Windows Server 2003 & Windows XP x64 Service Pack 2Technical OverviewPublished November 16, 2006 Updated January 25, 2011
Windows Server 2003 Service Pack 2 (SP2) delivers on Microsoft’s Trustworthy Computing initiative and illustrates Microsoft’s commitment to continually create software products with enhanced security, increased reliability, and simplified administration. Windows Server 2003 SP2 builds upon the impressive track record of the award-winning Windows Server 2003 operating system by introducing numerous refinements in addition to supplying cumulative system updates. Deploying SP2 will help enterprises across all industries and segments enhance security, increase reliability, and simplify administration through guided attack surface reduction. On This Page
Service Pack OverviewMicrosoft is committed to creating software solutions that enhance the security, reliability, and productivity of enterprise IT resources. In today’s business environment, IT security is paramount—businesses and consumers share an increasing amount of sensitive data and rely upon the communication of data for work and business. While robust IT security is intrinsically valuable, a well-secured infrastructure can also improve server reliability to meet the ever increasing demands of commerce and industry. Furthernore, the reliability improvements resulting from a properly secured infrastructure adds to administrator productivity. Windows Server 2003 SP2 is a collection of updates and security enhancements to the Windows Server 2003 operating system that meets all three of these needs by addressing the primary challenge in ongoing customer security: update management. Windows Server 2003 Service Pack 2 is available either as a standalone update for installation on an existing server running Windows Server 2003 or as an integrated installation with the operating system. The integrated version of Windows Server 2003 SP2 ships with two CDs; one containing Windows Server 2003 with SP1 integrated, and the other containing the Windows Server 2003 Release 2 components. The standalone Service Pack 2 update is available as a download on Microsoft Download Center and Windows Update. Alternatively, the standalone update may be ordered on CD. For information about how to upgrade your specific server operating system to SP2, refer to the Supported Scenarios table. SP2 contains the latest collection of updates to help improve the security, reliability, and performance of the following operating systems:
Note Service Pack PrimerAs part of the effort to continually improve Microsoft software, updates and fixes are created and released for recognized issues. To simplify server deployment, many of these fixes are combined into a single package, called a service pack, which is made available for installation. Service packs are cumulative, meaning that each new service pack contains all the fixes that are included with previous service packs and any new fixes. Traditionally, service packs are simply a means of distributing product updates. While they deliver incremental feature additions, they typically contain updates to improve system reliability, security, stability and program compatibility. In line with this definition, Windows Server 2003 Service Pack 2 includes updates for improving customer experience with the product while containing a minimal set of value-added features to increase system performance and improve functionality. What Is in Service Pack 2?Service Pack 2 provides convenient, comprehensive access to the latest updates, enhancements, and new features for Windows Server 2003. Each of these components allows customers to better leverage the enhanced security, reliability, and performance of Windows Server 2003. UpdatesUpdate management is one of the great challenges of computer security. Despite the challenges of update management, updates will continue to play a vital role in securing enterprise IT until security technology can anticipate every attack strategy and compensate for every vulnerability. Frequent updating is key to keeping up with security problems as they are discovered. By cumulatively bundling these updates together in Service Pack 2, Microsoft provides customers with the latest protection for Windows Server 2003. In addition to the all previously released Security Bulletin Updates, Service Pack 2 installs all individual hotfixes released since Windows Server 2003 RTM and several key customer requested features and enhancements. New Features:
Enhancements to Existing FeaturesThe enhancements to Windows Server 2003 Service Pack 2 include:
Each of these key updates, enhancements, and new features provided with Windows Server 2003 SP2 will be covered in greater detail in the following sections. In addition, Windows Server 2003 Service Pack 2 supports 9 new localized languages for the Windows Server 2003 x64 SKUs. Why Should Organizations Deploy Service Pack 2?Service Pack 2 is a no-cost means for enterprises to enhance Windows Server 2003. Service Pack 2 addresses known vulnerabilities in Windows Server 2003 and adds to its capabilities to meet the complementary features to enhance its security, reliability, and performance. While Windows Server 2003 Service Pack 1 introduced some major changes requiring significant application testing and introduced a few compatibility issues, Service Pack 2 is considered a standard Microsoft Service Pack that aims to introduce minimal feature/functionality changes to the system while improving the overall experience of the user with Windows Server 2003 OS. This service pack contains all previously released Security Bulletin Updates, installs all individual hotfixes released since Windows Server 2003 RTM, and provides fixes to increase reliability, robustness, and security. Service Pack 2 also contains several key customer requested features. Windows Server 2003 Service Pack 2 is especially important for organizations planning on testing and deploying Windows Vista and Windows Server “Longhorn.” SP2 contains important enhancements to support the deployment and management of Windows Vista and Windows Server 2003 SP2. System RequirementsIn general, system requirements for Windows Server 2003 with Service Pack 2 are the same as the general Windows Server 2003 system requirements listed below.
