Any change that you make to a universal group requires replicating the entire contents of the group to all GCs in the forest (in Windows Server 2003 forest mode, only the changes replicate to the GCs, which requires less replication traffic). Therefore, the best policy is to place global groups only in a universal group to minimize any changes to the universal group membership. ==== 7. Event ====
(brought to you by Windows & .NET Magazine) New--Microsoft Security Strategies Roadshow!
We've teamed with Microsoft, Avanade, and Network Associates to bring you a full day of training to help you get your organization secure and keep it secure. You'll learn how to implement a patch-management strategy; lock down servers, workstations, and network infrastructure; and implement security policy management. Register now for this free, 20-city tour.
http://www.winnetmag.com/roadshows/computersecurity2004 ==== 8. New and Improved ====
by Carolyn Mader, [email protected] Transfer Data Faster
CMS Peripherals announced it will incorporate Hitachi's Travelstar 7K60 hard disks into selected models of its notebook backup and storage products. CMS selected the Travelstar 7K60 hard disk for its 60GB ABSplus Automatic Backup Systems and Easy-Plug Easy-Go (EPEG) notebook hard disk upgrades. The Travelstar offers 60GB of storage space. At 7200rpm, the CMS backup solution incorporating the 7K60 drive will provide data transfer rates 48 percent faster than drives running at 4200rpm. For pricing, contact CMS Peripherals at 714-424-5520 or 800-327-5773.
http://www.cmsproducts.com Handle Common File Operations
MonkeyJob Systems released FileMonkey 9.0, a package designed to handle common file operations by providing an extension to the features currently shipped with Windows. FileMonkey approaches file management by working on thousands of files at a time. FileMonkey can select files by using multiple filtering criteria. You can single files out by name, size, and date. FileMonkey 9.0 runs on Windows XP/2000/NT/98 systems and costs $29 for a single-user license. Contact MonkeyJob Systems at [email protected].
http://www.monkeyjob.com Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]. ==== Sponsored Link ==== NetSupport
Free Trial - Fast and Easy Network Management. - NetSupport DNA
http://ad.doubleclick.net/clk;6823752;8214395;q?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm

==========

===============
This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z

Copyright 2003, Penton Media, Inc.

About the Author

ITPro Today

ITPro Today

See more from ITPro Today

You May Also Like