# Windows XP SP2 release date UPDATED 10th AUG 04



## leech (Jul 16, 2004)

```
Windows XP SP2 Key Dates

August 9, 2004 - Network install package on Microsoft.com for  IT Professionals Developers

August 10th 2004 - Release of English Windows XP SP2 through Automatic Update (AU). Available for people who have previously installed pre-release versions of SP2

August 14th 2004 - Release thru Automatic Updates to all - only 25000 download allowed in a day

August 10 and August 25, 2004 - For business customers 


August 25th 2004 - full end user avaliability
```

Hi Guys,

  here is some interesting information. Windows XP SP2 will be released on the 15th of August for public download on microsoft.com.

here is some very good info for you guys

Abstract

Windows XP Service Pack 2 addresses new challenges to the security of personal computers by making a number of basic improvements to the operating system. It reduces common attack vectors four ways: it enhances protection of the network, increases protection for memory, handles e-mail more safely, and browses the Internet more securely. Service Pack 2 also makes it easier to keep the system up-to-date; makes it easier for an administrator to control security throughout an enterprise; and makes it easier to use Bluetooth devices from Windows. Service Pack 2 also includes DirectX 9 and Windows Media Player 9, which contain security, performance, and functionality improvements.

Introduction

Historically, operating systems have had to find a balance between ease of use and security. Early versions of Windows were designed primarily for ease of use, which was appropriate for computers used by one person, without any connection to the outside world beyond an occasional shared floppy diskette. For an isolated, single-user system, even requiring a username and password seemed unnecessary.

Today's connected computing environment commonly exposes computers to a variety of security threats. The majority of computers connect to the Internet at least occasionally. Almost all computers are used for e-mail and/or Web browsing. Many computers connect to the Internet full-time over cable modem or DSL links, or through corporate networks. Most of these are also used to play music and view video content. Many users enjoy instant messaging and peer-to-peer collaboration programs, as well as interactive games. Each of these conveniences also exposes the computer to new threats.

New Security Challenges

Widespread connectivity has opened the door to fast-spreading computer viruses, worms and Trojan horse programs. Computer users have protected themselves from these threats by using firewalls and antivirus programs, and by applying system and application patches as they become available. Microsoft has responded to threats that take advantage of system flaws by developing, testing, and distributing system and application patches to fix those flaws. Antivirus vendors update their virus signature files as often as daily as new viruses are detected.

The cycle in which vendors constantly supply new virus signatures and new system patches in response to each outbreak of new viruses and worms is not really a cure for the problem. It is only a continual attempt to alleviate the problem, which can never quite anticipate the next threat. Essentially, in this scenario we can't drain the ocean that's threatening to flood our farmlands: we can only keep plugging the dikes. Defense by updates and patches not only requires constant work from vendors, it also requires users to be diligent about downloading and applying the updates and patches promptly, which can become a significant burden. 

Users are not always diligent about applying patches. For example, the Blaster worm, which was discovered August 11, 2003, exploited a security vulnerability for which a patch had already been issued. A firewall could also easily stop Blaster by closing the port used by RPC. While many users had already applied the patch and/or had a firewall in place, many had not: so many left themselves vulnerable that the worm spread rapidly throughout the world, seriously affecting Internet and corporate network bandwidth for several days.

Late in August and early in September, Blaster again became a problem, when students arrived at colleges and universities for the fall term with infected computers. In some cases, these naÃ¯ve students compromised the college's entire network. Some colleges[1], ones that instituted isolation zones, mandatory system patching, and mandatory antivirus policies, had no network problems, although individual students were inconvenienced by having their campus network and Internet access delayed by the security measures until their computers were certified to be virus-free and in compliance with network policies. Other colleges and universities[2] that started out with permissive policies were forced to shut down their networks completely for hours, and to distribute patches and antivirus software on CD, dorm to dorm.

Administrators have not been immune to such problems, either. The W32.Slammer worm aggressively compromised SQL Server installations worldwide in January, 2003, flooding many enterprise networks and major portions of the Internet, and denying service to many Web sites. However, W32.Slammer was discovered six months after a patch had been issued to fix the vulnerability exploited by the worm. In many cases, administrators had delayed applying the patch to public SQL Server instances because they wanted to avoid downtime on shared databases. The same attitude kept administrators from applying a subsequent service pack that included the patch. The result was, unfortunately, more downtime and much more disruption from the worm than would have resulted from the application of the original patch and/or the service pack.

Not even large organizations and branches of government are immune. In December, 2003, the US Treasury Department's Inspector General Report[3] criticized the department's information security systems, including the Internal Revenue Service, for (among other issues) failing to apply vendor patches to systems, leaving them open to known vulnerabilities.

With Windows XP Service Pack 2, Microsoft has rolled up the patches to all known vulnerabilities to the Windows XP operating system and its utilities. In addition, it has attempted to increase the inherent security of the system in the face of future threats, whether or not the system is fully patched, while making the process of obtaining and applying the appropriate patches easier and less time-consuming. At the same time, Microsoft has attempted to maintain Windows XP's ease of use, with simple but flexible user interfaces to the new functionality.

A More Secure System

The major goal of Windows XP Service Pack 2 is to reduce common openings for attack of the Windows operating system. It reduces the most common attack vectors four ways: it better shields the network, enhances protection of memory, handles e-mail more safely, and browses the Internet more securely.

Network protection is the largest area of improvement in Windows XP Service Pack 2, and the one with the most implications for existing software. It starts with an improved Windows Firewall (previously known as Internet Connection Firewall, or ICF), which is enabled by default. The new firewall turns on very early in the system boot cycle, before the network stack is fully enabled, reducing the possibility of intrusions during the boot cycle. It also turns off very late in the shutdown cycle, after the network stack has been disabled, reducing the possibility of intrusions during system shutdown. 

Windows Firewall is now enabled for all network interfaces by default, has a convenient control panel graphical user interface to enable exceptions by application, and can be placed under administrative control in a domain through new Group Policy settings. The IPv6 Firewall, released originally in the Advanced Networking Pack for Windows XP SP1, has been integrated with Windows Firewall for IPv4. As a result the same default configuration that secures IPv4 also provides firewall protection for IPv6. In addition, the netsh command-line tool has been enhanced to support Windows Firewall configuration, providing a single command-line interface to configure Windows Firewall settings.  

The Remote Procedure Call (RPC) service has been made less vulnerable to outside attack, and new permission levels have been added to allow administrators to control which RPC servers are blocked, which are exposed only to the local subnet, and which are exposed to the entire network. Windows Firewall has been enhanced to support these permissions, and to limit port openings from alleged RPC servers based on the security context in which they run.

The Distributed Component Object Model (DCOM) infrastructure has additional access control restrictions to reduce the risk of a successful network attack. By default, only authenticated administrators can remotely activate and launch COM components, and only authenticated users can remotely call COM components. Administrators can apply fine control to individual services to allow only appropriate users to use the services, or to restrict services to local use.

On CPUs that support execution protection (NX) technology, Windows XP Service Pack 2 marks data pages non-executable. This feature of the underlying hardware prevents execution of code from pages marked in this way. This prevents attackers from overrunning a marked data buffer with code and then executing the code; it would have stopped the Blaster worm dead in its tracks. The only processor families that currently support NX are the 64-bit AMD K8 and Intel Itanium; however, Microsoft expects future 32-bit and 64-bit processors to provide hardware based execution protection..

In addition to supporting NX, Service Pack 2 implements sandboxing. All binaries in the system have been recompiled with buffer security checks enabled to allow the runtime libraries to catch most stack buffer overruns, and "cookies" have been added to the heap to allow the runtime libraries to catch most heap buffer overruns.

In SP2, a new version of Outlook Express can block images and other external content in HTML email, warn about other applications trying to send mail, and control the saving and opening of attachments that could potentially be a virus. Outlook Express also coordinates with the new application execution service, to better protect the system from the execution of harmful attachments. Users also have the option to read or preview all messages in plain text mode, which can avoid potentially unsafe HTML. Windows Messenger and MSN Messenger share the improvements to attachment control made for Outlook Express.

