NT 4.0 Service Pack 4 contains so many changes, Microsoft should have called it “NT 4.1.”

Full of Goodies, and Then Some

NT 4.0 Service Pack 4 contains so many changes, Microsoft should have called it “NT 4.1.”

Like a parking spot on a crowded street or a favorite relative who lives across the country, we've waited long for it, and now it's here. Microsoft posted the Windows NT 4.0 Service Pack 4 on October 21, more than a year after Service Pack 3 came to the rescue of the late and not-at-all-lamented SP2.

So what?

Let's be realistic. We're talking about a service pack for an operating system, not the solution to world peace or the antidote for Regis and Kathie Lee. Still, you may find compelling reasons to install this service pack on both personal and business systems after some careful planning and even more careful backups.

First and foremost, SP4 contains new fixes for more than 650 NT 4.0 bugs, ranging from security holes to DNS hiccups to Blue Screen of Death showstoppers.

Secondly, there are a number of enhancements to NT's core functionality riding along in this service pack. I imagine we can thank the slip in ship date for NT 5.0—uh, Windows 2000—for a number of these. I'll go over some in greater detail (though you'll get far more information from the readme file and other articles at www.microsoft.com), but for now, let's say that were Win2K's release and revenue not so close in time, Microsoft could probably get away with calling SP4 Windows NT 4.1. There are no grand leaps in the capabilities of the OS involved, but the sum of the small improvements is certainly significant, and goes well beyond any NT service pack that I can recall.

Before diving into the content, let's go over the several flavors of SP4, where to get them, and the procedures for installing them.

SP4 Basics

Geez, I wish I could give you one URL and tell you, "The service pack's here. Download it and run the executable." No such luck. There's more than one site, more than one executable, and more than one way to install SP4.

First, do you want to download the file and then install it, install it directly from the Web, or run it from CD? If the latter, you can order it by mail, online, or by calling Microsoft at 800-370-8758 in the U.S. Cost is $15.95 plus $5 shipping and handling. Canadian residents can order by mail, and their cost is CDN $19.95 plus $7.50 shipping and handling. If you can wait for the media to arrive, you'll get some bonuses-the CD contains utilities not available in the downloadable versions. SP4 didn't make it into the November TechNet, so look for it in the December mailing. Full details for all the downloads can be found at www.microsoft.com/ntserver/nts/downloads.

And which version are you ordering? SP4 comes in 40- and 128-bit encryption flavors. The 128-bit version is for use in the U.S. and Canada only; to get that version elsewhere, you'll need a U.S. Commerce Department export license (the 40-bit version is approved for export.). If you download the 128-bit version, you'll be required to fill out an online form with your name, address, and phone number, and you won't be allowed to download until the site determines that your Internet gateway is in fact in the U.S. or Canada. You also have a choice of Intel x86 or Alpha versions.

If you're downloading, do you want to install from the Web site or dump the entire executable onto your system before running it? You'll save some bytes in download if you do a Web-based install, but is that worth not having the full package on your system, just in case? If you're putting the SP on a personal system and you don't mind taking some risks, go ahead. But if it's going on a box with any kind of business purpose to it, I'd strongly suggest downloading the complete service pack-suppose you need to reinstall and can't get back to the Web site?

OK, 40- or 128-bit? X86 or Alpha? CD, Web-based install, or full download and install? Enough choices for you? We're not done yet. There's also a Year 2000 Service Pack 4. This is more than 70M in size, more than twice the size of the basic service pack, and contains Y2K fixes for NT 4.0 Option Pack elements, including SP1 for Internet Explorer 4.01 and Microsoft Data Access Components (MDAC). If you're not certain whether all your Microsoft code is Y2K compliant, the regular SP4 will tell you which Y2K pieces you need. For instance, my test system needed the updates for both IE and MDAC, but I didn't have to pull down the full Y2K SP4, since both files were available as separate downloads.

Once you've got whatever SP4 you're using on your system, the upgrade is a matter of kicking off the executable, following some basic prompts, and letting it reboot your system. My DEC P200 MMX took the upgrade cleanly and rebooted with no errors; the entire procedure took less than 10 minutes.


I'll be focusing on the enhancements here. Frankly, SP4 has so many bug fixes that I wouldn't know where to begin. I'd suggest you look up Knowledge Base Article Q150734 at microsoft.com for the complete listing. Remember that NT service packs are cumulative; SP4 also contains all the bug fixes from SP1, 2, and 3.

