Windows service-pack security options

by  Alan Zisman (c) 2010 First published in Business in Vancouver August 3 - 9, 2010; issue 1084

High Tech Office column

Despite the popularity of Microsoft’s Windows 7, lots of users continue to run its two-generations-older Windows XP – Microsoft claims it’s used on 74% of business PCs worldwide.

And not just on older hardware.

The Vancouver School Board, for instance, installed standardized systems for teachers and students over the summer of 2009, just prior to the Win 7 release. Its choice for the new systems: XP.

If you’re running XP, take a moment to right-click on the My Computer icon (either on the desktop or in the start menu). Pick “properties” from the pop-up menu for a brief overview of your computer, including a note on what version of XP is installed.

If it mentions Windows XP (professional or home version) Service Pack 3, you can jump to the end of this column. But if you’re running an earlier version, then it’s decision time. Microsoft dropped support for Service Pack 2 (SP2), including security updates, on July 13. Earlier XP versions – SP1 and the original 2001 release – have long been unsupported.

If you’re running SP2 – despite Microsoft’s having announced its plans to drop support for SP2 back in April 2008, you’re not alone. Earlier this year, Softchoice surveyed more than a quarter-million corporate and government PCs in 117 U.S. and Canadian organizations and found almost half running XP SP2. Its research note suggests that nearly 80% of organizations surveyed face potential security risks due to the large numbers of SP2 systems in use.

Microsoft and the IT industry want you to run out and buy new hardware running Windows 7. But if your current systems are meeting your needs, the end of support for Service Pack 2 doesn’t mean you have to replace your systems right now.

On July 14, all those SP2 systems started up as normal and continued to run as well as they did the previous morning. And while staying current on security patches (for Windows and all your applications) is important, there’s a relatively straightforward – and no-cost – way to stay on the upgrade pipeline. XP Service Pack 3 has been available since mid-2008 and will be supported through April 2014.

To get SP3, start with Windows or Microsoft update. If it isn’t listed there, this link will take you to Microsoft’s page and let you download and install it manually. Don’t be put off by the description that it’s for “IT Professionals and Developers.” Although Softchoice’s report suggests that for an organization with a large number of SP2 systems upgrading to SP3 is a “not insignificant task,” upgrading one or two computers is well within the capabilities of a home or small-business computer owner.

(The minority of users running 64-bit Windows XP versions don’t have an SP3 update; they will keep getting updates until 2014 with no extra effort.)

Along with checking whether you’re running a no-longer-supported version of Windows, take a moment and check your version of Internet Explorer.

Windows XP comes with IE6, a version that’s also two generations old. Microsoft is finding it increasingly difficult to support this old version. The attacks earlier this year on Google were limited to systems using IE6. Following those attacks, Microsoft’s Security Research and Defense blog urged users to move to the newer Internet Explorer 7 or 8 versions, which offered “reduced risk to the exploit.”

Moving to Windows 7 would get you a new version of Internet Explorer as part of the package, but newer versions of IE can be installed onto Windows XP systems.

So the end of official support for Windows XP Service Pack 2 is no cause for panic. Free updates to XP Service Pack 3 and a newer version of Internet Explorer will help keep your current hardware and software usable and updated.

Just don’t forget: following these steps is important to keep Windows XP systems secure, but they’re in no way the full-meal deal to keep cyber-safe. Firewalls, up-to-date anti-virus and anti-spyware software, and – perhaps most of all – care and thoughtfulness online remain necessary even if Windows is fully patched.