Internet Explorer (IE) has been made much more secure in Service Pack 2. It now manages add-ons and detects crashes due to add-ons, controls whether or not binary behaviors are allowed to run, and applies the same safety restrictions to all URL objects that previously applied only to ActiveX controls. It has more control over the execution of all content. It dramatically restricts the capabilities of the Local Machine zone, to block attacks that attempt to use local content to run malicious HTML code. IE now requires that all file-type information provided by Web servers be consistent, and "sniffs" files for malicious code trying to masquerade as a benign file type.

IE now disallows access to cached scriptable objects: HTML pages can only script their own objects. This better blocks attacks on the IE cross-domain security model, disallowing scripts that listen to events or content in other frames, such as a script that might try to capture credit card information from a form. IE now has a built-in facility to block unwanted pop-up windows, and manage the viewing of desired pop-up windows. It can block all signed content from an untrusted publisher, will block signed code with invalid digital signatures by default, and will only display one prompt per control per page. Further, IE now keeps scripts from moving or resizing windows and status bars to hide them from view or obscure other windows.

DirectX 9 and Windows Media Player 9 both contain security, performance, and functionality improvements. For more information about improvements to DirectX, consult the DirectX home page at *www.microsoft.com/windows/directx/. For more information about improvements to Windows Media Player, refer to the Windows Media Player home page at *www.microsoft.com/windows/windowsmedia/.
	
	



```

```


----------



## leech (Jul 16, 2004)

Easier Maintenance
Windows XP Service Pack 2 features automatic updates, using Windows Update Version 5. An Express Install option makes it easy for users to quickly get just the critical and security updates they need, and an Automatic Updates control panel makes updating a set-and-forget task instead of a constant chore. In addition, Microsoft has endeavored to make most new patches smaller than they have been in the past, although Service Pack 2 is itself huge. 

The new Security Center provides a central location for information about the security of your computer, with an easy-to-use graphical interface. Windows Installer 3.0 provides more security options for software installation, and provides patch management infrastructure that helps to keeps patches small through "delta compression" technology. Windows Installer 3.0 helps to avoid the downloading of unneeded, superseded or obsolete patches, and supports patch removal reliably.



Implications of the Improvements
Overall, most of the improvements introduced with Windows XP Service Pack 2 serve to make the operating system more secure without materially affecting the user experience. However, there are a few areas where users, administrators, and developers will have to make adjustments to maintain functionality without compromising security.

For users, the most common adjustments have to do with allowing exceptions to the improved security. Users who never ran ICF before will see a new popup security alert dialog whenever they run a new application that wants to act as an Internet server. Users will need to think about whether they want to grant each application this privilege, but they only have to think about it once, and they can change their minds easily later. Most users will want to allow their preferred instant messaging application this privilege when they expect to receive a video. Most users will deny the privilege to an unfamiliar application, especially if the publisher is unknown, lest it turn out to be a virus, worm, or Trojan horse.


Figure 1 – Security Alert



Users will also find that Security Center nags them a bit if they lack an antivirus program, if their antivirus signatures are out of date, if they ignore critical system updates, or if they turn off their firewall. Most users will find this extra vigilance by the operating system more of a comfort than an annoyance; knowÂ­ledgeÂ­able users can turn off any incorrect warnings by telling Security Center about their third-party security applications.

Users who have regularly scheduled tasks on their system may have to revisit them, once, to enter passwords. Scheduled tasks created to use the default security context, rather than a specific user ID, no longer work in Windows XP Service Pack 2. This helps limit a potential avenue of attack for intruders.

Administrators will need to explicitly allow access to server applications on their networks. Since access can be limited to the local subnet or allowed from any source, administrators have more control than ever before. Administrators and other IT professionals should read about this in detail on the Windows XP SP2 Web site, paying specific attention to *msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp.

Windows and Web application developers will have to revisit distributed applications that use RPCs or DCOM. They may also have to apply patches to their development tools and allow their tools Windows Firewall privileges to allow remote debugging to work.

Web application developers may also have to reexamine their use of ActiveX controls and binary behaviors and make minor adjustments, as security has been tightened around these technologies. Web pages that need to run locally and have active content may need an additional "signature" line or a change of extension to allow them to run correctly.



Network Protection
The three major areas of improved network protection in Windows XP Service Pack 2 are the Windows Firewall, Distributed COM, and Remote Procedure Calls. In addition, some unnecessary services have been disabled by default.



Windows Firewall
Windows Firewall, a stateful filtering firewall previously known as Internet Connection Firewall (ICF), increases protection against probes that scan for information on open ports and active IP addresses, and denies all unsolicited inbound traffic. It allows outbound traffic to flow normally, and automaticÂ­ally accepts inbound responses to outbound requests. 

Stateful filtering works by examining a packet's state and the context information of a session. Windows Firewall uses a security policy with three primary rules:

Â·         Any packet that matches an established connection flow is forwarded. 

Â·         A sent packet that does not match an established conÂ­nection flow creates a new entry in the connection flow table and is forwarded. 

Â·         A received packet that does not match an established conÂ­nection flow is dropped. 

These three rules allow normal Internet access, such as browsing the Web and retrieving email, while preventing any unsolicited packet flow. The user or administrator can also declare excepÂ­tions to the security policy, to allow server applications to work.

Windows Firewall has three major states: On, On with no exceptions, and Off. The On state protects the computer but allows specific declared exceptions to the security policy. The "On with no exceptions" state can be used when a computer is used in an insecure environment, such as an unprotected public wireless network, or a local area network that has been infected with a virus. The Off state can be useful for brief periods, for diagnosing possible firewall-related problems, but shouldn't be used for extended periods. 


Figure 2 – Firewall General



The firewall state can be set by the user, or by a domain administrator using a Group Policy. Similarly, firewall exceptions can be set by the user, configured via the command-line netsh utility, or by a domain administrator using a Group Policy. The Group Policy always takes precedence if it exists; when a Group Policy is in place, the controls in the Windows Firewall control panel will be grayed out.

Windows Firewall can be enabled or disabled for specific network interfaces, although all are enabled by default. It can log dropped packets and/or successful inbound connections. It has a number of options to control whether and how the computer responds to ICMP ("ping") requests; all of these are off by default, helping to make the computer invisible to probes. 

It is fairly simple to configure Windows Firewall to allow well-known services like File and Printer Sharing and Remote Desktop to be accessed from the Internet using the Exceptions tab of the Windows Firewall interface. Unlike previous implementations, exceptions can now be set per application – which enables all inbound traffic to a particular application on the machine – rather than only port exceptions provided in previous versions. 


Figure 3 – Exceptions and Advanced Settings



Whenever you enable an exception for Windows Firewall, you can also set the Scope of the exception. This enables you to configure whether File and Printer sharing is accessible from any computer, or only from other computers on your home or office network. Even more complex settings are available to widen this scope to several subnets of a large enterprise network.

Also for enterprise networks, Firewall Profiles are available in an Active Directory environment. Using Group Policy an administrator can configure the firewall to use certain settings, exceptions and restrictions while on the corporate network, but a different set when on other networks. This helps ensure that administrators can protect mobile computers while still providing needed network functionality. 

In Windows XP Service Pack 2, the firewall driver has a static rule to perform stateful filtering, called a boot-time policy. This rule allows the computer to perform basic networking tasks such as DNS and DHCP and communicate with a domain controller to obtain policy. Once the firewall service is running, it loads and applies the run-time Windows Firewall policy and removes the boot-time filters. Once in run-time, the Windows Firewall configuration, including Exceptions is used. During boot time there is no configuration provided – only basic tasks such as the ones mentioned above can be performed. 

This provides an answer to the problem of new installations of Windows or attacks that could occur before the firewall service starts. With these changes the Windows Firewall is protects the computer from startup, and during installation from a Windows XP SP2 integrated installation source.


----------



## VD17 (Jul 16, 2004)

ok.. so anyone read the whole thing??? lol
so all those who think they can install SP2 on their illegal XPs.. please stand up...


----------



## siddhesh (Jul 16, 2004)

I thought SP2 is set for 4th August! Guess I am wrong.


----------



## IG (Jul 17, 2004)

standin' up!


----------



## JAK (Jul 17, 2004)

VD17 said:
			
		

> ok.. so anyone read the whole thing??? lol
> so all those who think they can install SP2 on their illegal XPs.. please stand up...



I just did !,...   RC 2049 and RC2062.....work like a charm...


----------



## #/bin/sh (Jul 17, 2004)

well ...


----------



## nipun_the_gr8 (Jul 17, 2004)

I'm also standin' up..........


