A local Microsoft representative says here that the update, which will be provided by Windows Update, will download about 100-150 Mb worth of files instead of 270 Mb required by the current installation program.

Ah, so if I download the larger package, the next time I do my yearly reformat I can install Win XP Pro off the CD (does NOT have SP1) then run the SP2 full package and I'm good to go since this SP2 package has all the old SP1 stuff too?

Usually I install XP Pro then do the "Windows Update" routine, and we all know how long that takes, even on broadband!

I also see people mentioning something about "slipstream". I assume it's a way to install XP and SP2 at the same time (off the same CD I'm guessing). I'll google that one later.

Thanks for the heads up and extra info!


[edit-clarified that my XP CD does not have SP1]
[edit #2-ya know, I really need to read things and not just skim. The original post covers all my concerns ]

Yes it does, and it's so obvious it blew right by me!

Yeah, slipstreaming is the best option, because as soon as you go online from an unpatched XP, your system gets "infected" by worms and stuff. So you need to make sure that your system is protected from all that before you go online for the first time. Check the guides mentioned here on how to slipstream. Just today, i reinstalled from an XP SP2 CD and it went excellent.

There is another other option, perhaps not quite as good. Basically put the SP2 executable on a CD-ROM/seperate HDD partition. You can install XP while the machine is isolated from the Internet, then install SP2.

Howdy Peoples,
Just thought i'd let you know of a program called "Autostreamer"
It bascially does the whole SP2 Slipstreaming for you.
You just tell the prog, what CD drive your XP cd is in and where the SP2 install file is .
It then copies the CD to the HD, adds SP2 then makes an ISO all ready for you to burn!

No having to worry about command prompts for anything!

Check it out
http://www.neowin.net/forum/index.php?show...0&#entry2453585

Download it here:
http://mhtools.knoware.nl/raptor/autostrea...utoStreamer.zip

Thanks To Neowin for the GREAT program!

Cheers,
Burgerings

Bink.nu reports that the release schedule has been changed:

http://bink.nu/?ArticleID=2331

The page with the full package ("network install") has been updated with french and korean SP2.

Shortly after SP2 came out, i made a fresh install from slipstreamed SP2 and i couldn't be happier so far. It's much more responsive than my old install (which was about half a year old), especially bootup and shutdown times have been reduced, even though i have all my programs and drivers installed again. On a friend's PC, updating with SP2 over an existing installation resulted in a few quirks, for instance, his network card is showing some weird warning now. In those cases, i can only suggest to start anew with a clean SP2 install...

I did just the same and I couldn't be any happier.

It was too good to last...

"Flaws in SP2 security features"
http://www.heise.de/security/artikel/50051

meh. as that article says, there is no known way of exploiting remotely. Little concerning though that MS doesn't seem to care though.

To be honest, i don't care about that whole feature. So they're trying to make people aware by forcing a warning on them each time they try to open a file saved from IE. That's only going to numb the users, and after a while they'll try everything to disable it. Same as what happened with ActiveX when it was turned off; each time a warning, and people turned it on again. Okay, MS listened to those complaints and more or less fixed that one in SP2. But now they introduced another one of the "repetition" warnings and it's gonna backfire again... maybe more people will start using alternative browsers

It worked!! Thanks CiTay!!
The only problem is that while installing from the slipstreamed disk, it told me that svcpack.ini could not be copied. I skipped the fileand installation resumed without a problem. Looks like I should have created a dummy file (0 bytes) and placed it in the i386 folder to solve this, but what the heck?

So far, SP2 has been working well. I like SP2 more than anything else. Thanks, bye.

You're welcome, rohangc, i'm glad it works.

SP2 is also available on Windows Update now, for people who don't wanna get the big "network install" package.

I have two quick questions:

• If I make one slip-streamed disk, install WinXP from that disk on multiple computers, but activate windows using the serial key of the disk that came with the machine (OEM), will it amount to piracy? I hope not since technically I activated each installation using a valid CD key. Am I a pirate?
• There is a folder called $OEM$ in the root of my slipstreamed disc. If I delete that folder and then create a disc, will the CD install properly without any problems? Thanks.

