According to a recent CNET article, the newly implemented heap overflow protection in Windows XP Service Pack 2 can be easily circumvented by attackers. As security experts have been saying for years, an operating system must be designed to be secure from the ground up, not through a series of cheap hacks and system patching. Microsoft certainly doesn't seem to have proven them wrong so far.
Why am I not surprised. I was expecting some of the security updates/patches to make more vulnerabilities with SP2.
You can bet Gates is already 50% through "completing" service pack 3, which will be designed to secure a windows enviroment against attackers, hackers and other threats, as well as service pack 2's flaws and vulnerabilities.