----------



## leech (Jul 17, 2004)

Well if you naughty guys think that you have outsmarted Microsoft. Think twice. If you had already managed to activate windows using the activation keygens and cracks. You may be in for a surprise.

Microsoft has come with two new updates in SP2

Windows Update 5
and	
Windows Installer 3

Even if you have managed to install the release 2 of the SP2 check again if you can actually updated Windows XP using the Windows Updater 5. You will be in for a suprise to see that you will not be able to update and it will tell you that you have a blacklisted key or something like that.  

The windows Updater will be improved more before the full release on 15th August.

Windows Installer 3.0 has enhanced inventory functions that identify what patch components do and don't need to be downloaded, and supports Microsoft's delta compression technology, which makes patches smaller. Windows Installer 3.0 also supports more reliable patch removal.

Both the technologies are going to be hand in glove to detect piracy.

So if you are the lucky one to get a proper serial which is accepted by the windows updater.... Please stand Up..........

For those who are'nt so lucky........... keep sitting mate or if you were standing, give those legs a rest ..

Ah! I forgot one thing. You will just not be able to update windows. But windows will work fine though.... so smile my friend......

I will now continue to give more info in SP2... for those who care to read......


----------



## VD17 (Jul 17, 2004)

Hey Leech... good info. mate... thanks... and please do keep giving us more...
damn, i guess i'll buy XP now....


----------



## leech (Jul 17, 2004)

The warez keys that allow you to install XP SP2 are ones with the the PID (Product ID) of xxxxx-640-xxxxxxx-xxxxx

the easiest way to check your computers is by pressing the Windows Key + Break.

In the System Properties window that appears look down to the Registered to: section, if the second group of 3 numbers reads anything other than 640 then SP2 will lock you out. If it reads 640 then you are safe.


----------



## NikhilVerma (Jul 17, 2004)

Nice info guys....
Keep it up...


----------



## leech (Jul 17, 2004)

Remote Procedure Call (RPC)
A Remote Procedure Call (RPC) is a message-passing facility that allows an application on one computer to call services that are available on various computers on a network. RPCs are commonly used to do remote administration of computers on a network, to share files and printers, and to build custom distributed applications.
Windows XP has a Remote Procedure Call subsystem (the rpcss network service) that provides the infrastructure for many other services and applications. The RPC subsystem takes care of mapping the endpoints of the available services and enables applications to use dynamic endpoints. The Remote Procedure Call Locator (rpclocator) service helps distributed application clients to find available compatible server applications.
Windows XP systems as normally installed have over 60 RPC-based services running that listen for client requests on the network, mostly in processes called Svchost.exe. If unprotected, these present a huge "attack surface" for intruders. In previous versions of Windows, ICF (the predecessor to Windows Firewall) blocked all RPC communications from outside the computer, which interfered with file and print sharing and remote administration as well as other useful services. This is one reason why many users did not run ICF.
Windows Firewall now takes a different, more compatible approach. When a process tries to open a port, claiming that it is an RPC service, Windows Firewall will accept this claim if and only if the caller is running in the Local System, Network Service, or Local Service security context – in other words, only if the process is actually a service. This reduces the chance that unprivileged Trojan horse programs will open a port for themselves by pretending to be RPC servers.
In addition, there is a new system policy for RPC servers that restrict their usage to local and/or authenticated clients. By default, the RPC runtime will reject all remote, anonymous calls. If a service registers a security callback that can authenticate remote, anonymous calls, then that service is granted an exemption. There is a new registry key, RestrictRemoteClients, that can modify this behavior to be more or less restrictive than the default. In addition a EnableAuthEpResolution key is provided, which controls authentication for the Endpoint Mapper. When this key is set, the RPC client runtime will use NTLM to authenticate to the endpoint mapper. This authenticated query will only take place if the actual RPC client call uses RPC authentication.
More information on these changes is available for administrators and developers at:
*msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp 
And the online training at:
*msdn.microsoft.com/security 

Distributed Component Object Model (DCOM)
The Microsoft Component Object Model (COM) is a platform-independent, distributed, object-oriented system for creating binary software components that can interact. The Distributed Component Object Model (DCOM) allows applications to be distributed across locations on the network. The DCOM wire protocol transparently provides support for reliable and efficient communication between COM components.
Administrators typically configure COM servers to be available for remote use via DCOM. In previous versions of Windows, DCOM servers could sometimes present targets to remote attackers. In one scenario, an anonymous remote client would ask a DCOM server to perform a task that normally requires authentication. Since there are about 150 COM servers in a default installation of Windows XP, and no way to check their settings automatically, it would be difficult for an administrator to even determine the level of exposure on one computer, much less an entire network.
In Windows XP Service Pack 2, the security of DCOM has been enhanced. A system-wide setting restricts DCOM activation, launch, and call privileges, and differentiates between local and remote clients. By default, everyone is granted local launch, local activation, and local call permissions, which should enable all local scenarios to continue to work without change. By default, all authenticated users are granted remote call permissions, which enables most common server applications, as long as the client is not anonymous. By default, only administrators are granted remote activation and launch permissions.
In addition to the system-wide DCOM security settings, individual COM servers can be set to restrict the rights available to users. There are four new launch permission levels for COM servers: local launch, remote launch, local activate, and remote activate. There are two new access permission levels for COM servers: local calls and remote calls. The default permission levels will work properly for almost all cases.
Administrators and developers can read about the new DCOM security levels in:
*msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp 
And the online training at:
*msdn.microsoft.com/security 


Alerter and Messenger Services
The Alerter and Messenger services, which are sometimes used by administrators and developers to communicate over a network, have been disabled by default in Windows XP Service Pack 2. In previous versions of Windows, the Messenger service was started automatically, and could be abused by advertisers if no firewall was active. The Alerter service was available for manual start, but rarely used. Administrators and developers who use either of these services should read about the issues in:
*msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp 
Most users will not see any effect from these services being disabled, other than noticing that some annoying popup messages from the Internet have stopped appearing.

Memory Protection
Buffer overrun attacks are among the most common mechanisms, or vectors, for intrusion into computers. In this type of exploit, the attacker sends a long string to an input stream or control – longer than the memory buffer allocated to hold it. The long string injects code into the system, which is executed, launching a virus or worm.
Windows XP Service Pack 2 uses two general categories of protection measures to inhibit buffer-overrun attacks. On CPUs that support it, the operating system can turn on the execution protection bit for virtual memory pages that are supposed to hold only data. On all CPUs, the operating system is now more careful to reduce both stack and heap buffer overruns, using "sandboxing" techniques.

Data Execution Prevention (DEP)
On the 64-bit AMD K8 and Intel Itanium processor families, the CPU hardware can mark memory with an attribute that indicates that code should not be executed from that memory. This execution protection (NX) feature functions on a per-virtual memory page basis, most often changing a bit in the page table entry to mark the memory page.
On these processors, Windows XP Service Pack 2 uses a new Data Execution Prevention (DEP) feature to prevent the execution of code from data pages. When an attempt is made to run code from a marked data page, the processor hardware raises an exception immediately and prevents the code from executing. This prevents attackers from overrunning a data buffer with code and then executing the code; it would have stopped the Blaster worm dead in its tracks. 
Although the support for this feature is currently limited to 64-bit processors, Microsoft expects future 32-bit and 64-bit processors to support DEP.

Sandboxing 
To help control this type of attack on existing 32-bit processors, Service Pack 2 adds software checks to the two types of memory storage used by native code: the stack, and the heap. The stack is used for temporary local variables with short lifetimes; stack space is automatically allocated when a function is called and released when the function exits. The heap is used by programs to dynamically allocate and free memory blocks that may have longer lifetimes.
The protection added to these two kinds of memory structures is called sandboxing. To protect the stack, all binaries in the system have been recompiled using an option that enables stack buffer security checks. A few instructions added to the calling and return sequences for functions allow the runtime libraries to catch most stack buffer overruns. This is a case where a little paranoia goes a long way.
In addition, "cookies" have been added to the heap. These are special markers at the beginning and ends of allocated buffers, which the runtime libraries check as memory blocks are allocated and freed. If the cookies are found to be missing or inconsistent, the runtime libraries know that a heap buffer overrun has occurred, and raise a software exception.