The enhancements are kind of all over the map, not focused on one particular area of the OS. As I mentioned earlier, some of them aren't in the downloads; you'll have to wait for the CD to try them out. I'll go through the fixes by general category.


SP4 includes several changes to NT's TCP/IP suite. Internet Group Management Protocol (IGMP) version 2 lets a system inform a router that it's leaving a group. The net result is fewer packets on the wire. DNS is changed to provide a workaround for proxies and firewalls, which disable DNS on port 53, to prevent outsiders from querying an organization's internal name service structure. The service pack lets you set another port number for outbound DNS requests. WINS, which always makes me just a little bit nervous, gets some improvements in both its code and interface, including the ability to manually remove dynamic records. Microsoft claims increased security and performance for its Point-to-Point Tunneling Protocol, PPTP, but only if the systems on both sides of a tunnel are running the SP4 updates. DHCP gets an internal rework to clear up bugs. On the API side of the fence, SP4 includes version 2.1 of TAPI, the Telephony API, and an update to the IP Helper API, IPHLPAPI (don't ask me how to pronounce that!) so that Win32 applications can communicate with a TCP/IP stack to receive configuration data.

Application Development

Following along its Windows DNA path, Redmond introduces—another protocol! Tunneling TCP lets you avoid firewall issues for DCOM communications by letting them use the HTTP port (you'll sometimes hear this feature referred to as "DCOM over HTTP"). This has interesting implications for n-tier development, especially in the extranet space, and I'm personally interested in seeing just how strong the implementation is. Visual Studio receives an update called Visual Studio Analyzer Events, which graphically displays application behaviors and performance, and Visual Basic's ability to use Remote Procedure Calls is boosted with support of a User Data Type for Access databases. The service pack also addresses accessibility issues via several more new APIs.

File System

For those of you who weren't aware, NTFS is due to evolve in Win2K (if I keep writing that enough, I'll get used to it). Service Pack 4 updates ntfs.sys to be able to read the new NTFS version 5 partitions, though it doesn't provide the full functionality of the new version. If you're going to be moving to Win2K when it comes out, you'll need this feature for interoperability's sake.


This isn't a big deal for personal systems in the U.S., but if your NT boxes do any kind of international financial transactions, you'll be pleased to know that SP4 adds the Euro symbol to the Arial, Courier, and Times New Roman fonts and the NT keyboard drivers.


Along with fixes for various security holes. SP4 claims to beef up OS authentication and session security through NTLM version 2 and requires that administrators be explicitly given permission to manage the Security Log. There are also enhancements to the secure channels used by workstations and member servers to communicate with domain controllers, and by DCs to communicate with each other. Included on the CD (in other words, not out yet) is Microsoft's Security Configuration Manager, which enables finer control of security configurations for your NT organization. In months past, this utility was rumored to be not at all compatible with NetWare NDS, so be cautious before deploying it in environments where the two OSs coexist.


SP4 includes a useful addition to the event log service: new events (which show up in the System Log) indicating whether a system has been shut down clean or dirty ("just press the big red button, Joe!"). Think of it as a truth detector. There's also a utility to monitor the size of user profiles. Most notably, SP4 includes the Windows Management Interface, or WMI, a mechanism for system and application management based on the Common Information Model standard. WMI provides an API for programmers, flexibility in the "just write a new provider" context, the ability to interact with third-party management applications, and accessibility through VB, or at the command line via the Windows Scripting Host.

But Wait, There's More

I could go on, but let's close this features section with notes about some other tools and toys. The enhanced chkdsk utility has a couple of extra switches for NTFS volumes. On the CD, Microsoft throws in an update of NetShow Services for NT Server, more finely tuned for enterprise use or for ISPs. You'll also find PCI and EISA drivers for Compaq fiber storage devices. Also on the CD: Windows Media Player, the all-in-one viewer/player for audio and video files. And what would a 1998 Service Pack be without a whole buncha Y2K fixes (these are in addition to the Option Pack fixes in the Year 2000 versions of SP4)? User Manager/UM for Domains finally recognizes 2000 as a leap year; you can update the system clock from the Control Panel Date/Time applet, DHCP Manager lets you use two-digit references for 2000 through 2009, and Word gets some help in handling the millennium change.

