p2pnet.net News:- Software developers should test their code against Microsoft’s Service Pack 2 beta, or face the possibility that the update will break their applications.

“Windows XP Service Pack 2 (SP2) is more than the usual roll-up of bug fixes and updates,” says an IDG News Service story here. “It is also being used to make significant changes to the software that are designed to improve security. These changes can render applications inoperable, Microsoft warns.”

It quotes Tony Goodhew, a product manager in Microsoft’s developer group, as saying, “It may surprise some of the developers that we are changing some defaults, and that may affect the way some of the older applications run. Developers should absolutely be checking their applications against Windows XP SP2.”

To help developers, Microsoft has – for the first time ever, according to Goodhew – very kindly created an online training course that covers the impact on existing applications and includes code samples.

Large vendors of software are getting help from Microsoft to make sure their applications are compatible with SP2, Goodhew says, but, the IDG report continues, smaller vendors and others, such as enterprise software developers, need to do their own testing.

“It is really up to developers to do the due diligence” and if developers do find SP2 breaks their app, it probably means they weren’t following best practices in terms of security when writing their applications, according to Goodhew.

“I’m afraid now, I have somehow missed this message,” a Windows developer who asked not to be named says in the IDG piece. “Was it buried in too many marketing messages? Was it dependent on me searching it out?”

Changes to Windows XP made by SP2 fall into four main areas, adds IDG: network protection, memory protection, e-mail security, and browsing security. The most affected parts of Windows are RPCs (Remote Procedure Calls), DCOM (Distributed Component Object Model), Windows Firewall, and memory execution protection, according to Microsoft.

Many of the changes can disrupt functions of Windows and other applications, says Thor Larholm, a senior security researcher at PivX Solutions in Newport Beach, California. “By design, many of the new security improvements will break functions for a wide range of applications,” he says.

This entry was posted on Sunday, March 7th, 2004 at 11:30 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2022 times