Safer Message Handling
Many viruses spread through file attachments to e-mail and instant messages. Virus writers capitalize on people's curiosity and willingness to accept files from people they know or work with, in order to transmit malicious files disguised as or attached to benign files.
Millions of people opened an email that said "I love you" even though it came from business associates that they barely knew. Millions of people opened what they thought was an image of tennis star Anna Kournikova. And, as we know, millions of people infected their computers, their networks, and their friends' computers with these viruses, which when activated mailed themselves to many of the contacts listed in the infected computers' address books.
Some attachment files, like plain text messages and simple images, are inherently safe. Other files, like binary executables, are inherently suspect. Still others might be safe, if certain easily detectable elements are absent, like an Excel spreadsheet without any macros. Zip files and other archives are themselves safe, but might contain other unsafe files.
Windows users and the operating system have traditionally distinguished file types by their extension: a file called ReadMe.txt is a plain text file that can be read in Notepad, while a file called ReadMe.doc is a Word document. Email and Web browsers also have the concept of a MIME type for files, and some applications and services "sniff" the content of files to determine the type of content they hold.
Microsoft Outlook increased its protection from email viruses once Outlook implemented attachment blocking as an internal function. Microsoft is now bringing this same kind of protection to Outlook Express, Windows Messenger, and other messaging applications, using a new system service for managing attachments. In the future, Outlook will use this system service rather than relying on its own internal methods for identifying safe and unsafe attachments.


----------



## mail2and (Jul 17, 2004)

lol i can get u 1000's of regd activated keys lol


----------



## VD17 (Jul 17, 2004)

hey it says "OEM" in mine instead of 640


----------



## IG (Jul 18, 2004)

i hate u leech


----------



## leech (Jul 18, 2004)

Attachment Execution Service (AES)
Windows XP Service Pack 2 introduces the new Attachment Execution Service (AES) to control the viewing and execution of files attached to messages. AES has a COM interface that is in turn used by other programs, such as Outlook Express.


AES looks at a file and determines whether it is safe to view or execute based on several criteria. First, it looks at the file extension. It knows it can trust text files (.TXT), JPEG images (.JPG), and GIF images (.GIF). It can look up the associated application for a given MIME type and file extension, and make sure the two are consistent. It can decide whether a given association is safe or dangerous, based on a list. It can make sure that an antivirus is active and up-to-date before allowing the user to view or run unsafe files. It can also check the current security zone of the message source to control its policy.

AES in Outlook Express and Windows Messenger
When Outlook Express opens an email that has an attachment, it now calls AES to determine if the attachment is safe. If the attachment is clearly safe, it will be completely available to the user. Safe images will be displayed, and safe attached plain text files will show as available attachments.


If the attachment is clearly unsafe, like a binary executable, it will be blocked: the user will not be able to open it at all, but will see a notice of the blockage. If the attachment might be safe and might be dangerous, the user will see a warning prompt when attempting to drag, save, open, or print the file. If the user accepts the option, the file will be handled in a way that is guaranteed to trigger any active antivirus program.
Windows Messenger uses similar logic and identical dialogs for handling file attachments. The one major difference is that email attachments are normally downloaded without any intervention by the user, while instant messaging attachments normally require the recipient's permission before they can be sent.

HTML Content Blocking in Outlook Express
One technique that spammers and viruses use to target active email users is to include external content, such as images, in HTML email. When the email calls out to the Web site that hosts the image, the "hit" can be recorded by the Web server and used to identify the recipient.


To preserve the user's privacy and prevent future attacks, Outlook Express now blocks external images and other external content in HTML mode. This option can be globally disabled by the user, and when the option is active the user can load the blocked external content for an email message with one mouse click.
As we will see, running binary behaviors, which use a specialized kind of COM interface that is a feature of Internet Explorer, has been disabled in the Restricted Sites zone by default. Outlook Express runs its HTML email using the rules of the Restricted Sites zone by default, although that can be configured by the user.
However, Outlook Express has now restricted binary behaviors. There is no legitimate reason for an email to use binary behaviors, so from Service Pack 2 onwards Outlook Express will never allow them.
As an additional safety measure, when the user sets Outlook Express to read all messages in plain text, Outlook Express uses the less complicated rich edit control instead of the more complicated HTML browser control (mshtml) from Internet Explorer. This choice presents no disadvantages to the end user, while offering a reduced surface to attackers. There are also another dozen areas in Outlook Express where tightened security has been obtained without affecting users. 

More Secure Browsing
In the past, add-ons to Internet Explorer – ActiveX controls, browser extensions, and toolbars – could sometimes become a problem. While many add-ons are useful, some can be unwanted or cause crashes. For example, several advertising comÂ¬panies use add-ons to cause their own pop-up advertisements to display when the user views a Web page with related content.



The new version of Internet Explorer in Windows XP SP 2 includes add-on management and crash detection. Add-on Management allows users to view and control the list of add-ons that can be loaded by Internet Explorer. It also shows the presence of some add-ons that were previously not shown and could be very difficult to detect. 
Add-on Crash Detection attempts to detect crashes in Internet Explorer that are related to an add-on, and gives the user the option to disable add-ons. In addition, administrators can now apply policies about allowed add-ons across an enterprise.
Internet Explorer has supported binary behaviors since version 5. A binary behavior is a component that supports two special COM interfaces that Internet Explorer will recognize and use. A binary behavior can add even more functionality to Internet Explorer than can be accomplished with scripts. In the version of Internet Explorer shipped with Windows XP SP2, there is a way to better control binary behavior security. 
Binary behaviors are now disabled in the Restricted Sites zone by default. Since HTML-formatted e-mail is rendered in the Restricted Sites zone by default in most e-mail readers, e-mail is now less vulnerable to viruses and worms based on binary behaviors.
When Internet Explorer opens a Web page, it places restrictions on what the page can do, based on the location of the Web page. For example, Web pages that are located on the Internet might not be able to perform some operations, such as accessing information from the local hard drive. 
On the other hand, Web pages on the local computer are in the Local Machine zone, where they have the fewest security restrictions. The Local Machine zone is an Internet Explorer security zone, but is not displayed in the settings for Internet Explorer. The Local Machine zone allows Web content to run with fewer restrictions. Unfortunately, attackers also try to take advantage of the Local Machine zone to elevate their privileges and compromise a computer.
In Windows XP Service Pack 2, all local files and content that is processed by Internet Explorer has the security of the Local Machine zone applied to it. This differs from previous versions, where local content was considered to be secure and had no zone-based security was placed on it.
This feature dramatically restricts HTML in the Local Machine zone and HTML that is hosted in Internet Explorer. This helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code. 
ActiveX script in local HTML pages that are viewed inside of Internet Explorer no longer runs. Script in local HTML pages viewed inside of Internet Explorer now prompts the user for permission to run. Administrators and developers who have scripts that need to run in local HTML pages should read about this issue in:
*msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp 



As discussed in the context of attachments to messages, files types can be identified in many ways, including "sniffing" the contents for recognizable internal bit signatures. When files are served to the client, Internet Explorer uses the following pieces of information to decide how to handle the file:
•	File name extension
•	Content-Type from the HTTP header (MIME type)
•	Content-Disposition from the HTTP header
•	Results of the MIME sniff 





In Windows XP Service Pack 2, Internet Explorer requires that all file-type information that is provided by Web servers is consistent. For example, if the MIME type of a file is “text/plain” but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving the file in the Internet Explorer cache and changes its extension. (In a MIME sniff, Internet Explorer examines, or sniffs, a file to recognize the bit signatures of certain types of files.)
We also discussed the Attachment Execution Service (AES) in the context of email attachments and files transferred via instant messaging applications. Internet Explorer uses AES to check downloaded files for safety, and to display dialogs to the user when permission is needed. The AES dialogs give the user more information and guidance than were available in previous versions of Windows and Internet Explorer. In addition to showing the source, type and size of a downloaded file, AES shows the user the publisher of executable software being installed, and issues a strong warning about software from an unknown source.
In an attempt to grab the user's attention for advertising, many Web sites display ads in pop-up or pop-under browser Windows. Several third-party pop-up blockers have been offered to help lessen this annoyance for users, but some of these pop-up blockers have caused problems of their own. The new Pop-up Manager in Internet Explorer blocks most unwanted pop-up windows from appearing. Pop-up windows that are launched when the end user clicks a link will not be blocked. End users and IT administrators can let specific domains launch programmatic pop-up windows.
The new version of Internet Explorer has another dozen security improvements, most of which do not affect users in normal circumstances. A few of these are better security for ActiveX controls and other scriptable objects, fewer possibilities for buffer overruns, better protection against windows placed on top of other windows, and better protection against windows placed off-screen.

