Windows XP Service Pack 2 (SP2) is a complex update with many ramifications for IT pros. TechRepublic’s Windows XP Service Pack 2 Quick Guide drills down on critical SP2 need-to-know areas, with sections on fundamentals, changes that occur after installation, deployment procedures, problem areas, and removal.

The Microsoft Windows XP Service Pack 2
(SP2) Network Installation Package has been available for just over a week at
the time of this writing. Reading through the discussion
stemming from TechRepublic’s initial request for first-hand accounts
of the deployment of this rather large pack leaves a decidedly mixed

Generally speaking, most TechRepublic members who used the SP2
Network Installation
Package found deployment to be non-eventful but
time-consuming. However, as is to be expected with an installation as massive
and all-encompassing as SP2, some TechRepublic members have reported minor
glitches and configuration pratfalls. Let’s take a look at some of the comments
posted in the discussion to see if we can glean some common themes, problems,
and, if possible, solutions to these
deployment glitches.

Initial reaction

One of the first posts in the discussion thread came from
We’ve only installed it on a few machines to see what all changes. I don’t
like how it automatically sets the firewall on by default, but that’s easy to
fix. Other than that, everything went pretty good. It does take quite a long
time to install, 30 minutes minimum and up to an hour and a half on some. There
are some cool features that users will have to learn and get used to though. IE
now has a built-in pop-up blocker as well as other things. All in all, good job

This post established the first major theme of the thread: that the SP2
deployment is generally smooth and uneventful.

The majority of posters expressed
similar findings to those of Joseph Moore, who shared this
I pulled it down on Monday and installed it on my machine (as a test
before we even consider rolling it out to users). I had previously run SP2RC1
(which I uninstalled after a month), but this official SP2 was much

IE is working a little faster than before (about as fast as Firefox, I
think). Plus, the new pop-up blocker is good (but then again, Firefox does this
as well).

I’ve got the Windows Firewall enabled on my LAN NIC, with a couple of
ports open (I do let local users hit a shared folder on my machine when needed),
and that seems to be fine. The alerts when new programs try to connect to the
Internet are working (same idea that ZoneAlarm and other firewalls

The only problem was, it took a few reboots initially for my sound card to
be recognized, but that calmed down.

And the only other problem that is still outstanding is a driver
incompatibility with InterVideo WinDVD v3. Since SP2, WinDVD will not play any
DVDs, as soon as the video playback starts, WinDVD crashes.

I’ve opened a case with InterVideo on this. I could buy an upgrade to v5
of WinDVD, but I don’t want to (my IBM Thinkpad laptop came with v3 of WinDVD).
We will see if they recommend the upgrade to v5 or something else.

Minor problems

Other minor problems began to appear in the discussion thread, like this post
from TheITConsultant, who solved his NERO problem and shared it with
TechRepublic members:
After installation of SP2, NERO Burning Rom rebelled with an error
message: “NERO has known compatibility issues with this version of Windows.”
However, a trip to the NERO site at showed
that they have a 27 megabyte update for the NERO program that addresses this
issue just fine and a 9 megabyte download for the UDF program. I hope that those
are the LAST of the downloads. King Kong wasn’t this big a monster!

Member Brian Hertziger shared a problem he had with the Cisco VPN
We use the Cisco VPN client, and I believe that the widely used version is
a 3.6, but some have 4, and our IT group has said that the VPN client no longer
works after SP2, so we cannot apply it (as some of us road warriors live by

Member patskinner had the same problem
before updating the Cisco VPN client to version

Updating application software to the latest available version seemed to be
the answer for many of the glitches reported in the discussion thread. In
addition, quite a few members had trouble with third-party antivirus
applications from McAfee and
where the XP firewall prevented the automated retrieval of virus definition
updates. Updating the antivirus software to the latest version and making some
changes to their configuration seemed to solve these problems.

experience was typical:
The significant problem was that my antivirus software ceased to
function. We’re using McAfee’s VirusScan ASaP in conjunction with our SonicWall Firewall(s). The
Firewall enforces antivirus protection; if the antivirus software cannot
communicate with McAfee’s update server, then the PC cannot reach the internet.
All Internet-related functions are blocked. So I had to add all four software
components that were affected to the Exceptions list in the Windows Firewall. In
addition, in the Security Center, I told the system that I would monitor the
antivirus software, as it is not savvy enough to talk to the security center

Microsoft is well aware of the configuration challenges caused by the XP
firewall and its new default On setting enacted by SP2 deployment. The Microsoft Knowledge
contains an article that describes which ports need to be opened for
the applications known to be impacted by SP2. With some initial planning in
place before the actual deployment of the pack, you can save yourself from
after-the-fact frustration. Perhaps cmilliman summed it up the best:
A lot of these posts seem like people are jumping to a re-install/format
scenario when things go haywire. I’m not saying all bad installs don’t warrant
that action…but taking some steps before the install can help people avoid a
complete loss of data/system functionality should a complete failure

More good than bad

The generally uneventful deployment of SP2 experienced by TechRepublic
members so far has both good and bad points. It is good that most IT
professionals and network administrators will be able to deploy and install SP2
to their users with a minimal amount of problems requiring the further guidance
of a professional. However, the flip side means that those IT professionals who
do experience problems will have less first-hand resources to refer to when it
comes to fixing their particular glitch or problem. The lack of common
experience and, by extension, problem-solving knowledge could prove frustrating.
TechRepublic member Experimenter’s experience seems to capture that
frustration in a nutshell:
Installed SP2 all appeared to work well until I rebooted and rebooted
and… went around in circles, ad infinitum, never loading the full system.
It would not boot into Safe Mode, it would not use last known good system. The
only solution was to Ghost an image back and reload data – who says you do not
need backups? Where is the SP2 CD now? You’ve guessed TRASHED! Thanks for a
pleasant evening, Microsoft!

As you can see from Experimenter’s exasperation, in some situations it’s
going to be very difficult to diagnose the problem and/or offer a constructive

Potential trouble

The lack of major deployment problems should also not distract any IT
professional from the potential that this large service pack has for unforeseen
security problems. The TechRepublic XP Service Pack 2 Resource
contains details about deployment difficulties, potential application
conflicts, and solutions to common glitches regarding SP2 deployment.

In addition, reports are starting to filter in regarding recently discovered
security flaws
and vulnerabilities. CNET
has published several stories outlining potential vulnerabilities.
Security researchers have also pointed out that Microsoft has not solved some
well-known issues with a few of the security technologies incorporated into

While the jury is still out regarding the overall effectiveness
of XP Service Pack 2, the early adopters have shown that the initial deployment
is relatively smooth; but they have also shown that it can cause a few minor
problems. So far, these have been problems that can generally be solved with some
planning before deployment and configuration after deployment. It will be
interesting to see what problems will be caused from more widespread deployment,
especially when the consumer-level
version becomes available.