Although Microsoft is adopting an XP SP1-like stance, the company's decision to prevent pirated copies from installing the XP SP2 update wasn't an obvious one, Microsoft sources told me last week.
The situation is complex: Although the company obviously wants to prevent pirates from reaping the benefits of XP SP2, what happens when electronic attackers use unpatched, pirated copies of XP as worm or virus "zombies" in distributed attacks on legitimate computer users?
"Recent press reports indicating Windows XP Service Pack 2 will install on pirated or illegal copies of Windows XP are not true," a Microsoft spokesperson said."Instead, prior to installing, SP2 will check the operating system's product ID against a list of known pirated product IDs.If the product ID is found to be invalid, SP2 will not install." Microsoft recently delayed the long-awaited XP SP2 from the first half of 2004 to July or August, mostly because the company discovered incompatibilities between the update and some software applications and services.XP SP2 includes various new security-oriented features, such as a new on-by-default software firewall and other technologies that combat electronic attacks.In the end, Microsoft decided that the benefits of preventing pirates from updating their XP copies outweigh the benefits of protecting those systems.
Let's hope that the company made the right decision.
Notice that two of the displayed updates are for WEPOS (Windows Embedded Point of Service) and Windows POSReady 2009.
The others are for Windows Server 2003, which runs the same kernel and many other components as Windows XP.
Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.
The best way for Windows XP customers to protect their systems is to upgrade to a more modern operating system, like Windows 7 or Windows 8.1.
And instead of 100 updates to install after the OS install, you'll just have a handful.