Supported ScenariosThe Windows Server 2003 Service Pack 2 CD set contains three CDs that support most upgrade scenarios.
The following table lists the supported update paths to Windows Server 2003 Service Pack 2.
Support Matrix
*Korean Fair Trade Commission Edition see knowledge base article KB923408; http://support.microsoft.com/kb/923408 Release Distribution Matrix
Technical OverviewWindows Server 2003 Service Pack 2 is a combination of security updates, functionality updates, and new features. Service Pack 2 contains all the Windows Server 2003 security bulletin updates and individual hotfixes released since the initial RTM version of the operating system. The subsequent sections explore the new features of Service Pack 2 and enhancements to existing features in greater technical detail. New Features Included with Service Pack 2Microsoft is taking the opportunity afforded by the release of Service Pack 2 to introduce new functionality to Windows Server 2003. Scalable Networking PackOrganizations have seen rapid growth of traffic on internal and external networks. The traffic growth is spurred, at least in part, by network-based business applications, network-based storage and backup solutions, and ever increasing use of rich-media, including video conferencing, audio and/or video presentations, and a spectrum of other high-value solutions. Deployment of Fast Ethernet, Gigabit Ethernet, and multi-Gigabit Ethernet, expands available bandwidth to accommodate the growth in network traffic, but the faster the network, the greater the load on the servers that must interact with it. This provides a growing challenge to support faster networking. Microsoft Windows Server 2003 SP2 includes the Scalable Networking Pack which helps resolve the challenge of supporting the growth of network traffic without overloading CPU resources. The Scalable Networking Pack accomplishes this by providing support for networking technologies focused on eliminating operating system bottlenecks associated with network packet processing. The enhancements included in this easy to install package are:
The Microsoft Windows Server 2003 Scalable Networking Pack helps IT Professionals balance the needs of their customers with the capabilities of their existing infrastructure investments. The Scalable Networking Pack enables these IT Professionals to more confidently meet internal customer demands without having to re-architect network topology, change server configurations, or make time-consuming changes to existing applications and services. The Scalable Networking Pack gives IT Professionals flexibility in selecting the technologies that best fit their needs—and from the hardware vendors that they are already familiar with. As part of Microsoft’s Scalable Networking initiative, the Scalable Networking Pack lays the architectural foundation for future network scalability and performance innovations on Windows Server 2003, Windows Vista, and Windows Server “Longhorn.” XmlLiteThe XmlLite library allows developers to build high-performance XML-based applications, providing a high degree of interoperability with other applications that adhere to the XML 1.0 standard. The primary goals of XmlLite are ease of use, performance, and standards compliance. XmlLite works with any Windows language that can use dynamic link libraries (DLLs), but Microsoft recommends C++. XmlLite contains all necessary support files for use with C++, but if you want to use it with other languages, some additional work may be required. Microsoft delivers several XML parsers:
The following Document Object Model (DOM) implementations have built-in parsers:
XML can be used as a format for storing documents, such as Microsoft Office Word documents, and can also be used to encode data for marshalling method calls across machine boundaries (SOAP). Businesses can use XML for sending and receiving purchase orders and invoices. Web technologies can use XML to send data between the Web server and the client's Web browser. Database servers can return the data from queries in XML for further processing by other applications. Because it is such a flexible format, you can use XML in a vast variety of scenarios. Usage scenarios can be generally divided into two categories:
Since XmlLite focuses on performance, it is most appropriate in the second scenario. XmlLite enables developers to write efficient (fast) code to read and write XML documents. In most scenarios, XmlLite parses faster than either the DOM in MSXML or SAX2 in MSXML. Enhancements to Existing Windows Server 2003 FunctionalityWindows Deployment Services (WDS) Windows Server 2003 SP2 includes the updated and redesigned version of Remote Installation Services (RIS), now called Windows Deployment Services to help prepare organizations for the introduction of Windows Vista and Windows “Longhorn.” WDS provides for the storage, management, and deployment of images using the new Windows Image format, WIM. Windows Deployment Services provides several enhancements to the RIS feature set. These changes include the following:
