An Exciting Look At Windows XP SP3!

Not!

Here's what's included in Windows XP SP3;

New and Enhanced Functionality
Table describes some of the more significant changes in Windows XP SP3. With few exceptions, Microsoft is
not adding new features or functionality from newer versions of Windows to Windows XP through SP3. As
noted earlier, one exception is the addition of NAP to Windows XP to help organizations running Windows XP
to take advantage of new features in Windows Server 2008.
For a list of Knowledge Base articles that Windows XP SP3 addresses, see Knowledge Base article 936929.
Table .
New and Enhanced Functionality
Functionality Description
Networking
"Black Hole" Router
Detection
Windows XP SP3 includes improvements to black hole router detection
(detecting routers that are silently discarding packets), turning it on by
default.
Network Access
Protection (NAP)
NAP is a policy enforcement platform built into Windows Vista, Windows
Server 2008, and Windows XP SP3 with which you can better protect
network assets by enforcing compliance with system health requirements.
Using NAP, you can create customized health policies to validate
computer health before allowing access or communication; automatically
update compliant computers to ensure ongoing compliance; and optionally
confine noncompliant computers to a restricted network until they become
compliant. For more information about NAP, see Network Access
Protection: Frequently Asked Questions.
CredSSP Security
Service Provider
CredSSP is a new Security Service Provider (SSP) that is available in
Windows XP SP3 via Security Service Provider Interface (SSPI). CredSSP
enables an application to delegate the user’s credentials from the Client
(via Client side SSP) to the target Server (via Server side SSP). Windows
XP SP3 involves only the Client side SSP implementation and is currently
being used by RDP 6.1 (TS), though it can be used by any third party
application willing to use the Client side SSP to interact with applications
running Server side implementations of the same on Vista / LH Server.
There is a technical specification of this SSP available at the Microsoft
Download Center.
Note that CredSSP is turned OFF by default in Windows XP SP3. To
Functionality Description
enable CredSSP, administrators can modify the following registry keys:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
In the value ―Security Packages‖ of type REG_MULTI_SZ, add ―tspkg‖ in
addition to SSP-specific data already present.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Securi
tyProviders]
In the value ―SecurityProviders‖ of type REG_SZ, add ―credssp.dll‖ in
addition to SSP-specific data already present.
Functionality Description
Security
Descriptive Security
Options User Interface
The Security Options control panel in Windows XP SP3 now has more
descriptive text to explain settings and prevent incorrect settings
configuration. Figure shows an example of this new functionality.
Figure . Security options explanatory text
Enhanced security for
Administrator and
Service policy entries
In System Center Essentials for Windows XP SP3, Administrator and
Service entries will be present by default on any new instance of policy.
Additionally, the user interface for the Impersonate Client After
Authentication user right will not be able to remove these settings.
Microsoft Cryptographic
Module
Implements and supports the SHA2 hashing algorithms (SHA256,
SHA384, and SHA512) in X.509 certificate validation. This has been added
to the crypto module rsaenh.dll.
XP SP2 crypto modules Rsaenh.dll/Dssenh.dll/Fips.sys had been certified
according to FIPS 140-1 specifications. The Federal Information
Processing Standard (FIPS) 140-1 standard has been replaced by
FIPS 140-2, and these modules have been validated and certified
according to this standard. For more information, see the Microsoft Kernel
Mode Cryptographic Module.
Functionality Description
Setup
Windows Product
Activation
As in Windows Server 2003 SP2 and Windows Vista, users can now
complete operating system installation without providing a product key
during a full, integrated installation of Windows XP SP3. The operating
system will prompt the user for a product key later as part of Genuine
Advantage.
As with previous service packs, no product key is requested or required
when installing Windows XP SP3 using the update package available
through Microsoft Update.
Note The Windows Product Activation changes in Windows XP SP3 are
not related to the Windows Vista Key Management Service (KMS). This
update affects only new operating system installations from integrated
source media. This update affects the installation media only and is not a
change to how activation works in Windows XP.

Now, I'll go watch some paint dry.

Devon