If you have a key from an OEM version, you are only allowed to use this key on one single machine (i.e. the system you got the OEM version with). I haven't tried it myself, but I think you won't be able to activate more than one PC with this key.

<rant> It also refuses to activate online again on same PC after reinstalling after RAM/HDD upgrade. </rant>

I guess you guys misunderstood me. I took one OEM CD, made a slipstreamed disk out of it. Using this CD, I installed winXP on multiple machines. However, those machines had come with their own copies of WinXP. Now, the CD key for each of those machines is on a COA sticker stuck on the chassis of the machine itself. I used the individual keys to activate those machines. I did NOT enter the same key in two different machines. All I wanted to know was if installing from one CD and activating using the legal, INDIVIDUAL, keys is illegal. Thanks.

No, you're perfectly in the clear. Microsoft does just that for volume licensing, they provide a few copies of the software, and as many keys as you pay for. Most of the time, the software is then deployed via a network installation method or some such thing.

Well, that's not entirely true. The "volume licensing" for seriously high volumes, all get a volume key, which is used on all the installed machines. For smaller volumes they stick to individual keys though.

Thankg God for that!! And Thank you Otto42 for the prompt reply.

I am forced to roll back my computer to the previous configuration since with SP2 being installed my computer get stuck when right-clickking with the mouse on whatever file. Anyone esperienced the same bug?
Any suggestions to address this issue?
Thank you

That's DivX fault again. Do the following: Go to Start -> Run and type "regedit". In Regedit, navigate to "HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers" and delete the "DivX" entry there. This should solve the crashing. It could also be solved by disabling DEP (as being told by the DivX folks), however that is NOT recommended. DivX should release a fully SP2-compatible version soon.

Howdy,
Did anyone use or have luck using "Autostreamer"?
Cheers

Thank you, I see, the same issue quoted by Roberto.
Thank you so much

I've successfully slipstreamed with autostreamer, quite easy.

However after burning the iso image with burnatonce the boot CD keeps giving me odd errors when trying to boot: setup says that some .inf files are corrupt and setup cannot continue... I've used Isobuster but I couldn't find anything wrong with the CD (all files are readable and the boot image seems to be there). See snapshot for details.

Anyone have any ideas what might be causing this? I'm going crazy here...

Thanks.

a nice review on the topic from the register:
http://www.theregister.co.uk/2004/09/02/wi...ecurity_review/

what a laughable review! This guy actually suggests that services like the DNS client and DHCP client are security holes that should be closed by default.

HOW THE HELL are people supposed to get on the internet without DNS? Maybe he thought it was a server or something. Either way, he should maybe think before blindly trashing on MS for what I think is an excellent update. My guess is I am more qualified to make that conclusion than he is.

EDIT:
He suggests that the web client service be disabled too! HAhAHhahaha

EDIT #2:
Oh MAN! He thinks they should have disabled copy/paste from IE! Maybe we should just all shut down, then smash our computers. That would be secure.

Hey, don't laugh too soon It has nothing to do with basic internet functionality and can be safely turned off. I turned it off myself, because finding other PCs in my workgroup is slowed down tremendously otherwise.

The WebClient service provides WebDAV functionality integrated into the explorer shell. If you don't use WebDAV, then you don't need this service.

WebDAV isn't particularly common. I do know that SpyMac supports WebDAV access, but that's about all I know about it. Do a google on WebDAV for more information.

But Jebus is mostly correct, that register article is a joke. Home users (non-advanced home users, anyway) likely need the DHCP client service running more than most people, especially if they have a broadband router doing DHCP or are connecting directly (where their ISP is giving them addresses via DHCP).

The DNS client service is kind of a misnomer. It's actually the DNS Cache. Disabling it means DNS still works, but it doesn't cache DNS resolves locally anymore, and every DNS request goes to the upstream provider. It's not really a security risk, as such, because it doesn't do a lot and provides only a minor speed increase.

