ARCHIVED: What is Windows XP Service Pack 2, and why should I install it?

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Windows XP Service Pack 2 (SP2) is the latest major update to Windows XP. It provides critical security updates to help protect computers from viruses and intruders.

Specifically, SP2 offers these features:

  • The Windows Security Center, which provides a unified way to manage Windows XP security options
  • The Windows Firewall, now enabled by default, which prevents intruders from accessing your computer
  • The Internet Explorer Pop-up Blocker, which stops most Internet pop-up ads
  • Enhanced wireless security, which simplifies the process of discovering and connecting to wireless networks

For more information about how to obtain SP2, see ARCHIVED: What are service packs for Windows, and where can I get them? and ARCHIVED: At IU, how can I install Windows XP Service Pack 2 from a CD?

Further details about SP2 follow:

  • SP2 makes it easier for an administrator to control security throughout an enterprise and makes it easier to use Bluetooth devices from Windows.
  • SP2 includes DirectX 9 and Windows Media Player 9, which contain security, performance, and functionality improvements over previous versions.
  • Specific changes to the operating system have been made to bring Windows XP into full compliance with the Microsoft/US Department of Justice antitrust settlement.
  • Hardware updates have been made for compatibility with new technology and standards, (for example, USB 2.0 support).
  • Application compatibility has been improved, including specific fixes to enhance compatibility with applications designed for older versions of Microsoft operating systems.

SP2 enhances security in six major areas:

  • It increases the protection of the network.
  • It makes browsing the Internet more secure.
  • It increases the protection of computer memory.
  • It handles email more safely.
  • It makes it easier to update the operating system.
  • It runs the new Windows Security Center

SP increases network protection and Internet browsing security in several ways:

  • Windows Firewall is turned on by default early in the boot cycle when starting Windows XP and late in shutdown to protect against possible intrusions. Windows Firewall is enabled for all network interfaces, and users can make exceptions for certain applications through the Control Panel interface.
  • The Remote Procedure Call service is now more secure, allowing computer administrators to create more permission levels and control which RPC servers are blocked, which are shared on the local subnet, and which are shared on the entire network.
  • Additional access control restrictions have been added to the DCOM infrastructure to limit the risk of a successful network attack.
  • The new SP2 version of Outlook Express is able to block images and external content of HTML email, warn of other applications trying to send email, and control attachments that may potentially be infected.
  • Internet Explorer will now manage add-ons, detect crashes due to add-ons, control whether binary behaviors are allowed to run, and apply the same safety restrictions to all URL objects that were previously applied only to ActiveX controls. It has more control over the execution of all content, and blocks attacks that attempt to use local content to run malicious HTML code. Internet Explorer now requires that all file type information provided by web servers be consistent, and searches files for malicious code. Internet Explorer will forbid access to cached scriptable objects, making it less likely for malicious scripts to capture sensitive data placed in other frames. Internet Explorer can now block unwanted pop-ups and can block all signed content from an untrusted publisher. Internet Explorer can also block signed code with invalid digital signatures, and will display only one prompt per control per page. Internet Explorer will stop scripts from moving or resizing windows and status bars that hide them from view.

Memory protection is increased as follows:

  • The operating system will reduce both stack and heap buffer overruns.
  • Stack buffer security checks are implemented, and cookies are added and periodically checked to detect buffer overruns.

Safer message handling is implemented as follows:

  • SP2 installs Attachment Execution Service (AES), which controls the viewing and execution of files attached to messages in Outlook Express and other applications like Windows Messenger.
  • AES checks to see if a file is safe to view or execute by looking at its file extension, by making sure the MIME type and file extension are compatible, by making sure the sending association is safe, by making sure that antivirus protection is active and up-to-date before a user opens the file, and by checking the current security zone of the message source.

Windows XP maintenance and patching is easier:

  • With SP2, updates are automatic, patches are smaller and can be removed, and there is a centralized user interface for all security-related maintenance.
  • Users can easily set a schedule for the computer to automatically download and install updates, download but not install updates, or notify of updates, or choose to do everything manually.
  • Windows Installer 3 tracks components and enables administrators and users to manage shared resources, customize installation processes, make decisions on application usage, and resolve configuration problems. Windows Installer 3 identifies what patch components do and don't need to be downloaded, and supports more reliable patch removal.

Windows Security Center provides the following features:

  • In Windows Security Center, users can learn more about security and perform any security-related tasks.
  • Security Center monitors the status of three major security functions: the firewall, automatic updates, and virus protection.
  • Security Center knows about the most common antivirus solutions. It has an open interface that third-party antivirus and firewall vendors can use to allow Security Center to detect the presence of their software and report its status.
  • Users can tell Security Center that they have an undetected third-party solution, or turn off notifications about specific security vulnerabilities that don't apply in their environment.

The information above is adapted from Microsoft's SP2 site:

For more information on SP2, see the following URLs:

This is document apbh in the Knowledge Base.
Last modified on 2018-01-18 13:55:13.