Problem solve Get help with specific problems with your technologies, process and projects.

Windows XP SP3 pack includes new XML parser, enhanced IP security

The latest XP update includes developer goodies including a new internal XML parsing engine, better IP security policy support, and a new management console.

At the end of April, Microsoft is expected to release Windows XP SP3. Earlier this month, the company released an Overview document about the forthcoming Windows XP Service Pack 3. Given changes to XML support, policy settings, access controls, and cryptographic capabilities, developers who have constructed code for the Windows XP runtime environment may want to read the release notes and related KB documents carefully, because they may either need or want to update their own code to take cognizance or advantage of the brave new runtime world that Windows XP SP3 is almost ready to provide.

The overview document does provide some pretty good coverage about what SP3 will include, and falls into two categories: First, previously released functionality for which SP3 serves as a kind of “roll-up” to make sure all XP users who install the software get these updates; and second, new and enhanced functionality that adds to Windows XP’s capabilities, even for those who’ve already installed SP2.

In the roll-up category, here’s what you’ll find included:

  • Microsoft Management Console 3.0: A framework to unify and simplify system management tasks through common navigation, menus, toolbars, and workflow across multiple tools. See KB article 907265 for all the gory details.
  • MSXML6: Microsoft’s internal XML parsing engine gets an update that conforms more closely to existing XML and XML Schema standards, and one that complies with MS’s own System.Xml 2.0 implementation. Very helpful for those who interact with XML data in any form.
  • MS Windows Installer 3.1 v2 (3.1.4000.2435): A minor update to Installer 3.0 (released in September 2004), that includes some new and enhanced capability plus bug fixes to previous version.
  • Background Intelligent Transfer Service (BITS) 2.5: Works with MS System Center Configuration Manager and Windows Live OneCare, and helps improve flexibility and security.
  • IPsec Simple Policy Update for Windows Server 2003 and Windows XP: Helps simplify creation and upkeep of IPsec filters.
  • Peer Name Resolution Protocol (PNRP) 2.1: Lets Windows XP-SP3 programs that employ PNRP communicate with Vista programs that also use this protocol.
  • WPA2: Updates Windows XP to support WPA2 (Wi-Fi Protected Access 2), a current 802.11i security standard for wireless networking; covered in KB article 893357.

Here’s what falls under the heading of new or enhanced functionality:

  • “Black Hole” Router detection: turns black hole router detection (routers that silently discard packets) on by default, and includes enhancements to its detection capabilities.
  • Network Access Protection (NAP): Policy enforcement mechanism also available in Vista and Windows Server 2003, designed to protect network assets by enforcing system health requirements prior to allowing access or communication (and then automatically updates compliant computers or remediate non-compliant ones on a restricted network). There’s a great FAQ that provides more information about NAP for those who want to learn more about it.
  • Description Security Options UI: The XP SP3 Security Options control panel offers more descriptive text to explain settings, and to prevent invalid or incorrect configuration settings from being chosen.
    • Enhanced security for Administrator and Service policy settings: System Center Essentials for Windows XP SP3 presents Administrator and Service entries by default for any new policy instances, nor can the 'Impersonate Client After Authentication' user right remove such settings.
  • MS Kernel Mode Cryptographic Module: A FIPS 140-1 Level 1 compliant, software-based, general-purpose cryptographic module now becomes part of the XP OS kernel (in the form of a kernel model export driver that runs as a kernel-mode DLL). It encapsulates multiple cryptographic algorithms in a single, straightforward module accessible to other kernel mode drivers. More information is available the Technet Microsoft Kernel Mode Cryptographic Module document.

    Those in search of more details will find Microsoft Knowledge Base article 936929 helpful because it proffers release notes for the current SP3 release candidate (it will probably change right up to the time that the release occurs, so repeat visits to this document may be needed).

    Ed Tittel is a writer and trainer whose interests include XML and development topics, along with IT Certification and information security. E-mail with comments, questions, or suggested topics or tools to review. Cool tools rule!

Dig Deeper on ASP.NET development best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.