Improved Computer Maintenance
A number of new features in Windows XP Service Pack 2 make it easier for users to maintain their computers. Updates are automatic, patches are smaller and can be removed, and there is a centralized user interface for all security-related maintenance.

Windows Update 5
Windows XP Service Pack 2 uses a new version of the Windows Update Web site, and simplified options for automatic updating. The Express Install option on the Windows Update 5 site lets the user quickly scan for, download, and install only the critical and security updates his computer needs.



The Automatic Updates control panel allows the user to update the computer automatically at scheduled times, which makes maintenÂ¬ance a set-and-forget activity. Users can also choose to download updates automatically but not install them, just get notification of update availability, or handle updates manually.



In addition, a new option is provided in the Turn off computer interface as shown below. When updates requiring a reboot have been downloaded to the machine by Automatic Updates but have not been installed, this prompt is provided when performing a manual shut down. This helps ensure the updates can be installed when it is most convenient. 




Windows Installer 3
The Windows Installer service defines and manages a standard format for application setup, installation, and upgrades. It tracks components such as groups of files, registry entries, and shortcuts. Windows Installer is a system-resident installation service that provides consistent deployment, enabling administrators and users to manage shared resources, customize installation processes, make decisions on application usage, and resolve configuration problems. Windows Installer 3.0 is a new version of the service that is included in Windows XP Service Pack 2.
Windows Installer 3.0 has enhanced inventory functions that identify what patch components do and don't need to be downloaded, and supports Microsoft's delta compression technology, which makes patches smaller. Windows Installer 3.0 also supports more reliable patch removal.

Security Center
Note: After this introduction, take a closer look into the Windows Security Center later in this module.
Windows Security Center is the centralized place in Windows XP Service Pack 2 for users to learn anything about security and perform any security-related tasks. Security Center monitors the status of three major security functions: the firewall, automatic updates, and virus protection. If Security Center detects a problem with any of these, typically at boot time, it will display an icon and balloon message in the Windows taskbar notification area.
The prescription offered by Windows Security Center is to have an active firewall; to allow for daily, automatic updates of the Windows system; and to have an active antivirus with up-to-date signatures. The status of each of these prescription elements is displayed in Security Center as a stop light.



Security Center knows about Windows Firewall, and about several third-party firewalls. It knows about the most common antivirus solutions. It has an open interface that third-party antivirus and firewall vendors can use to allow Security Center to detect the presence of their software and report its status. Users can tell Security Center that they have an undetected third-party solution, or turn off notifications about specific security vulnerabilities that don't apply in their environment.

Summary
As you've seen, Windows XP Service Pack 2 addresses new challenges to the security of personal computers by making a number of basic improvements to the operating system. It reduces common attack vectors four ways: it protects the network, protects memory, handles e-mail more safely, and browses the Internet more securely. Service Pack 2 also makes it easier to keep the system up-to-date.
Network protection is provided by the Windows Firewall, improvements to the Distributed COM security infrastructure, and improvements to the Remote Procedure Call security infrastructure. Enhanced memory protection comes from support of execution protection on compatible CPUs, and "sandboxing" of the stack and heap on all CPUs.
Message handling is safer thanks to a new Attachment Execution Service, which is used by Outlook Express, Windows Messenger, and other email and instant messaging applications. Numerous improvements to Internet Explorer make browsing more secure and more stable.
In Windows XP Service Pack 2, updates can be fully automatic. Patches are smaller and can always be removed. And, finally, Windows Security Center provides a centralized user interface for all security-related maintenance.

Windows Security Center
Introduction
The Windows Security Center (WSC),  shows you the security status of your computer. It also displays any tasks that you need to perform in order to help keep your computer more secure. Specifically, the Security Center displays the status of and recommendations for the following: 
?	Firewall: Windows checks to make sure that your computer is protected by a firewall. A firewall helps protect your computer by preventing unauthorized users from gaining access to it through a network or the Internet. If no firewall is found on your computer, the Security Center provides recommendations for how to install one. 
?	Virus protection: Windows checks to make sure that your computer is using a full, up-to-date antivirus program. Antivirus software can help protect your computer against viruses and other security threats. If no antivirus program is found, or if your antivirus program is out of date or isn't running, the Security Center provides recommendations for fixing the problem. 
?	Automatic Updates: Windows checks to make sure that Automatic Updates is set up to download and install security and other important updates to your computer automatically. If Automatic Updates is turned off or not set up to best protect your computer, the Security Center provides recommendations for fixing it. 
When all three Security Center components are in a secure and up to date state, your system will be “green” – safe and no alerts appear.  If any of the three components are in a non-secure or undetectable state an icon appears in the icon tray, .  
The Security Center can also help you:
?	Find out about the latest viruses or other security threats. 
?	Scan your computer for viruses. 
?	Get customer support from Microsoft for a security-related issue.






Consumer and Small Business
The Windows Security Center (WSC) helps make sure that home and unmanaged small business end users continue to stay protected in four ways:
?	Clearly communicating the Microsoft consumer security prescription – use a firewall, use auto-update, and use antivirus software
?	Notifying when you might be vulnerable because you are not following that prescription
?	Making it very easy for you to mitigate that potential vulnerability
?	Making it easier for you to learn more and do more to protect your PC
To accomplish this there are two main components: the Windows Security Center and the Windows Security Center Risk Indicator.
The Risk Indicator tells you when Windows cannot detect that the computer is protected.  It communicates this to you through a flashing tray icon and through a notification dialog box when you log on,   This is triggered when:
?	A firewall is not protecting the PC – meaning Windows Firewall is not turned on or third party software or hardware firewall cannot be found or the software firewall is not enabled.
?	Auto-update is not turned on.
?	Antivirus software is not protecting the PC – meaning there is not up-to-date antivirus software on the system with “on-access” or “real-time” scanning turned on.
The Risk Indicator directs you to the main interfaces to address the potential vulnerability.
The key aspects of the Windows Security Center are:
?	Clearly states the status of your PC protection – through the heading and the color-scheme.
?	Makes it simple for you to see what issues you need to address and provides a single tool to go address them.  In the case of firewall and updates, the fix globally turns on Windows Firewall and turns on Automatic Update.  For Antivirus, if you have antivirus software present but it is out-of-date or on-access scanning is not enabled, a link is provided to the antivirus interface to address the issue.  Otherwise, you are linked to Microsoft.com to learn about obtaining antivirus software.
?	Through help content, addresses the biggest questions you may have about the protection technologies to make you more comfortable following the prescribed protection strategy.
?	Links to very important security resources on Microsoft.com.
First Run Behavior
Windows Security Center is automatically launched at first run (on update installs only—not on upgrade or clean install) for all users in the Administrators group regardless of the status of the firewall, antivirus, or automatic updates. 
As new users are created in (or added to) the Administrators group, the Security Center will launch as that user’s first run.
Entry Points
There are three shell entry points for Windows Security Center:
?	Start menu, Control Panel
?	Start menu, All Programs, Accessories, System Tools, Windows Security Center
?	If alert balloon and/or engine light tray icon is present, clicking on either.
Note: In Control Panel, if view option is set to Category View, you see Security Center as a category .  If view option is set to Classic View, you see Security Center as a control panel icon.



Enterprise
For enterprises, Security Center can be managed centrally via Active Directory Group Policy.  It will be turned off by default in domain environments. When it is disabled, the interface appears as shown below. 



If an administrator wants to enable the Security Center, they can configure the policy in Group Policy Editor under: Computer Configuration\Administrative Templates\Windows Components\Security Center. 


WSC interface
The WSC interface, has three sections:
?	Security Essentials
?	Manage Security Settings
?	Resources
Security Essentials
The Security Essentials section of WSC lists the status for your firewall, Windows Automatic Update, and for virus protection. The WSC  features the status items for a PC with disabled firewall, Automatic Updates on, and an unknown firewall.



