News

SP2 may change your life

• By Mike Gunderloy
• July 13, 2004

You undoubtedly know that Windows XP Service Pack 2 is on the way; Microsoft is now promising shipment some time in August. But unlike previous Windows service packs, this one has some serious implications for many developers. This appears to be one of the cases that Microsoft has chosen to indicate that the focus on security is more than just talk. Many of the network interfaces in Windows XP are being tightened down by SP2.

So what does this mean for developers? If you're building distributed applications, you might find that things just plain stop working after users install SP2. For example, suppose you depend on the ability to open an arbitrary TCP/IP port to communicate between components of a distributed application. When SP2 hits the machine, it turns on the build-in firewall and locks down port security. Now your application needs to deal with getting the hole it needs poked into that firewall.

In earlier times, you might have been able to deal with this issue simply by including a note in your application's readme file ("Disable any firewall before using MyGreatApp"). That approach is no longer acceptable to most users, or any IT departments. It's time for you to learn how to use the new firewall configuration APIs are install time instead.

There are lots of other changes coming in SP2 as well. These affect parts of the system from DCOM use to browsing with Internet Explorer to which system services are set to start automatically. In fact, there are so many changes coming that Microsoft has published Changes to Functionality in Microsoft Windows XP Service Pack 2 to enumerate them all for the benefit of developers.

But there's a more subtle problem lurking here for many developers. It's a rare application that runs only on Windows XP. Indeed, between different versions of Windows and different cofigurations (Terminal Services, locked-down desktops) you might need to support eight or ten different versions of Windows. This means that you can't depend on the new APIs in Windows XP SP2 to be present at runtime (or the SP2 restrictions being present to protect you, for that matter). Your code needs to properly detect the platform and configuration of the user's computer, and take the appropriate actions.

This fragmentation of the Windows platform is an issue that hasn't gotten enough attention. While purely plain vanilla applications may run the same everywhere, it's quite easy to introduce platform or version dependencies that you didn't intend into an application. Do you know for sure that your application will run well on the Japanese version of Windows Server 2003 Web Edition, for example?

It would be nice to see Microsoft reduce the number of different permutations of Windows, but I don't see any evidence of that happening any time soon. With the Tablet PC version and the Media Center Edition, in fact, things have gotten even worse lately. Your best defense, such as it is, is to test on the platforms that you think will cover the majority of your users, and be prepared to scramble if a bug turns up in some other version. Keep your MSDN subscription current so you'll have the software to test with, and cross your fingers.

And do take a few minutes to see whether you've got to make changes for Windows XP SP2.