Windows Deployment Services reduces total cost of ownership (TCO) and complexity of deployments by providing an end-to-end solution to deploy Windows operating systems to bare metal computers. WDS supports mixed environments including Microsoft Windows XP and Windows Server 2003. To help describe the level of functionality associated with the different possible configurations of Windows Deployment Services resulting from clean installs and RIS upgrades, the server operation and administration experience fall into one of three classifications, known as server modes. The Legacy Windows Deployment Services mode is functionally equivalent to that of Remote Installation Services; it is Windows Deployment Services binaries with RIS functionality. In this mode, only OSChooser will be present as the boot operating system. Therefore, only RISETUP and RIPREP images are supported. From a manageability standpoint, the new Windows Deployment Services Management tools will not be in use; instead, legacy RIS utilities will be the only way to manage the server. Legacy Windows Deployment Services mode can only exist on Windows Server 2003.
Windows Deployment Services Mixed-mode describes a server state where both OSChooser and Windows PE boot images are available. In this mode, access to the old image types of RISETUP and RIPREP will be possible through OSChooser. In addition, you can access the new WIM format through a Windows PE boot image (Windows Server "Longhorn" Windows PE boot image with the Windows Deployment Services client). From the client perspective, a boot menu will allow for selection into RIS or into Windows Server "Longhorn" Windows PE. From a manageability standpoint, an administrator can use legacy management tools to manage RISETUP and RIPREP images and use the new Windows Deployment Services management tools to manage all facets of the server as well as the WIM images. Windows Deployment Services Mixed mode can only exist on Windows Server 2003.
Windows Deployment Services Native mode describes a Windows Deployment Services Server with only Windows PE boot images. In this mode, OSChooser will not be present and WIM images are the only supported image type to be deployed to clients. Management of the server will occur from within the new Windows Deployment Services management utilities. Windows Deployment Services Native mode can exist on both Windows Server 2003 and Windows Server "Longhorn.” On Windows Server "Longhorn,” this is the only supported Windows Deployment Services Server mode.
The transition between server modes provides a clear migration path between the existing RIS functionality and the new dedicated Windows Deployment Services-only functionality that will exist in Windows Server "Longhorn.” The move from pure RIS functionality to Windows Deployment Services in Legacy mode (Windows Deployment Services binaries but with RIS-like functionality) occurs when an existing RIS server is upgraded to Windows Deployment Services bits. From this point, use of the Windows Deployment Services management tools (such as MMC or CLI) to initialize the server will result in a transition into Windows Deployment Services Mixed mode. The switch to native mode is completed when legacy image types are converted to WIM format and the OSChooser functionality is disabled (through the /forceNative command). Microsoft Management Console 3.0 (MMC 3.0) Microsoft Management Console 3.0 (MMC 3.0) is a framework that unifies and simplifies day-to-day system management tasks on Windows by providing common navigation, menus, toolbars, and workflow across diverse tools. You can use MMC tools (called snap-ins) to administer networks, computers, services, applications and other system components. MMC does not perform administrative functions, but hosts a variety of Windows and non-Microsoft snap-ins that do. Microsoft Management Console 3.0 reduces the cost of administering Windows-based applications by providing an easy-to-learn, consistent, and integrated console that hosts a variety of Windows and non-Microsoft administrative tools. For IT administrators, MMC 3.0 has better performance, reliability, and discoverability of context-sensitive actions. For developers, MMC 3.0 reduces the cost associated with developing snap-ins by requiring less code and design time to develop snap-ins. MMC 3.0 provides a framework for writing .NET-based snap-ins for managing applications. The .NET programming model simplifies snap-in development. As such, the writing of a snap-in in MMC 3.0 requires the authoring of significantly fewer lines of code. Fewer and more structured lines of code can contribute to simplified maintenance and easier debugging of snap-ins. The following table lists some of the improvements that make MMC 3.0 a richer development experience in comparison with its predecessor, MMC 2.0.
