Windows XP SP3 Build 3205 Released w/ New Features

jBubba writes "Windows XP SP3 build 3205 is the first official & authorized release of the next Windows XP service pack; and has been made available to testers as a part of the Windows Server 2008/Windows Vista SP1 beta program. NeoSmart Technologies has the run-down on the included 1,073 patches/hotfixes including security updates. Contrary to popular belief, Windows XP SP3 does ship with new features/components, most of which have been backported from Windows Vista. Some included features: 'New Windows Product Activation model: no need to enter product key during setup. Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services. New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.'"

is IE7 included?

all in the subject

Re:I hate new features.

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).

Now that there is a continuance of XP in the market, the best thing that Microsoft can provide that customer base with secure products. If they fail to then it gives credence to the competition laying claims on security. If I remember, one of the points Microsoft was selling XP on was the security it provided above the Windows 2000/98/95 platforms. So there is something of a commitment they have made to keep it secure.

If there's a diminished reason to migrate to Vista, as already demonstrated, then what?

Re:I hate new features.

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

That's one way of looking at it. Another way is that if they backport a few features it might make less technically inclined people a bit less apprehensive about getting a new computer with Vista on it.

I suspect that the features aren't going to be any of the most important ones, and will probably be ignored by XP users, but I doubt that it will really hold people back from upgrading. The main reasons people are not upgrading have little to do with the new features, and much more with things like the lack of driver support.

Re:I hate new features.

That's another way of looking at it. Another way is that they were given a shitload of money from people in the large media industries, and a red carpet right into the service-provider model that they so desperately want, only people are attempting to rebel against this, so they need to find another way to deliver the locks and keys onto peoples desktops.

Re:I hate new features.

I suspect that the features aren't going to be any of the most important ones,

Right.

The most important features of Vista were dropped before it ever hit the street.

Re:I hate new features.

You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.

I've been thinking the same thing, and still, I don't know if pressure alone made them backport Vista features. People just want the patches rolled up in a SP. Vista security features was unexpected move.

Put this next to the toned down Vista campaign.

I have the feeling Microsoft are fully aware of the problems of Vista, and I wouldn't be too surprised to see them gradually backporting the better accepted core/security Vista features to XP until they arrive at a slimmer Vista, and throwing away or redoing the ill mouthed Vista features (such as the current allow/deny security model which often asks the wrong questions and doesn't learn, or clarify the source of the action).

If only they realized this, they wouldn't waste 5 years on grand vision ideas and arriving at an OS that's basically worse than the sum of its parts.

Vista: the spare parts OS. Backport and reuse as needed.

Re:I hate new features.

``Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).''

In Soviet Russia, government controls commerce.

Re:I hate new features.

Funny, I'm an IT department for many companies, and I'm not cringing in fear or having nightmares over Vista.

For corporate IT, Vista is easy. Roll it out when and only when, its been tested, proven, and your organization is ready for it. Until then, just dont roll it out. Easy as pie. Now, if you've got end-users buying machines and trying to connect them to corporate resources without your control, then thats not corporate IT, thats just a bunch of people doing whatever they want.

And the black hole router detection is useful, and makes a lot of sense. If you're seeing problems with it, then it just may not be fully baked yet, and you need to give it time to settle out.

I mean geez, its not like anyone is forcing anybody to upgrade or anything. Your orgs should probably be at least considering buying vista with all new machines now, or as part of your VM purchasing, and just use the downlevel install options for now, that way you own it when you're ready.

If you're encouraging your clients to install Vista, when you know they're not ready for it, and its not ready for them, then you're a bad consultant.

If you're telling them its not ready, and they're doing it anyway, and then calling you for help, then you deserve every penny and more from those hours, cause you've got bad clients. :)

I for one

Welcome our new feature-enhanced overlord. Beats the crap out of the glossy bug-ridden one!

yeah

i can't help thinking sp3 will make xp so much like vista, that you might as well go the whole way. sure hope i'm wrong though.

Windows Product Activation?

New Windows Product Activation model: no need to enter product key during setup.
I'm confused. When have you ever had to enter a product key when installing a service pack?

Re:Windows Product Activation?

