Tangled Legacies: XP Service Pack 3 and Vista Service Pack 1

Having learned some hard lessons, Redmond decided to incorporate them into XP. Better late than never.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

(Page 1 of 2)

Microsoft announced earlier this year that there would indeed be a Windows XP Service Pack 3, but that it would be released in the first quarter of 2008 — almost three and a half years after XP Service Pack 2! “Why is it taking so long?” people shouted? My reply: Windows Vista — but not for the reasons you might think.

There’s no question that Microsoft has tried hard to make Windows Vista into its flagship desktop product, only to meet a great deal of resistance from end-users and system integrators alike. XP works fine, the critics say; why ditch it? To that end, Microsoft decided to extend XP’s lifetime as a desktop OS — mainstream support for XP will last until April of 2009, and all forms of support for XP will last until 2014. Thirteen years.

This brings up two questions: 1) Why the massive delay with SP3? And 2) has Microsoft shot Vista in the foot by extending XP’s lifetime? These questions are tightly interrelated, which is why I want to answer them together — and the answers I’ve come up with surprised even me.

The simplest explanation for why XP SP3 has been such a long time coming: Vista. That OS required a massive amount of effort on Microsoft’s part. So much so that the scope of what they were initially attempting had to be trimmed back (something commonly used as a point of detraction). The conventional wisdom was that so many of Microsoft’s development resources were redirected from fixing XP into building Vista that XP was getting short shrift. This is partly true, yet there’s another factor that isn’t being taken into consideration.

Related Columns
Hang On...Why Am I Still Using Windows?

Behind The Curtain of Microsoft's 'Great Oz'

Dell Challenges Virtualization 'Myths'

Microsoft, Sun Green-Light Server Pact

FREE Tech Newsletters

Vista was, and is, a public proving ground for their new security-centric software development process. After getting hammered on – and rightfully so – for allowing Windows and its attendant applications (mainly Internet Explorer) to become vectors for the delivery of an amazing array of malware, Microsoft dropped back a bit and retrenched. Windows, and Microsoft software in general, would have to become more secure, or it would simply not stand up in a world where security hazards are now being sold to the highest bidder. And so began the introduction of all the security features that current Windows users have taken for granted: the firewall, the locked-down-by-default behavior of IE, and so on.

Under that was another layer of security work conducted largely out of sight — but in many ways every bit as essential, if not more so. This involved an ongoing audit with new software tools to insure that Windows and Microsoft applications would be less vulnerable to common attack vectors such as buffer overflows. People giggled up their sleeves, but so far the results speak for themselves. Since their release, Office 2007 and Vista have not been vulnerable to many of the issues that affected earlier versions of Office and Windows in the same time frame.

Next page: Back-porting to XP

Page 1 of 2

1 2
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.