Forget Windows 7 Service Pack 1Forget Windows 7 Service Pack 1
If you have ever seen a survey about when consumers and companies plan to move to Windows 7, there's one choice you can count on being there: "After the first service pack." I suspect that many of the people who make that choice are simply saying they are really busy and just don't want to think about the whole disruptive OS migration thing right now.
October 28, 2009
If you have ever seen a survey about when consumers and companies plan to move to Windows 7, there's one choice you can count on being there: "After the first service pack." I suspect that many of the people who make that choice are simply saying they are really busy and just don't want to think about the whole disruptive OS migration thing right now.Does waiting for Windows 7 SP1 really make sense though? Perhaps the past can tell us something. You could go all the way back to XP SP1, but for gosh sakes it was released in September 2002! Microsoft's stock price is about the only thing that hasn't improved since then. Since Windows 7 is a closer relative to Vista and Vista SP1 was released in April 2008, that's probably a better point of comparison for this exercise.
There are generally three kinds of fixes that you'll find in service packs. The first are security patches, which are pretty much install-as-soon-as-possible in today's threat environment. Whether you wait for SP1 or not, you should be installing these. In many if not most cases, the Windows 7 security patch will have a doppelganger for Windows XP and/or Vista. In the patch hierarchy, next come optional updates. These are often available through Windows Update, but not automatically downloaded and/or installed like security patches. Finally come the fixes that you can only get pre-service-pack if you ask for them. Some of these are only available through Microsoft Product Support Services, and some eventually get their own Knowledgebase article describing what they fix and providing a download. These kind of fixes are usually made to fix very specific problems that have been reported, often just with specific applications or subsystems like this one with GDI+. Microsoft doesn't feel it's worth the risk to update the majority of systems that aren't affected and don't really need the patch -- every change has its risks. Waiting for the first service pack doesn't eliminate the need to install security patches; those will still need to be applied early and often, no matter which version of Windows you run. It's really the optional fixes that are in play here. Those fixes aren't even required unless your particular setup has the problem that is addressed by the fix. If you need the fix (or driver or certificate updates or whatever) then by all means install it. But it's not necessary to install them in many cases. Vista SP1 is particularly interesting because Microsoft issued a reliability and performance update for Vista SP1 just a couple of months after SP1 shipped. This term is a euphemism for the service pack's service pack. So had you waited the 18 months for the service pack and jumped right on it, you might have need to apply this post-SP1 fix anyway to get things working right. Like any set of far-reaching updates, Vista SP1 broke its share of apps as well. Looking at the recent history of service packs, it seems like waiting for the first (or second or third) one is no substitute for trying out patches and fixes with the applications and hardware in your own environment. Waiting is also no guarantee that your upgrade will be trouble-free. Problems crop up with service packs, and Microsoft is releasing non-security-related fixes and patches on a regular basis that are available for specific problems and situations. Given that the core of Windows 7 is more a refinement of Vista than the jarring XP-to-Vista bucket o' unfinished changes, waiting for Windows 7 SP1 doesn't seem necessary or useful.
About the Author(s)
You May Also Like
The Forrester Wave™: Vulnerability Risk Management, Q3 2023
Ultimate Guide to Building a Data Governance Program
Responsible data use: Navigating privacy in the information lifecycle
Checklist: 7 Essentials for Securing Modern Applications
Cyberthreats Racing Ahead of Your Defenses? Secure Networking Can Put a Stop to That