2K SP3 & SP4, and XP SP1 and SP2 provided the ability to merge the service pack into the base install for the operating system. The final product is usually referred to as a 'slipstream' install - it allows you to install Windows XP without having to patch to the absolute gills, just the muck from after the latest slipstreamed service pack.

After slipstreaming SP2 into my base XP install disk, a flat-format install did take a bit longer, but device propagation was FAR, FAR IMPROVED. There were a few other niceties, but they go beyond the scope of this post. I wouldn't be surprised if they're referring to changes made in the slipstream of the base install.

Re:Windows Product Activation?

It should be noted that Slipstreaming is not as daunting as most people expect... nLite [nliteos.com] can help that problem and adds a lot of 'hacks' for the install as well. These hacks I speak of are more like features, such as adding Vendor information, as well as including the Serial # right in the install. You can setup an Unattended Setup... that is, you can pre-set all of the questions Windows Setup usually asks during installation.

:-)

Re:Windows Product Activation?

nLite can help that problem and adds a lot of 'hacks' for the install as well.

nLite can also completely frak up an XP install. One specific instance that we encountered when someone in our office used nLite was the inability for anyone who was not an administrator to use USB devices. None. The only way Windows would recognize and install the drivers for things like mice, keyboards, and flash drives was if you were an administrator. I've seen others, but this was one of the most problematic.

I very strongly recommend that nobody use it in a business setting or anywhere else you care about stability. If you want to customize an aspect of the Windows install process, do your homework and learn about it. Don't trust a black box to do it all for you.

Re:Windows Product Activation?

I've never used nLite, but I have slipstreamed manually before. It's not hard at all! You can find a nice walk-through on performing your own slipstreaming and ISO building (bootable) here [winsupersite.com]. The instructions are practically spoon-fed. =)

Witch! Burn her!

Don't throw something out because you don't understand it. nLite can be a very powerful tool in business to do the things you need to get done with a very nice pricetag. I've seen nlite do wonders for thousands of systems to streamline automated deployments.

What nLite did to windows in that instance the user TOLD nLite to do to windows.

Re:Windows Product Activation?

If you just want to slipsteam, don't mess with nlite as it can really screw up an install if you don't know what you are doing, instead try autostreamer. [softpedia.com]

Re:Windows Product Activation?

Why would I need to enter the product key? After all, it comes in a .txt file called "serial" on the installation CD...oops

Elegant MS, really elegant

"Windows XP SP3 build 3205 ... has been made available to testers as a part of the ...Windows Vista SP1 beta program."

God, I love this company!

Re:Elegant MS, really elegant

God, I love this company!

Well, between you and Steve Ballmer, that's two.

Slashdotted

A link to microsoft.com would have been better - less likely to suffer the slashdot effect!

Never mind. I should get on with work I suppose.

Re:Slashdotted

> Never mind. I should get on with work I suppose.

Work? Didn't you get the memo that Sunday is off?

I would like to note something

The Windows Server 2008/Windows Vista SP1 beta program is not in charge of Gundam.

Vista Sound

My favourite feature of Vista is it's sound system. The ability to change the volume quickly and easily per program is probably the best (and perhaps only) good feature of Vista. Does Linux even have anything like that? I can't check the link because it appears to be down, and the Coral Cache link doesn't want to load :\.

Full text

Following our coverage of the Windows XP SP3 beta leak almost a month ago in August, here's some more info on the official beta, which just had its first authorized distributable released earlier today. Say hello to Windows XP SP3, build 3205!

While the newly-released build and the one leaked a month ago (Build 3180) may share the same name, we can exclusively reveal that they are not identical releases. This release, also shipped as windowsxp-kb936929-sp3-x86-enu.exe, is 334.2 megabytes and has been made available to tier-one Windows Server 2008 and Windows Vista SP1 beta testers. Hashes are as follows:

CRC: 56e08837
MD5: c8c24ec004332198c47b9ac2b3d400f7

Along with the standalone installer redistributables (in English, Japanese, and German), Microsoft also provided the usual release notes and a list of all the hotfixes included in this release. Contrary to popular belief, Windows XP SP3 does ship with all-new features - not just patches and hotfixes, most of them backported from Windows Vista:

        * New Windows Product Activation model: no need to enter product key during setup. Thank God for that!
        * Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. You can read more about NAP here.
        * New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services.
        * New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.

