Windows 7 SP1 Offers Security Fixes And Minor Updates

The first service pack for Windows 7 is a healthy dose of security fixes and minor updates rolled into a single installation package.

However, the relatively large size of Windows 7 SP1 along with the multistep installation process means that IT managers should make plans now to minimise the productivity impact of rolling out the update to user systems.

The Windows 7 SP1 update became available on 22 February from Microsoft’s developer websites and is also being made available via Windows Update.

One key feature of Windows 7 SP1 is the relatively large download size and lengthy installation processes. Notes from Microsoft advise that the process can take anywhere between 30 minutes and one hour, and this was confirmed by eWEEK in a test on a variety of physical and virtual test systems.

In tests, the newly updated physical and virtual systems exhibited no unusual problems, and IT managers who are deploying Windows 7 SP1 in a production environment are advised to take only customary caution to ensure that applications work without error when running on this latest version of Microsoft’s flagship desktop operating system.

The service pack is also meant for Microsoft Windows Server 2008 R2, which shares a common code base with the Windows 7 desktop OS.

Windows 7 SP1 slipstream version

Windows 7 SP1 is a rollup of security patches, minor bug fixes along with a few tweaks that improve features that were already present when Windows 7 first shipped in late 2009.

Nearly all these updates had been made previously available as individual hot fixes and patches. Thus, organisations that have been routinely updating Windows 7 user systems will have to jump only a very low testing hurdle when it comes to feature and functionality testing.

In fact, unless there is a specific need for the new federation feature, or the corrected HDMI or XPS printing fixes, organisations that have faithfully applied security patches to Windows 7 may well benefit by not rolling out SP1 to the field.

The reason is simple: Windows 7 SP1 is big and it takes a while to install.

To avoid potentially large network usage and lost productivity time while the service pack installs, IT desktop managers should, rather, adopt the Windows 7 SP1 slipstream version as the base image for new systems and keep previously installed Windows 7 systems on a regular diet of security and feature patches as provided by Microsoft.

What’s new

Among the enhancements in Windows 7 SP1 is new support for identity, authentication and minor bug fixes that correct audio and printing problems.

For identity, Windows 7 SP1 adds support for a passive profile protocol for use with third-party federation services. The feature adds support for the WS-Federation protocol and enables passive identity requesters such as web browsers to more easily handle subsequent identity tokens such as cookies or custom identification mechanisms.

Other bug fixes address problems with audio and printing. Although a test at eWEEK was unable to demonstrate either the HDMI audio problem or the XPS printer problem. In both the original Windows 7 version and machines with Windows 7 SP 1, we were able to connect HDMI TV monitors to the systems reboot and still have a connection to the device. I was also able to print documents that contained a mix of portrait and landscape pages using the XPS printer driver with no error.

This version of Windows 7 also provides more control over how some features are implemented. For example, it is now possible to change the “Restore previous folders at logon” function that is governed by the Folder Options Explorer dialogue. If this check box is selected, all folders are restored to their previous positions.

In a nod to processor changes and improved security, Windows 7 SP1 now supports AVX (Advanced Vector Extensions). AVX is a 256-bit instruction set that can be used by floating point intensive application performance. With AVX support in Windows 7 SP1, applications can now take advantage of the new instruction set and register extensions.

Shops that use IKEv2 authentication protocol should look for the additional identification types that have been added to the identification field. The minor change in this feature will likely aid organisations that have wanted to use email ID or certificate information when performing authentication tasks.