I’ve received a lot of email of late asking whether small businesses should upgrade to Windows XP Service Pack 2. I haven’t written much about this because we have an upcoming special on securing a small business network, but I wanted to say unequivocally: everyone should be upgrading to Service Pack 2. Indeed, I strongly recommend you turn on automatic updates, which will cause your system to just magically pick up the update in the next week or two.
There are going to be a couple of minor compatibility issues with SP2, but the bottom line is really quite simple: the days of worrying about the stability of service packs and hot fixes is over, and has been more than eclipsed by the security concerns created by NOT upgrading to the latest and greatest. I published a piece a while back (which I can’t seem to find) in which I discussed my seven laws of security… one of my favorite laws is simple: if an attacker can execute code on your computer, it’s not your computer anymore. SP2 does so much to mitigate common risk areas and attack surface area that I really do think it will have a profound impact on the attack-ability of Windows XP machines.
If you’re running Windows 95, 98, or Me, it’s time to upgrade to XP. Wait a couple weeks, and then buy a $500 machine that comes pre-installed with SP2. If you’re running Windows 2000 I’m changing my tune: I used to say that there was no compelling reason for small business owners to move from 2000 to XP, but with the advent of XP SP2 there is a significant security advantage to XP– it’s time to make the switch, and it should be pretty painless.
If you’d like some more information on XP SP2, I heartily recommend Paul Thurrott’s excellent breakdown of the udpate on his popular Windows SuperSite. If you want to learn how to turn on Automatic Updates, you can read Microsoft’s simple tutorial. If you want to get a jump on things and install SP2 right now, you can download the network installer here (although it is HUGE. I recommend most people just get it through automatic updates.)
As Nike would say, just do it.
SP or not SP, that is the question...
This post is licensed under
CC BY 4.0
by the author.