For each item you can view its current status (for example: on, off, unknown, out of date), information about the item, and depending on the status a Recommendations button. 
 compare Automatic Updates to Firewall and Virus Protection. You will note the Recommendations button is not shown when the status of the item is ON but does appear when there is a potential security issue. For example,  a disabled firewall indicated in WSC, clicking the button opens the Recommendations dialog box for the firewall  where you can easily enable the firewall.


Manage Security Settings
This section provides an easy way to navigate to common security settings without having to know how to find them via other routes. These shortcuts to Internet Options, System, and Windows Firewall, open the corresponding dialog box.



Resources
The resources section of WSC, provide links to make it easier for you to keep up to date with the latest security information, Windows Update, support, WSC help, and manage WSC alerts (more on managing WSC alerts later).


Antivirus and Firewall Detection
Windows Security Center has a two-tiered approach for detection status; manual, and automatic - via WMI (Windows Management Interface). The manual detection approach searches for registry keys and files – identified by ISVs to Microsoft – to detect presence and status.  In the WMI model, ISVs determine their own product status and report that back to WSC via a WMI provider.  In both cases Windows Security Center is seeking to determine, for antivirus applications, if:  
?	AV is present.
?	Signatures are up to date.
?	Real time scanning (on access scanning) is turned on.  
Note: To learn more about WMI, please go to - *msdn.microsoft.com/library/en-us/dnanchor/html/anch_wmi.asp
If any three of the above are not valid you receive notification. Similarly, when no antivirus software is detected WSC alerts you “Windows did not find Antivirus software on this computer” from the icon tray and also shows a Not Found status in the essentials portion of the WSC as shown in . You can also receive notification when your signatures are not up to date.
Note:  The status architecture of some antivirus software is unique and may require an update for WSC to detect its presence. In some other cases WSC will detect presence only – with no status available.  These users will receive a “red alert” because Windows could not detect an up to date and turned on antivirus product even if one is present, turned on, and up to date.  Some example companies which may fall into this area include Symantec and Norton – watch for updates from these companies in the XPSP2 timeframe to resolve this issue.
You will NOT be required to select AV or FW software compliant with Windows Security Center. If you use software that is not detectable, you can follow prompts which alert WSC that you will monitor status on their own; this will result in a “yellow,” caution state, but no proactive messages.  
Note: For firewalls, WSC detects whether a third party firewall is installed, and if it is turned on or not along with similar notifications and alerts as you see with antivirus.
To specify that you are using antivirus software that Windows does not find.
When you use this procedure, the Security Center displays your Virus Protection setting as Unknown, and does not send you alerts.
Note: You can also use this procedure if Security Center is alerting you because it does not recognize signatures as up to date, even if you believe they are up to date.
1.	First, visit your antivirus vendor to download and install the latest version of the software and the most recent signatures. 
a.	Restart Windows and check the status in Security Center. 
b.	If Security Center does not recognize your software by continuing to display your Virus Protection setting as Unknown, proceed to the next step.
2.	To open the Security Center, click Start, click Control Panel, and then click Security Center. 
3.	In the Security Center, under Antivirus, click Recommendations.
4.	In the Recommendations dialog box for antivirus enable I have an antivirus program that I’ll monitor myself,  Click OK.
5.	Visit your antivirus vendor regularly to see if updates for software and signatures are available. 
Note: The Recommendations button is not available when your Antivirus setting is marked ON. 



To specify that you are using a firewall that Windows does not find:
When you use this procedure, the Security Center displays your Firewall setting as Unknown, and does not send you alerts. 
1.	To open the Security Center, click Start, click Control Panel, and then click Security Center. 
2.	In the Security Center, under Firewall, click Recommendations. 
3.	In the Recommendations dialog box, select the I have a firewall solution that I'll monitor myself check box, and then click OK. 
Note: The Recommendations button is not available when your Firewall setting is marked ON. 
Recommendation: If your computer is using a hardware firewall, you should still enable Windows Firewall or another software firewall.
Change Alert Settings
If you prefer not to be alerted about your status in any circumstance, there is an option to de-select any or all notifications for:
?	Firewall
?	Automatic Updates
?	Virus Protection
1.	In Security Center, click Change the way Security Center alerts me.
2.	Clear the item to disable alerts,  then click OK..


Windows Security Center in reduced mode via Group Policy
For PC in a domain, some of the security essential items may not make sense to display.  For example, a PC may be behind a corporate firewall or may be using corporate Windows Update.  WSC does not have special logic to detect environment configurations specific to PC in a domain, thus WSC prescription may be very likely inaccurate.
Therefore, for PC in a domain, WSC interface is switched to a “reduced mode”, as shown in   This reduced mode hides the Security Essentials of the interface and displays everything else.  The reduced mode also turns off all icon tray notifications.  The reduced mode also turns off WSC in first run. 
Note: When in reduced mode, the link in the left panel to change security center settings is disabled.


----------



## svenkat83 (Jul 18, 2004)

Good work.
How come you are sure about the release date when Microsoft is struggling to fix a date for release?
Anyways it will be good if they can keep their promise about August release.


----------



## Nemesis (Jul 18, 2004)

good work mate! but man pls post da link instead of da entire article here. it's irritating 2 scroll that much. hopefully it will release in august. they have already delayed longhorn till 2006.


----------



## leech (Jul 18, 2004)

mail2and - Good for you mate. How sure are you that they all will work

VD17 - I have given an explanation about why you got OEM in your product id.

IG - You are welcome mate. Eventhough I know not why you do



There are basically three versions of windows XP Professional 


Volume Licence ( Corporate Versions )( without needing activation) just CD KEY for coporate clients or business 

environments... is the best of all three types. Corporate versions are the Professional version for companies that need to 

install Pro on several hundred/thousand machines in which they buy the licenses for that many machines, and use one key to 

install them all.

RETAIL (activation needed) - This is the version that your would get in the market. It comes with the manual and full support 

from microsoft. If the person installed XP Pro on their system as a retail product, they won't have the OEM signature.


OEM (activation needed) - Original Equipment Manufacturer. It's the CD without the manual. The license is non-transferrable 

and technically Microsoft will not support that version. This is the version that companies like Dell, HP, IBM etc. would 

give out on their branded computers. These companies generally give out recovery cds with a predesigned OS and software and 

drivers already on it.

The setupp.ini on the windows XP CD in the i386 folder determines how the OS CD would project itself. That is; it will decide 

 if the CD is an  OEM or retail or VLK version? 

When you open the setupp.ini file from the i386 folder on the cd you will find some information like this...

[Pid]
ExtraData=707A667567736F696F697911AE7E05
Pid=55034000

or

[Pid]
ExtraData=796674736977656D7A622E385892A4
Pid=55274270

The Pid is what wer are going to be bothered about

Pid=55034000
or
Pid=55274270

These are special numbers that determine if it's a retail, oem, or volume license edition.

First, we break down that number into two parts.

  The first five digits determines how the CD will behave, ie is it a retail cd that lets you clean install or upgrade, or an 

oem cd that only lets you perform a clean install


   The last three digits determines what CD key it will accept. That is OEM keys or retail keys.

This is how the Pid would make sence ( I am just separating the numbers - there is no space between the numbers actually)
Retail = 51882 335
Volume License = 51883 270 or 55274 270
OEM = 82503 OEM or 55274 OEM
Upgrade CD  = 55034 000

So if you change the format in a way that you have a retail cd and it should take oem keys then 

the Pid would be 51882OEM

This would only allow you to enter a key of a different version. But it will not allow you to bypass the activation screen. 

What i mean is if you think that you can use the 270 (VLK) number on a retail cd and bypass the activation you are wrong.


Now when you see the Product ID in the system properties screen you may see something like this

55274-640-xxxxxxx-xxxxx

or 

55274-641-xxxxxxx-xxxxx

or 

55274-642-xxxxxxx-xxxxx

or 

55274-OEM-xxxxxxx-xxxxx

or

82503-OEM-xxxxxxx-xxxxx

or something in that fashion


Here the Product ID can be divided into parts. We are going to look at the first two sequence of numbers

Microsoft Product code - This is the first 5 digits of the Product ID. It defines the type of CD. If you have a corporate or 

Volume Licensed (VLK) type of cd it would generally have 55274 ( As in most cases i have seen ). 

Channel ID - The next sequence of three numbers that you see is called the Channel ID. Usually the channel ID for volume 

license is 640. The channel id generally defines the industry to which the copy was sold. This can change from industry to 

industry. For example the schools can have 641 and coporate giants can have something like 642 and so on....