Windows XP SP3 is compatible with all versions of Windows x86, included Embedded, Fundamentals, Start, Professional, Media Center, and Home Editions.

Windows XP SP3 now contains 1,073 patches/hotfixes, not including those in previous service packs. Of the 1,073 included updates, 114 are for security-related issues. The remainder are updates to performance & reliability, bugfixes, improvements to kernel-mode driver modules, and many BSOD fixes.

As with Service Pack 2, these include both previously publicly-available updates (whether through support.microsoft.com or via Windows Update) as well as any and all privately-redistributed updates for select customers or partners with specific problems/scenarios.

The first included update: KB123456 (April 7, 2006). The last: KB942367 (September 29, 2007).

We're checking with our MS contacts if we can provide you with the actual comprehensive list of updates included in Windows XP SP3, along with their descriptions and KB article links.

Re:Vista Sound

> knowing nothing about Windows Vista that sounds like an extremely stupid feature.

Sounds like you've distilled the standard slashdot response to any Vista article.

Of course as soon as Linux copies the feature, then it's a great idea.

Re:Vista Sound

The pulseaudio [pulseaudio.org] sound daemon does this.

screenshot [0pointer.de]

It allows for setting the volume per audio source.

WGA will doom it.

If it's got WGA like Windows Vista? Then no thanks.

That's the only reason we're staying away from Vista, and if this new activation is anything like that then it's SP2 until they drop support for it, and maybe something else (Linux, OSX) after that.

I've said my reasons we stay away from Vista In my Journal. [slashdot.org] I'm sure we're not the only workplaces saying the same thing. Especially if the computers are not anchored to the network and are off the network for months at a time like our systems are.

And best feature of all!

"Are you SURE you wouldn't like to upgrade to Windows Vista?"

[Upgrade Now] [Upgrade RIGHT NOW] [FUBAR Existing System]

Protection against black hole routers?

So that when Windows wants to secretly download an update or send your data back to Microsoft, and you prevent them from doing so at the router level, they'll be able to detect it?

Re:Protection against black hole routers?

So that when Windows wants to secretly download an update or send your data back to Microsoft, and you prevent them from doing so at the router level, they'll be able to detect it?

No. A black hole router is a router that incorrectly handles MTUs that are bigger than it can pass. That is, instead of fragmenting the packets, it just silently drops them. This makes for some very unreliable connections as only the bigger packets get dropped and smaller ones get through. This is usually a problem at the ISP level and has nothing to do with Windows updates. I now return you to your regularly scheduled tin foil hat.

The only thing that's interesting

most of which have been backported from Windows Vista.

Including DirectX 10? Few things about Vista are interesting besides that.

What "massive rewrite"?

DirectX is just a COM interface to the video driver.

The main differences between DX9 and DX10 are new shaders and getting rid of all the legacy capability bits, neither of which has any dependency on the operating system or driver model.

I bet that if Microsoft gave the go-ahead to ATI/NVIDIA/INTEL there'd be DX10 support for XP in the very next release. The only reason they aren't doing it is because Microsoft is artificially blocking them.

They did the exact same thing with OpenGL when Vista was in Beta. Microsoft went around making a lot of noise saying "It can't be done!!" but the driver writers were saying it was easy. Eventually they gave in and Bingo! We have OpenGL on Vista.

Re:What "massive rewrite"?

What "massive rewrite" [..] The main differences between DX9 and DX10 are new shaders and getting rid of all the legacy capability bits, neither of which has any dependency on the operating system or driver model.

Oh you missed the part about the rewritten API and Object Model?
Or about the new kernel mode / userspace mode separation of the GUI (DX10 does, in fact, depend on new kernel features)?
Did you also miss the fact DX10 GPU's can natively multithread?
Or that they can use virtual memory?

Now, whether you can get it on XP or not: port enough of the Vista bits back and you can get everything in XP, you can in fact just slap XP label on Vista and call it a day.

Whether Microsoft should do that is another issue. It's perfectly legitimate of them to put major efforts on their new OS. I'll be happy if they, however, are quicker next time with the stability/security fixes on their legacy OS. I've been waiting for XP SP3 forever.

DirectX 10 support?

It might actually get some traction that way, if it's not just being used to shove Windows Vista at people...:p

New features, backported from Vista ?

