Windows XP Service Pack 2: Install With Care


The real surprise with Microsoft Windows XP Service Pack 2 isn't potential compatibility issues, but the mayhem that can occur when SP2 is downloaded onto a system.

CRN Test Center engineers evaluated a release candidate two (RC2) version of SP2, and upon completion of the install on three out of five systems, the machines blue-screened. A message stated that "winserv" was missing. The blue screen occurred on both Advanced Micro Devices (AMD) and Intel platforms, and all systems were running Windows XP Pro with Service Pack 1 installed. Every possible avenue to get back into Windows failed.

To remedy the problem, CRN Test Center engineers reached out to Microsoft. The company provided instructions on how to work around the blue screen and uninstall SP2, but it didn't answer questions on what causes the blue screen or the specific systems that may be affected. Microsoft recommended using the Windows XP recovery console to boot the system and then accessing the "%windir%\$NtServicePackUninstall$\spuninst" folder.

Once in the folder, engineers had to rename "spuninst.txt" to "spuninst.bat" and execute the batch command "batch spuninst.bat." When that process was completed, a rollback of the Service Pack file should have occurred. That didn't happen. So the batch file had to be executed a second time, and then access to Windows XP was restored--but with some caveats. Once back in the Windows operating system, Test Center engineers had to open the registry and set "HKLM\System\CurrentControlSet\Services\RpcSs\ObjectName" to "LocalSystem." Next, engineers executed the "windir%\$NtServicePackUninstall$\spuninst\spuninst.exe," which prompted additional rollback changes to the registry.

After that process finished, some interesting events occurred. The rollback process uninstalled every device that existed in the PC. Network cards, video cards and all system resources were uninstalled. The PC was able to recover all of the uninstalled items, except one, upon a reboot. The graphics card, the Matrox Millennium P650, couldn't be recovered. Engineers tried to reinstall the drivers but, oddly enough, the Matrox folder was erased from the system and unable to be recovered. The only way to correct the problem was to go to Matrox's Web site and download the drivers from the support page.

The rollback also removed SP1; absolutely no remnants of SP1 existed anywhere in the system. To verify that problem, CRN Test Center engineers went to the Windows update page, and SP1 existed as a critical update, which needed to be installed again.

Before applying Service Pack 2, make sure a full backup of the PC is implemented. Imaging software, such as Symantec Ghost or Acronis True Image Backup, probably offers the best defense against problems caused by ill-behaved patches.

Microsoft's objective with Windows XP SP2 is to make it easier for end users to configure and manage security resources via new functionality and stronger security settings. Microsoft hopes the new settings will translate into safer Web browsing and improved security infrastructure for both businesses and individuals.

The smoke around the campfire, though, is that SP2 will wreak havoc on many security and firewall software utilities, forcing a redesign of antivirus suites, e-mail clients and firewalls. Test Center engineers installed SP2 on systems with utilities including Panda Software, Trend Micro, Symantec and Avast antivirus software, and all worked seamlessly. Symantec recently claimed that folks who download SP2 will need a Norton patch to co-exist with SP2. Yet Test Center engineers found that not be the case.

The functionality that SP2 brings to the table may make many third-party security utilities--such as popup blockers and software firewalls--obsolete. That functionality may push many security ISVs to rethink their marketing strategies.