Here are some of the numbers you may come accross.

000 - Retail upgrade version

OEM - Original Equipment Manufacturer type. Sometimes you may have a problem with this as the SP2 may not accept the OEM 

version. Hope you are one of the lucky ones.... 

640 - 641 - 642 etc  - Corporate versions ( This is what the warez market targets, possible you will find all pirated version 

haveing these. But even in these some PID's are blacklisted by Microsoft and Windows update will not allow you to updated you 

computer. Access to Windows Update is likewise reserved for licensed users. Windows Update determines eligibility for access 

to its service by checking that the product key used to install Windows XP is valid and was manufactured by Microsoft. When a 

user visits the Windows Update website, two pieces of information are transmitted to Windows Update: the product ID and a 

hash value of the product key used to install Windows XP. (A hash value is a one-way mathematical transformation. This value 

is transmitted in lieu of the entire product key to safeguard privacy and security.) Windows Update compares the product key 

hash value and the product ID to a list of valid, Microsoft-manufactured product keys. Because this list is very largeâ€”about 

1 billion valuesâ€”the information must be validated on the Microsoft side. Once Windows Update validates the transmitted 

product key hash value and product ID, it discards the information. Neither the product key hash value nor the product ID are 

stored by Windows Update, and no personally identifiable information is required to access Windows Update. )

335 - Full retail install



So if you have a product key something like this


55274-640-xxxxxxx-xxxxx

or 

55274-641-xxxxxxx-xxxxx

or 

55274-642-xxxxxxx-xxxxx

or 

55274-OEM-xxxxxxx-xxxx

you just might be lucky.....


----------



## leech (Jul 18, 2004)

```
[quote]
Good work. 
How come you are sure about the release date when Microsoft is struggling to fix a date for release? 
Anyways it will be good if they can keep their promise about August release.
[/quote]

 Well!!!! svenkat83 about the release, lets just say that it is something that I should know and it is upto you wait and see or find out. heeeee heeeee. But the date is 95% correct unless something real nutty happens.
```



```
[quote]
good work mate! but man pls post da link instead of da entire article here. it's irritating 2 scroll that much. hopefully it will release in august. they have already delayed longhorn till 2006.
[/quote]

 Thanks Nemesis. Well I would have loved to give you the link for the web page ( if there was one ). Right now i just got it on my comp and what you have seen on this forum is just 10% of the whole thing which I felt was necessary. The other thing i would like to advise you on is about longhorn..... well dont be so eager for the final release cause Microsoft is planning to incorporate the Trusted computing bit and believe me if what I know about trusted computing is right, I am better off with windows XP --- or if worse come worse I will move to MAC or Linux. Once again sorry for having you scroll all the way up and down...
```

Hey by the way I really think that the digit forum loads very slowly for some reason. All the other forums that I access load in a jiffy. I think that the forum is really slow. Anyone who knows why??????


----------



## IG (Jul 18, 2004)

@leech : had something to do with something posted dude....sorry bout it...


----------



## leech (Jul 18, 2004)

no problems IG


----------



## Nemesis (Jul 18, 2004)

ok now i have an oem version on my dell system. does that mean that i will problems installing sp2? coz sp1 installed without any issues.


----------



## gramesh (Jul 18, 2004)

mine too reads OEM?


----------



## leech (Jul 19, 2004)

Nemesis said:
			
		

> ok now i have an oem version on my dell system. does that mean that i will problems installing sp2? coz sp1 installed without any issues.



hopefully you should not. Cause you have got the OS from Dell itself and you have activated it by yourself. Incase it is not the version that came from dell you may have some problems.

As of now SP2 is real buggy and you will have a lot of problems with windows update not recognising you as the admin and various other things. That should get sorted out by August. 

SP1 did not have much issues as what SP2 will bring up. People will be surprised to see that SP1 installed fine but SP2 creates havoc. 

Incase you do have problems then (DELL's research team would have researched atleast 10 days before the release date of SP2 ) call dell  about the problems and they will surely sort it out for you.


----------



## IG (Jul 19, 2004)

i got a pid with 55274-642 installed.....does this mean that i will have problems or not??!!


----------



## leech (Jul 19, 2004)

IG said:
			
		

> i got a pid with 55274-642 installed.....does this mean that i will have problems or not??!!



Microsoft has blacklisted a set of PID's... so you may get a problem



What i suggest is to check is if the windows update works. if you dont get any problem when using the windows update v5 (SP2 version). Then you are cool with SP2.

You got a corporate version  and most of the 642 ones are blacklisted. check the update and see if you have a problem.


----------



## Nemesis (Jul 19, 2004)

it's the same 1 that came with my system. xp was pre-activated-i dont need 2 activate it even if i do a clean install.


----------



## VD17 (Jul 19, 2004)

Leech: what were you saying about Microsoft's Trusting Computing??? why is it that so bad???
and secondly, my XP activation got exhausted.... did the mistake of installing it in someone else's computer and when i tried to activate it said "The number of activations of this product key has exceeded its limit". any work arounds? guess i'll have to call MS the next time i activate....


----------



## nipun_the_gr8 (Jul 19, 2004)

I use win Xp Pro.Before win 98 was installed as OEM.I am usin' an IBM PC & (as mentioned above) my Windows Update wrks fine.Will i be able to install win xp sp2 without any prblms?


----------



## theraven (Jul 19, 2004)

as long as u have a licensed copy ... u wont have any problems for future microsoft updates
and since ur os came with a branded pc .. im pretty sure its licensed


----------



## Thor (Jul 19, 2004)

And as 4 ur missing Avatar, upload the image to www.imageshack.us [Free ] and paste the link.


----------



## leech (Jul 20, 2004)

nipun_the_gr8 said:
			
		

> I use win Xp Pro.Before win 98 was installed as OEM.I am usin' an IBM PC & (as mentioned above) my Windows Update wrks fine.Will i be able to install win xp sp2 without any prblms?



If you have done a legal update then you may be lucky. if not - i can just say hope that your luck is good enough


----------



## leech (Jul 20, 2004)

VD17 said:
			
		

> Leech: what were you saying about Microsoft's Trusting Computing??? why is it that so bad???
> and secondly, my XP activation got exhausted.... did the mistake of installing it in someone else's computer and when i tried to activate it said "The number of activations of this product key has exceeded its limit". any work arounds? guess i'll have to call MS the next time i activate....



Check this post of mine and you will understand
*www.thinkdigit.com/forum/viewtopic.php?t=4792


----------



## srj (Jul 20, 2004)

JAK said:
			
		

> VD17 said:
> 
> 
> 
> ...





Hey DUDE i am no less i got original win home edition from my friend but he was not ready to give me the key for activation so i crackedwhole of win xp home hahahahahah!@!!!!!!!!!!!!!!!!!!!!1     
Reply


----------



## leech (Jul 20, 2004)

OK all you naughty boys who have cracked their windows xp. here is some news for you... it worked with sp1 - very difficult with service pack 2.

Ok all those who say that they have the corporate version.... here is some bad news for you who all have got a key generator and activator..... There is just 1 in a Trillion chance that you will get the right key for windows xp pro corp that will be excepted by the windows update site.... the good thing for you naughty boys is that there is 80% chance that you will  be able to install the service pack and get it to work fine. you just cant update it only. Only registered VLK will work.......

Hope this clears out everything.... So good luck to all....


----------



## nipun_the_gr8 (Jul 21, 2004)

Hey ! The windows xp SP1 was not installing.I had to change the key usin' Mr.Dude's XP CD Key Changer and installed it.Now will i be able to install win xp sp2 ???


----------



## leech (Jul 22, 2004)

see if you are able to update it using the windows updater and we'll know who won Microsoft or you...........


----------



## VD17 (Jul 22, 2004)

lol....


----------



## nipun_the_gr8 (Jul 22, 2004)

Hey ! the 2nd part of the registered to in the system properties reads 644.So any gusses that will i be able to install win xp sp2 on my pc or not?


----------



## guru (Jul 22, 2004)

Microsoft is adopting all the measure to stop u all guys.  lol
but i think a way wil be founded by the time sp2 releases


----------



## Guest (Jul 23, 2004)

hey i just downloaded sp1a but it is not working .. msg appears that product key used to install windows is not valid ..  but i can download windows update from microsoft . what could b the  rong ?

i have product id as 55274-640-


----------



## Guest (Jul 23, 2004)

leech darling tell something


----------



## svenkat83 (Jul 24, 2004)

nik_for_you said:
			
		

> leech darling tell something



Nothing wrong.It just happens to be that your OS is pirated.


