I understand that Windows XP Service Pack 2 (SP2) will be out soon. How important is this service pack to security, and why should we install it?
XP SP2 is all about security. SP2 replaces Internet Connection Firewall (ICF) with Windows Firewall, which is designed to remain active on all network connections at all times—even when you're in the office and connected to your trusted intranet. This change alone should provide some immunity from worms that break out on internal networks. SP2 also includes numerous security enhancements to Windows Messenger, Microsoft Internet Explorer (IE), and Microsoft Outlook Express and some important low-level security enhancements to networking and memory management. You can learn more about SP2 at Paul Thurrott's SuperSite for Windows at http://www.winsupersite.com/reviews/windowsxp_sp2_preview2.asp and on the Microsoft Web site at http://msdn.microsoft.com/library/default.asp?url=/library/ en-us/dnwxp/html/securityinxpsp2.asp.
SP2 is so important to the security of your network that I recommend you start testing it as soon as possible. SP2 can break things, though, so perform a thorough impact analysis first and learn how to tweak SP2's many new options. When you're ready to install SP2, Group Policy will help you roll it out to workstations automatically. You can also use Group Policy to configure Windows Firewall and SP2's other settings, so you have no excuse for leaving desktops unpatched.