Skip navigation

Understanding the Windows XP SP2 Blocking Mechanism

When Microsoft introduced Windows XP Service Pack 2 (SP2) last August, the company understood that many enterprises and other businesses would want to block access to the update via Windows Update and Automatic Updates. To accommodate the needs of these companies, many of which needed more time to evaluate and test SP2, Microsoft issued a mechanism through which organizations can temporarily block the delivery of SP2.

You can find more information about the SP2 blocking mechanism on the Microsoft Web site (see the URL below), but here's the gist of it: Depending on the method you use to deploy software updates, Microsoft provides several ways through which you can delay or suspend delivery of SP2. If you're not using a managed software-updating tool, such as Microsoft Software Update Services (SUS) or Microsoft Systems Management Services (SMS), you can use a registry change to disable the delivery of SP2.

The problem, for some users, is that the blocking mechanism is only temporary. When Microsoft first provided the mechanism, it stated that the mechanism would block SP2 for only 240 days or roughly 8 months. That time period will expire in about 3 weeks--on April 12, 2005. On that day, Windows Update and Automatic Updates will ignore the registry change and begin delivering XP SP2.

Sadly, the arrival of this date has been met with the same wild rumors and fear that greeted the new millennium. You might have seen some of the crazier articles about this topic, which accuse Microsoft of dumping XP SP2 on its users in a bid to force the upgrade. However, the truth is much less exciting and controversial than the rumors. Here's what's really happening.

First, some background information. For most nonenterprise users, SP2 has been successfully rolled out in phases. Customers could begin manually downloading the update on August 9, 2004, and it began trickling out to beta SP2 users via Automatic Updates on August 10. On August 16, Microsoft deployed it to SUS servers. XP Home Edition customers still running the original XP version or XP SP1 or SP1a gained access to SP2 on August 18, and XP Professional Edition users gained access a few days later.

Since its release, more than 180 million XP users worldwide have successfully upgraded to SP2, according to Microsoft. The negative effects on these users, despite the sweeping security improvements and potential incompatibilities that SP2 introduces, have been astoundingly low. Yes, some users have had problems with SP2, but when you consider the fact that SP2 is essentially a massive OS upgrade, the release has been enormously successful. Microsoft representatives have told me again and again that the expected upswing in support calls has simply never happened.

On April 12, 2005, Microsoft will stop honoring the temporary blocking mechanism for SP2. However, this change won't affect most enterprises because most mid- and large-sized businesses use managed software deployment tools such as SUS, SMS, or other third-party products. This change won't affect consumers, either, because nonmanaged consumer machines have had access to SP2 since last August.

This change will, however, affect the small subset of business customers who've opted to temporarily block the SP2 download because they don't use a formal software-deployment solution. These types of businesses do have a choice to make by April 12. They can opt to manually install SP2 on their XP desktops, or they can simply wait until April 12. Starting on that date, Automatic Updates will automatically download SP2 to all XP desktops.

However--and this is the most important point--Automatic Updates won't automatically install SP2 at that time. Instead, you must first agree to the End User License Agreement (EULA) before SP2 will install via Automatic Updates. If you decline the EULA, SP2 won't install. End of controversy.

You could be silly about all this and disable Automatic Updates. However, I strongly urge you not to do so because Automatic Updates is a vital conduit for critical security patches. So if you leave Automatic Updates on and don't want to install SP2 for some reason, you might simply see a bandwidth hit, although Automatic Updates does a good job of managing the download volume when a user is interactively engaged with the system. Conversely, if you'd like to install SP2 but are worried about bandwidth, download the installation once manually and apply it to each machine locally before April 12. It's that simple.

Windows XP with SP2 will be considered the baseline version of XP moving forward. For that reason and because of all the excellent security updates and high degree of success that businesses have had installing the update, I strongly recommend that all XP users--consumer, business, or enterprise--upgrade to this release as soon as possible. The April blocking-mechanism date is, in most ways, completely irrelevant to that belief. But if you've been putting off the SP2 upgrade for some reason, now is the time to act.

Temporarily Disabling Delivery of Windows XP Service Pack 2 Through Windows Update and Automatic Updates (Microsoft)

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.