Windows Firewall service starts automatically after installing Windows XP Service Pack 3

Windows Firewall service starts automatically after installing Windows XP Service Pack 3

  • Comments 13
  • Likes

Installation of Windows XP Service Pack 3 results in the Windows Firewall service being set to Automatic startup, regardless of its previous startup setting.

After installing Service Pack 3 for Windows XP, you may be surprised to see that both the Windows Firewall/Internet Connection Sharing (ICS) service and the Security Center service are started and set to Automatic startup type, even if you had previously set either of these services to Manual or Disabled.

Steps to reproduce this behavior:
1. Disable the Windows Firewall service on Windows XP SP2 either manually or via Group Policy.
2. Apply Windows XP SP3. The firewall service is changed to Automatic startup.

image

NOTE: If the service is administratively disabled via domain Group Policy, it will again be disabled after subsequent application of Group Policy. The automatic service startup should only be seen on the first reboot after applying Service Pack 3. To cause GPO settings to be updated immediately on a client, run gpupdate /force from a command prompt.

This is reproducible on a system with SP3 as well. If you disable the firewall service and reapply the service pack, the firewall service will be reset to Automatic startup.

This behavior is by design and is intended to increase the security posturing of Windows XP.

As part of the Trustworthy Computing initiative, we are all focused on decreasing the attack surface exposed on our operating systems and protecting users from ever increasing security threats. See more information about Microsoft’s commitment to Trustworthy Computing here –

http://www.microsoft.com/mscorp/twc/default.mspx

Windows XP SP2 users may have unadvisedly turned off the Security Center or Firewall service in the course of troubleshooting an issue or just to eliminate Security Center prompts to enable Automatic Updates, for instance. As part of its installation process, Windows XP SP3 sets these two security services to Automatic startup to address these security holes.

Prior to shipping XP SP3, this scenario was tested extensively by our Development team and was not found to cause issues of compatibility with third party firewalls or services. This change should serve to increase security of XP systems and should not cause problems in your environment. However, if you do find that it causes problems, we want to know about it. If you find that enabling these security services does cause specific compatibility issues in your environment, please provide us with details of the problems seen and we will investigate further to address the issues encountered. Please visit the link below to learn more about working with Microsoft Enterprise Support:

http://www.microsoft.com/services/microsoftservices/srv_enterprise.mspx

- Tim Quinn

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • 189 Microsoft Team blogs searched, 91 blogs have new articles in the past 7 days. 214 new articles found

  • This action of enabeling the FW service after it has been specifically disabeled by GP has some serious effects! Any news gathering agency that uses AP's ENPS newsroom application will be stoppewd dead by installation of SP3. Since ENPS uses udp to communicate with it's server and the firewall, by default blocks udp packets, this is a serious issue and needs to be addressed by MS ASAP. The process of re-enabeling services specifically disabeled by GP has got to stop. The SP should specifically check GP for services before taking any action.

  • Hi Don,

    I think there is a misconception here. Setting the Windows Firewall service to Automatic startup does not turn the Windows Firewall on if you have set the firewall to be turned off via Group Policy. The only way application of the Service Pack would cause the blocking of traffic would be if you disabled the service via GPO settings rather than turning the firewall off via GPO. If the service itself was disabled by policy for some reason, it would again be disabled with the next refresh of Group Policy following SP3 application.

  • I installed XP SP3 on a older laptop (IBM T20) I use as a "shared drive", other clients lost coneectivity. I had to disable the firewall completely to access the shared drive. Prior to installing XP SP3 the firewall was enabled.

  • We have multiple XP SP3 machines we have attempted to setup with ICS and defined Service with Port translations to the LAN 192.168.0.XX - none have operated after setting these up inaccordance with every known MS tech support site we have seen.

    We assume the forwarding featuer is disabled in SP3 adn there is a secret place to enable it again.  My email is scotth@raiinc.com if you wish to enlighten us.

  • my pc is on the network. while working some time my pc stop accesing the other pc's. when i open my windows firewall seting a message appear "Windows firewall settings cannot be displayed because the associated service is not running.Do you want to start the windows firewall/internet connection sharing (ICS) service?"

    Option Yes/No.

    If I clicked on "yes",another message pops up saying:

    "Windows cannot start the windows firewall/internet connection sharing (ICS) service."

    but after restart my pc start access to other some time it is stopped working. i have formatted my windows xp professional 2 times but it is not solved. please help me it is very urgent for me if u have any reply send me on my id (karan.luthra5004@gmail.com) thanx.

  • we applied sp3 on a few machines in my environment and after applying it we could no longer remote manage those devices.  Access to the admin shares were no longer available, remote computer manage is no longer available, even our enterprise tool couldn't connect. Running the following command somehat fixed our issue. The command is in single quote 'sc config "SharedAccess" start= Disabled'  Note-must have space after equal sign.

    I found this article from Microsoft which will also fix the issue.  http://support.microsoft.com/kb/892199

  • This has screwed up my entire network printers, Computers, faxing.  You name it is has lagged my computer or just fails to function.  I WANT THIS FIREWALL TURNED OFF NOW.  HOW DO I DO IT

  • iwant to off windows firewall in windows xp sp3

  • To date we have had no confirmed instances where the Microsoft firewall service itself conflicts with any other service. If you find that enabling these security services does cause specific compatibility issues in your environment, please provide us with details of the problems seen and we will investigate further to address the issues encountered. Please visit the link below to learn more about working with Microsoft Enterprise Support:

    http://www.microsoft.com/services/microsoftservices/srv_enterprise.mspx

  • I am on XP PRO, and after a recent automatic update, the Windows Firewall is preventing me from using browsers.  I can't turn it off, and when I talked to my service providers, I verified that I am connected.  The weird think is that my mail service works - it is not accessed via browser.

    How can I turn this off or fix it so that I can use the internet again?  

  • GPO applied to OU where computers accounts are contained:

    Setting:

    Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Protect all network connections > Disable

  • Nice Thanks very Blog sites