But didn't Microsoft say that it is impossible to backport features to XP from Vista due to major differences in the system ?
...and since it is possible, will we be getting DirectX 10 on XP too ?
...and if not, why not ?
--
btw. how can this be good for Vista ?

Re:New features, backported from Vista ?

It will make XP slower and it will feel more like Vista. So everybody will go "hey, now the difference is so small, I could just upgrade and get DX10 anyway".

Network Access Protection

Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista.

What exactly does that mean, is this only the client for the Non-Windows-and-old-Windows-Client-Lockout-feature of Windows Server 2008?
How can it be well received in Vista if Server 2008 is not yet out, and who well-received it? Or is there more to this feature?

Blackhole Avoidance?

Does anyone have any details on the blackhole routing avoidance feature? While the summary claims blackhole routers are "rogue" routers, blackhole routing is the most common way to stop DDoS attacks and excessive worm traffic from giant botnets of Windows machines. If the OS now offers botnet operators an easy way to bypass that rerouting of malware traffic, this could have serious detrimental affects upon the internet as a whole.

Re:Blackhole Avoidance?

black hole routers are not null routes.

black hole routers just drop packets that are "too big"; null routes are self explanatory, and are how most ISP's stop DOS attacks.

Re:Blackhole Avoidance?

Regardless of what you want to call it, if Windows is starting to try some sort of verification and automated avoidance of such routes it could interfere with said defenses, possible resulting in routing loops, DDoSing a router somewhere, or use of more advanced defensive techniques.

You seem slightly confused about how the Internet works, so I'm guessing you work in sales. How exactly is your average Windows machine going to avoid these routes? Or influence the paths that its packets take once they've gone past the first router in any meaningful way whatsoever? Theoretically you can do some tricks with the various lesser known ICMP message types to change the routes that your packets take, but you don't seriously think that shit still works in real life do you? Just try doing some source routing from an average ADSL connected host and see how far you get. I guess if the Windows box was acting as a router for an ISP and running BGP then it could be an issue, but we're getting into the realms of surreal comedy here. Just remember that as a general rule your ISP decides how to route your packets, not you.

I'm pretty sure that the "black hole" stuff they're talking about is the old PMTU black hole issue. I'm equally sure that Windows 95 had a registry setting that turned on black hole detection, so I'd love to know what's actually new here.

Microsoft Login Did Not Work

Just for giggles, I followed the link in the base post, and got to the Microsoft Login page for downloading the SP. I tried to login, and my browser started going through various pages in a continuous loop. When I tried to break out of the loop it told me that "login does not work from here."

Pretty hilarious.

Now, I think I will wait until after someone documents how to install SP3 without having to install IE7 or that WGA garbage.

Mirror.

NeoSmart server seems to be down. Here's a mirror [networkmirror.com].

New Product Activation!

Where can I get the beta? Where can I get the beta?

How much Vista badness will we get?

I don't care a flying fsck about Aero and other Vista crap, I'm a Unix user who is forced by a bunch of applications to keep at home one Windows machine working. I don't play games, music or movies on this machine and of course never use it to surf the web or reading emails: there's zero personal data in its disk, therefore any spyware from Microsoft backported from Vista will be no harm to my data.
What I'm concerned about is the driver and software compatibility, stability and memory/resource consumption, and, more importantly, if these updates are forced to the user or can be refused/installed selectively.

Anybody tested this SP and can comment on the subject?

Yes, tried to get TFA, but it's /.'d.

SATA Drive Support on Install

One thing about XP installs that drives me nuts is no native SATA HDD support.
Lets hope they have put common SATA chip set support, or at least native USB drivers to be able to load them without the need to try and dig up a floppy disk or frig around with slipsteaming.

Can it fix my hyper-threading???

I avoided SP2 for over 2 years because it broke my hyper-threading on my 4+ year old 3ghz P4 Dell XPS. I eventually gave in, in order to install some software my wife needed. Seems like a 50/50 chance I can re-enable hyper-threading with it.

Halo 2?

But will XP SP3 be able to play Halo 2, a game that a pentium III Xbox can run, but apparently too complicated for anything less than Vista?

Disregarding the "Vista Angle"

I'm just happy that new installations of Windows XP will now be MUCH MUCH faster. A clean installation of Windows XP with SP2 can take several hours due to over 280MB of additional update downloads, even with off-line update CDs and so on. And that's on a fairly recent computer with decent specs!