Wireless Protected Access 2 (WPA2) Microsoft released the Wireless Protected Access 2 update for Windows XP Service Pack 2 in April 2005. Service Pack 2 adds this functionality mainly for use with Windows XP x64 editions. Wireless Protected Access 2 enhances the wireless client software with support for the new Wi-Fi Alliance certification for wireless security. WPA2 makes it easier to connect to secure public spaces that are equipped with wireless Internet access, known as “Wi-Fi hotspots.” WPA2 is a product certification that is available through the Wi-Fi Alliance that certifies that wireless equipment is compatible with the IEEE 802.11i standard. The WPA2 product certification formally replaces Wired Equivalent Privacy (WEP) and the other security features of the original IEEE 802.11 standard. WPA2 certification supports the additional mandatory security features of the IEEE 802.11i standard that are not already included for products that support WPA. The Windows Server 2003 Service Pack 2 implementation of WPA2 supports the following features of the IEEE WPA2 standard:
Improved version of CACLS Tool ICACLS is an upgrade of the CACLS tool in Windows Server 2003 SP2 that you can use to reset the account control lists (ACL) on files from Recovery Console, and to back up ACLs. Unlike CACLS, ICACLS correctly propagates changes to and creation of inherited ACLs. Additional information on the uses and commands for ICACLS can be accessed by running “icacls /?” at the command prompt. Additional Enhancements to the Existing Features
Support for New ReleasesLocalized Language Support Service Pack 2 contains 9 new localized language support for Windows Server 2003 x64 SKUs. Without SP2, Windows Server 2003 only supports English and Japanese. New languages for Windows Server 2003 x64 include German, French, Korean, Chinese Traditional, Chinese Simplified, Spanish, Italian, Russian and, Portuguese (Brazilian). These language packs are not available for Windows XP Professional x64 Edition which will continue to be supported in only English and Japanese. Expanded Windows Server 2003 Datacenter SKUs With Windows Server 2003 Service Pack 2, three additional SKUs are available to Volume License customers. The Datacenter SKUs are:
Installing Windows Server 2003 Service Pack 2 Standalone VersionThis section provides information about the pre-installation tasks recommended before installation and a walk-through of the screens that appear during the setup of Windows Server 2003 Service Pack 2. Note: This procedure only applies to installing the standalone version of SP2 to existing windows Server 2003 Installations. For more detailed instructions on various deployment methods, refer to the release notes on the installation CD. Pre-installation Tasks
InstallationThe Software Update Installation Wizard for Windows Server 2003 Service Pack 2 guides customers through the installation process using familiar, easy-to-follow steps. The following images show this installation process as it appears to users. Figure 1. Service Pack 2 installation: initial screen. After accepting the license agreement, setup creates a backup of system files so you can uninstall the service pack if necessary. Figure 2. Service Pack 2 installation: backup. Software Update Installation Wizard displays its progress through the installation process. At this stage the installation wizard inspects the server configuration and installs files. Restart is required upon completion of installation. The installation wizard completes by giving customers the option to restart their computer later, if needed. Figure 3. Completing Service Pack 2 installation. SummaryWindows Server 2003 Service Pack 2 is a deliverable on Microsoft’s Trustworthy Computing initiative for the Windows Server 2003 operating system. SP2 illustrates Microsoft’s commitment to continually creating software products with enhanced security, increased reliability and simplified administration. Service Pack 2 delivers the cumulative system updates in one simple package and it introduces numerous refinements and new functionality including the Microsoft Management Console 3.0, Windows Deployment Services, and Wireless Protected Access 2. Customers performing new installations and those with existing deployments of Windows Server 2003 will benefit from these new features. Related LinksSee the following resources for further information: Supporting information also can be found for:
For the latest information about Windows Server 2003, see the Windows Server 2003 Web site at http://www.microsoft.com/windowsserver2003. Among the resources on the site are numerous technical articles describing technologies and features in Windows Server 2003. Link directly to the Technical Overviews page at http://www.microsoft.com/windowsserver2003/techinfo/overview. |