Whew! That's the problem with doing an article like this-you have to fight the tendency to spew back the readme file verbatim, but at the same time, you feel compelled to summarize it. The readme is particularly important with this service pack, which has been in extensive Beta and Release Candidate testing; not just because it's a summary of what's new and improved, but because (in the grand NT tradition), SP4 comes complete with its own documented bugs! So without further ado:

What Don't Work (Officially)

Let's start with what's in the documentation. If you find yourself using your SP4-built Emergency Repair Disk to fix a whacked system, you're going to have to copy the setupdd.sys file from SP4 to your original NT Setup Disk 2 media. Strong advice: If you install SP4, get that copy out of the way ASAP, just in case. Don't forget to reinstall the service pack after you reinstall NT. And when you install new NT components—services and the like—you should reinstall SP4. Heck, just reinstall it whenever you breathe too deeply while in the same zip code as the system!

Sorry, too much caffeine, deadline and all that.

As Elmer Fudd might say, "Be vewwy, vewwy quiet" when installing SP4 on a box with a Number Nine Imagine 2 video card. You may (and the documentation isn't more specific than that) end up with a 16-color screen palette.

On Alpha systems running Remotely Possible 32 with a Matrox Millenium adapter, stay away from Matrox video drivers when you install SP4. Make sure you're running vanilla VGA; otherwise, you'll end up with a nice glowing blue screen in time for the holidays.

Watch out if you've got a Dell Latitude laptop. Your Softex APM and PC Card services might cause your system to become, uh, unusable if you load SP4. Check the readme for the specific versions of the Softex code with these problems.

There are a few other third-party product issues mentioned in the readme, including Inoculan, Norton CrashGuard, Hummingbird Exceed's telnet daemon, NuMega's SoftICE, and Rational's Visual Quantify.

Separate articles on two other bugs are already in the Microsoft Knowledge Base. Installing SP4 on a system with Insyde Software's PowerProfiler software can cause an eensy driver conflict and another of those pretty blue screens. Insyde has updated drivers. Don't move the SP4 update.exe file out of the directory that it is extracted to—you'll get a permissions error message if you try to run it.

And please note that SP4's uninstall is more like an uninst… procedure. Uninstall won't touch the updated versions of SChannel and the CryptoAPI. Some of the NTLM security changes SP4 makes have uninstall consequences as well, especially if you uninstall SP4 and then try to reapply another service pack. This is because SP4 actually modifies the SAM and Security databases. Older versions of some key files won't be restored when removing SP4, and you should definitely not overwrite the Samsrv.dll and Winlogon.exe files when popping in an older service pack, if you have any intention of actually logging onto your system.

What Don't Work (Anecdotally)

A short stroll through some interesting Web sites and Usenet groups (including some on Microsoft's Usenet server) resulted in an engaging array of comments, rants, kvetches, and notes about SP4's performance and impact. Several users complained about the service pack causing a noticeable decrease in disk performance, others about corrupt files hanging the upgrade. A user reported problems with Windows 95 DHCP clients after installing SP4 on their server. I've seen reports of increased BSDs after the SP4 install and of driver incompatibilities. Some versions of Ghost have run into problems, as has Informix and Stac's ReachOut Enterprise.

It's quite difficult to put these bug reports into their proper perspective, mostly because no one has any idea how many people have actually installed Service Pack 4 to date. Other magazines and online news sources may be trumpeting banner headlines about All The Problems With SP4 Spell Doom and Gloom for Microsoft, but I can't fathom that anyone could actually figure out what percentage of the install base has run into difficulties. This is where the shell that remains of journalism today looks so deeply sad. Yes, there are problems with this SP just like all the others, but can anyone whose name isn't The Amazing Kreskin (did you know that's his legal name?) come up with a percentage or absolute number of users who are having these problems so soon into the game?

I have no interest in apologizing for Microsoft. If they've let loose a turkey in the ignoble tradition of NT 4.0 Service Pack 2, we'll find out soon enough. For now, my advice is to pull down the Readme file and decide whether the fixes and enhancements in SP4 are sufficiently compelling for you to install the pack. If so, do some online searches that include your system name and key hardware and software components and SP4 and see if you turn up any bug reports or similar nasties. Check out Usenet groups with NT in their name for SP4 postings. Do the highest level of backup you're capable of before installing the pack. If you're considering SP4 for business or enterprise distribution, put it through its paces on a test system before moving it into production.

Finally, take notes and let Microsoft and other users know about any problems you run into—and don't forget to e-mail us here at MCP Magazine, even if all you want to say is that SP4's running just fine.

Good luck and don't forget to write.


comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.