Windows XP Service Pack 3 (SP3) discussions

Tarun · December 20, 2007

Who all has tried the betas or RCs of SP3?

Now that Windows XP SP3 has been released to the public as RC1, I've downloaded and installed it on my server after doing a clean install. So far I've been very pleased with the results so far.

I've noticed that Windows boots faster than before. Fewer bars go by while the OS is loading. Unfortunately I have not yet been able to see any changes from the three new added features.

The frontpage article goes into a brief explanation of these three new features. Network Access Protection (NAP), Kernel Mode Cryptographic Module (KMCM), and Microsoft's new "black hole router" detection which is part of their hardening of the Windows IP stack.

Here's a copy:

Windows XP Service Pack 3 (SP3) covers all updates released since Windows XP Service Pack 2 (SP2) was released to the public. Also included will be some private hotfixes that you could only acquire through special request. There are genuinely new features - not just patches and security updates, but services that could substantially improve system security without overhauling the kernel like with Windows Vista. These new features will not significantly change customers experience with the operating system.

Network Access Protection (NAP) will be making it's debut to the XP operating system with Service Pack 3. This will help System Administrators to ensure that their network is both secure and healthy. Sysadmins will be able to set policies that determine if a computer is healthy or not by meeting set system health requirements. Examples of those requirements can be having the most recent OS updates installed, having the latest version of the anti-virus software including detection definitions, or if the computer has a host-based firewall installed and enabled.

Kernel Mode Cryptographic Module (KMCM) is a FIPS 140-1 Level 1 compliant, general-purpose, software-based, cryptographic module residing at the Kernel Mode level of the Windows Operating System. It runs as a kernel mode export driver (a kernel-mode DLL) and encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible by other kernel mode drivers. It can be linked into other kernel mode services to permit the use of FIPS 140-1 Level 1 compliant cryptography. It premiered in Windows 2000, and its first implementation in a Windows client was for the first edition of Vista.

Microsoft is also hardening the Windows IP stack. With this addition comes Microsoft's new "black hole router" detection. Black hole router detection is a way for routers to detect in advance the shortest path to send a large number of datagrams, without having to fragment them too seriously along the way. As it turned out, some receiving routers that were pegged by sending ones as PMTU members were responding to datagrams with "do not fragment" messages by simply throwing them out. These were referred to as "black hole routers," and have been a perennial plague to streaming operations. The new router detection scheme enables IP routers along the way to flag misbehaving PMTU candidates in advance and steer around them.

We have provided links below if you'd like to learn more about these new features coming to Windows XP in Service Pack 3. Included with the link list below is also the Service Pack 3 technical overview document.

Download: Microsoft Windows XP Service Pack 3 (SP3) RC1 Build 3264 (336MB, *.exe)

Download: Microsoft Windows XP Service Pack 3 Overview (PDF)

Link: Network Access Protection (NAP) on Microsoft | Wikipedia

Link: Kernel Mode Cryptographic Module on Microsoft

Link: Path MTU on Wikipedia