By Dennis O'Reilly As XP users continue to struggle while downloading and installing Service Pack 3, one reader succeeds by creating an SP3 installation CD. There's no guarantee this technique will work for you, but if you're determined to upgrade to SP3, this option may be worth a try.

More than one way to load a service pack

Slowly but surely, we're figuring out how to keep the last XP service pack from trashing our systems. This week's Top Story by Scott Dunn describes the biggest gotchas and offers tips for downloading and installing SP3, but reader Bob Bowen wrote in with a solution of his own.

• "Following a disastrous download and install by Microsoft Auto Updates of SP3 on my XP Home SP2 OS (which rendered my OS inoperable, requiring a raw format and complete reinstall), I downloaded an ISO image of SP3 … and burned my own CD of SP3 from it.

  "After disconnecting from the Internet and closing down all programs in my notification area, notably my Zone Alarm Pro Firewall, NOD32 AV, and antispyware applications, I ran the install CD, which installed SP3 flawlessly on my PC. That was three months ago, and I have had no problems whatever. In fact, the increased stability of my OS after installing SP3 was immediately noticeable. I suggest this as an excellent way to install XP SP3."
  

You'll find instructions on saving .iso files to CDs on the official Microsoft Windows XP site.

One says install XP SP3, the other says to wait

That's why it's so easy to understand the confusion of reader Terry Theresa, who noted that Susan Bradley's July 24 Patch Watch column (in our paid content) stated, "The time is right for Windows XP SP3 … maybe." Yet in last week's the cost of propecia Known Issues column, I recommended that XP users wait before installing the service pack.

• "[The column] written by Dennis O'Reilly recommending that the installation of SP3 be postponed is very untimely. It was only a few issues or so ago that we were told by Susan Bradley that SP3 is now safe for downloading. Whom to believe?

  "I think that one writer — and one writer only — [should] stay with the SP3 situation to avoid conflicting statements. I usually never, ever, write, so I will stand down now, had my say. Thanks again for Windows Secrets, as it has kept me out of a lot of trouble. I haven't had a reformat in quite awhile now."
  

Susan's lukewarm recommendation of SP3 advises that you have a full system backup handy before installing the service pack and that you have another Internet-connected PC at the ready so you can troubleshoot any problems you encounter during the update. For me, those are two indications that plenty of risk remains.

You would think that an e-mail provider would consider the addresses and passwords of its customers worth securing. Unfortunately, at least one webmail service doesn't feel the need to encrypt this information when people log in to its service, as reader F. Aydelotte points out.

• "Don't assume that your ISP's webmail is secure. Frontier, a major Internet provider on the East Coast and elsewhere, uses a nonencrypted Web page for its webmail.

  "I exchanged several e-mails with various levels of tech support and marketing at Frontier, asking about this security hole, and it became obvious that they could care less about their customers' sending user names and passwords in clear text."
  

Whenever you log in to any Web site, make sure the URL in the address bar begins with https: and look for the lock icon in the bottom-right corner of the browser. If the company doesn't provide a secure login page, find yourself another provider. You'll be doing all of us a favor.