Other stuff:
- All the griping about DCOM is unnecessary. What the author doesn't seem to comprehend is that COM is a subset of DCOM. It's like DCOM bound to the local machine only. Without DCOM running, very little would work. In any case, the DCOM default is to not allow any distributed connections to work, and it takes quite a lot of effort to override that and actually get the D in DCOM to function. I've had to do it a few times for various systems. Yes, it has had holes, which Blaster took advantage of, but mainly that was mainly an RPC hack, not a DCOM hack.

- His complaining about something being manual vs. something being disabled is fairly stupid. If somebody needs something to run, manual will let them do it without going in and changing the services and potentially rebooting. The only danger here is that a program can start a service set to manual, which it can't do to a disabled service, but that's stupid because if you have malicious code running on the PC, you're *already* compromised.

- Secondary Logon set to automatic: Well, yes. This is absolutely necessary, as for many games and other software that needs hardware level access, you have to be administrator to get that kind of access. While it can be dangerous, so can setuid on unix-like systems. It's a necessary evil.

- Universal Plug and Play Device Host: The whole *POINT* of UPnP is for home users. It makes absolutely no sense for corporate users and so forth. Home users is the PRIMARY MARKET for UPnP and suggesting that home users don't need it shows a deep lack of understanding of WTF UPnP is in the first place. Yes, there was a compromise in an early version of UPnP. It's been fixed and no more have been found. Get over it. He even later says that UPnP is blocked by the firewall, which shows his total ignorance of what UPnP does (mainly, it pokes holes in a firewall or NAT, on request).

- He complains about RPC a lot, for no good reason other than a few holes have been found there. Look, any program that access the internet can have flaws in it. Blaming a protocol for holes in past implementations of that protocol is fairly stupid.

- He complains about MetaRefresh being enabled, and wants to disable it by default. He neglects to mention that this action breaks the vast majority of web based applications used in corporate environments. He also fails to explain his reasoning, considering that a MetaRefresh is no more dangerous than an actual HTTP Header Refresh.

- He obviously doesn't understand the concept of trusted sites, suggesting settings for the trusted sites zone that show clear distrust of the sites in that zone. Hey moron, trusted sites is generally for corporate environments, so their systems *work*.

- He goes on to suggest disabling JavaScript (breaking 95% of the websites out there), cookies, and half a dozen other important and useful features which have had no real attacks that were based on them at all. No reasoning given for them.

He has some good points, but they are overshadowed by the complete ignorance of what a system configured like he suggests would do. Namely, very little. If you don't use the machine, then by all means, take that advice to heart. I find it doubtful that he has his desktop configured like this.

I agree, that's really strange to advise to disable JavaScript since so many websites use that.
But what the author of the article is right about is that MS could do more to strengthen windows security than they actually did. the new components they introduce do almost nothing to protect the system, I mean what's the use in that security center - another set of annoying reminders? If I dont' switch the reminders off, for example, when virus definitions are out of date I get 3(!) notifications: from the sec. center, norton antivirus and zonalarm:) I don't care about IE enhancements, because it's been months since I launched IE last time. and every sane internet surfer already has a third party firewall instaled and won't be satisfied with the bundled windows firewall.

I just hope there are many not-so-obvious useful fixes in SP2:)

I found out something else the Security Center does last night. Windows Update released a couple of service packs for the .NET framework stuff. Since I use a couple of .NET apps, I installed the updates. They wanted a reboot, but I was busy, so I hit Reboot Later. Security Center noticed that, appearantly, and started popping up a "You need to Reboot" message about once every 15 minutes. Hit the "Reboot Later" and it goes away, only to come up again 15 minutes later. Annoying as hell, that is. I may disable the Security Center entirely because of it.

Yes, I see the reasoning, however getting in the users face like that does not make them comply, it makes them figure out how to disable the warning messages. Not a good approach to take if you want true security. If they'd instead figured out a way to install updates so I didn't have to reboot, then I'd say they did something worthwhile.

I disagree. It surely won't guarantee compliance from everyone, but will make users think about it and I believe most average users would reboot instead of finding ways to disable the warnings.

To me disabling the warnings does not seem like a wise decision, even for the experienced user. I think that the extra-work caused by a reboot is worthy when compared to a possible hack or worm infection.

No offense, it's just my personal opinion.