I might have to kill a Dell hard drive so I can get a Dell XP SP3 OEM CD with the replacement (I could probably slipstream, but I want to see what color the SP3 CD will be.)

So, Vista is testing, and ...

XP is old reliable stable? Then they backport from testing to stable?

User Account Control?

Please include Vista's User Account Control.

*crosses fingers*

/sarcasm

autopatcher

Hmmm... this puts their autopatcher move [slashdot.org] into perspective. Autopatcher could potentially have competed with an official service pack.

Windows 2000 troll, sorry, user

I moved over to FreeBSD + KDE and Mac OS X quite a while ago now but I still have Windows 2000 on one desktop and in a VM on my MacBook Pro for apps that won't play with WINE. I find it funny that people are saying that there's nothing Windows Vista does better or new compared to XP that would make them upgrade, I still think that about 2000 versus XP.

I haven't really played around with Vista that much but what little experience I've had with it made me crige just because it's so friggen verbose (and that's even ignoring Cancel/Allow). In KDE and OS X when you click on the battery icon it tells you how much charge you have in percent and hours. On Vista it shows an icon, the battery's serial number, why would I need or want that?

For the sake of my friends' (who run XP) sanity, I hope they don't back port such "features". It would be useful if they back ported the black tacky glossy start menu and taskbar though. That really has the potential to vastly improve productivity.

Time to turn off automatic updates

I don't think we should discount the possibility that Microsoft will try to pull some shit with this service pack to improve Vista sales.

Sounds more like Vista with XP GUI

1,073 patches for chrissakes?

      "Contrary to popular belief, Windows XP SP3 does ship with all-new features
        not just patches and hotfixes, most of them backported from Windows Vista"

Sounds to me like Vista is being backported to XP.

Does it kill existing installs?

With SP2, to this day some machines that had existing installs would fail to work after updating. I recently had a machine that had to be completly reinstalled after installing SP2. I have a client running SP1 still because I'm too afraid to install SP2. Can we expect this with SP3?

Network Access Protection

Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista

If that means we will get GPO control over 802.1x configuration for WIRED networks (not wireless - XP has that already) then that and that alone is worth the upgrade IMO.

It was actually the only Vista feature that caught my eye. It's the difference between being able to sensibly roll out 802.1x EAP/PEAP on your switches and not.

Oh GREAT....

I Just updated to XP SP2 a few weeks ago!

Re:Hooray

uh no, you fucking idiot. Now go kill yourself

Re:question

Please take a hint from your buddy [slashdot.org].

Re:But...

Yes [vmware.com] it does [microsoft.com].

Re:adding gasoline to the fire

Don't be an idiot. The libraries that do this have been within Windows for ages. Besides, you can easily use XOR encryption if you just want to hide something. Not really secure, but you'll have to do crypto-analysis to get to the code anyway. Hell, you could use ROT-13. Are you going to look for assembly XOR or ADD routines? You'll probably find a few. Calls to this specific Windows API will be much easier to find.

I've been trying to find out what cryptographic features have been added to the FIPS security module in SP3. I'll be very surprised if there finally is some Elliptic Curve support or anything like that. It seems that .NET has some support for them, but Windows unfortunately still seems to lack support, even though the market is starting to show clear interest in EC crypto.

Anyway, the only thing I can find using Google is some page of Microsoft that's 7 years old. For the same FIPS module - for W2K of course. Does anyone have a link to more recent information? Currently there is little to discuss (unless you mention the missing PKCS#11 support by this arrogant monopolist).

Re:adding gasoline to the fire

so now those viruses that morph and encrypt themselves to prevent detection ... we can't search for the little bit of code at the start that decrypts them because they'll just use a nice convenient windows API.

The cryptographic API-s in Windows, just like the cryptographic API-s in OSX and Linux, are used for hashing and crypoting data using industry standard algorithms.

This is what IE uses for SSL sessions, for example.

Let me ask you something: why do you have to speak about things you have no clue about and make a fool of yourself in front of us? Yes, actually by spreading moronic FUD, you make people listen less to legitimate worries about the Windows OS.

Re:MS boycotss XP?

Didn't they add instability and bugs years ago?