----------



## Guest (Jul 24, 2004)

got it .


----------



## leech (Jul 26, 2004)

nik_for_you said:
			
		

> hey i just downloaded sp1a but it is not working .. msg appears that product key used to install windows is not valid ..  but i can download windows update from microsoft . what could b the  rong ?
> 
> i have product id as 55274-640-



Oh sorry!!!!!!! I was out for some days...

well you do have a corporate version of the OS but you dont have the right key...... So in other words pirated.... heeeeeee heeeee... so you know what to do na!!!


----------



## Guest (Jul 26, 2004)

i wont say lie ..


----------



## spykids_666 (Aug 1, 2004)

*TO ALL OF YOU*

I ALREADY GOT THE XP SP2. DONT BELIEVE ME. 
DOWNLOAD IT FROM THE MICROSOFT'S SITE. AND CHECK THE VERSIONS.
MINE IS WINDOWS XP VERSION 2002 SERVICE PACK2, V 2096

IT HAS EVEN GOT A PROBLEM
THE PINNACLE STR TV TUNNER CARD DOES NOT WORK WITH IT. U WILL HAVE TO DOWNLOAD THE PATH FROM THE PINNACLE SITE. (WHEN THEY INTRODUCE THE PATCH.)


----------



## JAK (Aug 1, 2004)

leech said:
			
		

> OK all you naughty boys who have cracked their windows xp. here is some news for you... it worked with sp1 - very difficult with service pack 2.
> 
> Ok all those who say that they have the corporate version.... here is some bad news for you who all have got a key generator and activator..... There is just 1 in a Trillion chance that you will get the right key for windows xp pro corp that will be excepted by the windows update site.... the good thing for you naughty boys is that there is 80% chance that you will  be able to install the service pack and get it to work fine. you just cant update it only. Only registered VLK will work.......
> 
> Hope this clears out everything.... So good luck to all....



well guess what I am The one in a trillion...  

Even the winupdate V5  site thinks my XP is geniune...lol...


----------



## it_waaznt_me (Aug 2, 2004)

Hmmm... Me too ..  .. that makes it Two in a trillion ..


----------



## leech (Aug 2, 2004)

*Re: TO ALL OF YOU*

the latest version is version 2149. you will have a lot of problems with softwares using DCOM or any thing to do with active x and java



			
				spykids_666 said:
			
		

> I ALREADY GOT THE XP SP2. DONT BELIEVE ME.
> DOWNLOAD IT FROM THE MICROSOFT'S SITE. AND CHECK THE VERSIONS.
> MINE IS WINDOWS XP VERSION 2002 SERVICE PACK2, V 2096
> 
> ...


----------



## leech (Aug 2, 2004)

JAK and it_waaznt_me .... I suppose you got your hands on a VLK that is why it works.... lucky guys. good for you


----------



## JAK (Aug 2, 2004)

*Re: TO ALL OF YOU*



			
				leech said:
			
		

> spykids_666 said:
> 
> 
> 
> ...



Nope dude The current version is 2162..released  ......16 july 2004 If I aint wrong..

I posted a link to it some where in our forum.....try n search for it 

EDIT: Here is the link

```
*www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/xpsp2_87d7723739e44a7704cf075ea00107639a5a496b.exe
```

Refer
*www.thinkdigit.com/forum/viewtopic.php?t=4594&postdays=0&postorder=asc&start=15


----------



## it_waaznt_me (Aug 3, 2004)

Heck Jak posted before me ..
2162 is alright .. somewhat more stable ..
Any idea which one is included with Digit's DVD this month ..?


----------



## leech (Aug 3, 2004)

oops forgot to update it. by the way the release date is about to change. will update you all as soon as possible. last i saw on paper was August 10th


----------



## VD17 (Aug 5, 2004)

Hey i successfully installed SP2 RC2 on my OEM... runs without any probs.


----------



## leech (Aug 5, 2004)

good for you mate.


----------



## VD17 (Aug 5, 2004)

heh heh... thanks...


----------



## leech (Aug 9, 2004)

Symantec Norton product update for WindowsÂ® XP Service Pack 2 

Situation:
You would like more information regarding the WindowsÂ® XP Service Pack 2 release from Microsoft and whether your Symantec Norton products are compatible with Service Pack 2.

Solution:
WindowsÂ® XP Service Pack 2 (SP2) is a major security-focused operating system upgrade that includes an enhanced Windows firewall and a utility (Windows Security Center) that monitors the state of your computer's security.

Symantec will release a product update to provide native support for the Windows Security Center status utility found in SP2. This update will be available worldwide over the coming weeks and will enable Symantec products to communicate their status to the Windows Security Center utility. 

Symantec encourages its customers to install the product update prior to installing SP2 in order to avoid incorrect reporting from Windows Security Center. Symantecâ€™s consumer customers will receive notification from their Norton product when the update is available. Consumers will be able to download the SP2 product update by clicking the LiveUpdate icon found in their Norton security software.

The SP2 product update for English versions of Norton products will be available beginning August 10, 2004. At that time, Symantec will provide detailed information about SP2 and compatibility with Norton products, including frequently asked questions (FAQs) and support documentation. Please check back to *service.symantec.com/xpinfo on August 10, 2004.


----------



## leech (Aug 10, 2004)

Windows XP SP2 Key Dates 

August 9, 2004 - Network install package on Microsoft.com for  IT Professionals Developers 

August 10th 2004 - Release of English Windows XP SP2 through Automatic Update (AU). Available for people who have previously installed pre-release versions of SP2 

August 14th 2004 - Release thru Automatic Updates to all - only 25000 download allowed in a day 

August 10 and August 25, 2004 - For business customers 


August 25th 2004 - full end user avaliability


----------



## mariner (Aug 13, 2004)

hey mine shows 

system
microsoft windows xp 
professional
version 2002
service pack2,v.2149

and the pid is 
55274-644

i got it installed a coupla days back and i m getting updates

now after reading ur article it seems that it shud not get ne updates.

then how am i getting them ?


----------



## mahidhar (Aug 13, 2004)

yeah its true.

Before installing sp2 i couldnt download update from windows Update (v5) site. But after installing sp2 i am able to download updates. i haven even changed my key.


----------



## mariner (Aug 13, 2004)

well i m still confused and awaiting a response from leech


----------



## Moin (Aug 14, 2004)

leech said:
			
		

> The warez keys that allow you to install XP SP2 are ones with the the PID (Product ID) of xxxxx-640-xxxxxxx-xxxxx
> 
> the easiest way to check your computers is by pressing the Windows Key + Break.
> 
> In the System Properties window that appears look down to the Registered to: section, if the second group of 3 numbers reads anything other than 640 then SP2 will lock you out. If it reads 640 then you are safe.


Hey Leech. I know my friend with this kind of PID but SP2 is denied on that system. I think its the one that is blacklisted.


----------



## mariner (Aug 14, 2004)

and today i get msg from my windows update that sp2 is ready for installation but i already have sp2 installed.
  ???????


----------



## leech (Aug 17, 2004)

mariner said:
			
		

> hey mine shows
> 
> system
> microsoft windows xp
> ...




well i never said that you WONT get updates. if you are the lucky one and with the right key you will certainly get the updates. if SP2 works fine for you be happy mate.

Also i think you still got the prelease version of SP2. If you read my article you will know that the release date for the full version is somewhere around 25th Aug. Also make sure you uninstall the older version before you install the latest one..... cause you are only wasting space on your driver mate.


----------



## leech (Aug 17, 2004)

mahidhar said:
			
		

> yeah its true.
> 
> Before installing sp2 i couldnt download update from windows Update (v5) site. But after installing sp2 i am able to download updates. i haven even changed my key.



 i think that you has corruption with your administrative previliges and that was why you were getting the problem with SP1...

SP2 corrected the issue by putting the windows update site under the trusted zone and also it reset the permission for windows update in the registry.


----------



## leech (Aug 17, 2004)

Moin said:
			
		

> leech said:
> 
> 
> 
> ...




you are safe only until you got the right product key... now that is the tough part


----------

