Microsoft announced recently that Service Pack 2 for Windows XP will be delayed until next year, possibly not arriving until summer 2004. The service pack will wrap up all the Windows XP security updates into a single package that can be delivered by CD to avoid lengthy downloads.
Microsoft’s decision is very, very wrongheaded. Paul Thurrott, columnist for Windows & .NET Magazine, describes why in his e-mail newsletter today:
”This heartfelt message is for the good people at Microsoft: Delaying Windows XP Service Pack 2 (SP2) to 2004–any time in 2004–is a mistake of epic proportions. Windows Update currently provides almost 100MB of updates the first time you turn on an XP SP1 box, and almost half of those updates are critical security updates. That situation isn’t too troublesome for customers who have broadband connections, but for most people (in other words, most of your customers–you know, the people you supposedly care so much about), 100Mb of code is an often-insurmountable amount to download and install. If you’re serious about making SP2 all about security and bug fixes, and if you’re serious about keeping your customers as safe and secure as possible, I strongly urge you to stop whatever other work the Windows client team is doing immediately and ship XP SP2 within the month. Then, adopt a schedule in which you deliver new Windows client service packs every 6 months on the nose and make CD-ROMs with those fixes available–for free–in major electronics stores such as Best Buy and CompUSA. If you don’t do this–and I suspect you won’t because you’re dead set to complete whatever silly long-term road map you’ve started–you will have undermined any remaining good will your customers still have toward you. Remember when you supposedly “stopped on a dime” and embraced the Internet? Why don’t you truly make a difference by stopping on a dime and embracing your customers with the security fixes they all desperately need? It’s almost too late.”