SECURITY: Microsoft released Windows XP Service Pack 2
Posted by Arne Hess - on Saturday, 07.08.04 - 17:14:13 CET under 01 - General News - Viewed 7431x Not Tagged
Windows XP Service Pack 2, Microsoft is delivering several security technologies
that help protect customers against malware and other risks to their computer.
These technologies are not intended to replace periodic security updates as they
are release, but rather to help strengthen Windows XP's overall defenses against
Available soon, Windows XP Service Pack 2 (SP2) will bring users the latest security updates and innovations from Microsoft. It will establish stronger security settings that help defend against viruses, hackers,
and worms and will provide unique new security features designed to make it easier for you to protect your PC.
Network protection. These security technologies help to provide better
protection against network-based attacks, like MSBlaster, through a number
of innovations, including enhancements to Windows Firewall and a reduced RPC
attack surface. These enhancements include turning on Windows Firewall in
default installations of Service Pack 2, closing ports except when they are
in use, improving the user interface for configuration, improving
application compatibility when Windows Firewall is on, and enhancing
enterprise administration of Windows Firewall through Group Policy. The
attack surface of the Remote Procedure Call (RPC) service is reduced, and
you can run RPC objects with reduced credentials. The DCOM infrastructure
also has additional access control restrictions to reduce the risk of a
successful network attack.
Memory protection. Some attacks by malicious software leverage software
security vulnerabilities that allow too much data to be copied into areas of
the computerâ€™s memory. These vulnerabilities are typically referred to as
buffer overruns. Although no single technique can completely eliminate this
type of vulnerability, Microsoft is employing a number of security
technologies to mitigate these attacks from different angles. First, core
Windows components have been recompiled with the most recent version of our
compiler technology, which provides added protection against buffer
overruns. Additionally, Microsoft is working with microprocessor companies
to help Windows support hardware-enforced data execution prevention (DEP) on
microprocessors that contain the feature. Data execution prevention uses the
CPU to mark all memory locations in an application as non-executable, unless
the location explicitly contains executable code. This way, when an
attacking worm or virus inserts program code into a portion of memory marked
for data only, an application or Windows component will not run it.
Safer e-mail handling. Security technologies help to stop viruses (such as
SoBig.F) that spread through e-mail and instant messaging. These
technologies include default settings that have enhanced security, improved
attachment control using the Attachment Execution Service (AES) API. This
results in security and reliability enhancements for communications
applications such as Microsoft Outlook, Outlook Express and Windows
Messenger. As a result, potentially unsafe attachments that are sent through
e-mail and instant messages are isolated so that they cannot affect other
parts of the system.
Enhanced browsing security. Security technologies that are delivered in
Microsoft Internet Explorer provide improved protection against malicious
content on the Web. One enhancement includes locking down the Local Machine
zone to prevent against the running of malicious scripts and fortifying
against harmful Web downloads. Additionally, better user controls and user
interfaces are provided that help prevent malicious ActiveX controls and
spyware from running on customersâ€™ systems without their knowledge and
Improved computer maintenance. A very important part of any security
plan is keeping computers updated with the latest software and security
updates and understanding the role they play in protecting your computer.
You must also ensure that you have current knowledge of security attacks and
trends. For example, some software updates that mitigated known viruses and
worms were available days or weeks before any significant attacks began. New
technologies are being added to help the end user stay up-to-date. These
technologies include Security Center, which provides a central location for
information about the security of your computer, and Windows Installer,
which provides more security options for software installation.
Microsoft understands that security technologies are only one aspect of a
sound defense-in-depth security strategy. The security technologies outlined
here are the next steps being taken in the Trustworthy Computing initiative to
make customersâ€™ systems more resilient to malicious attacks.
Get Ready for SP2:
Turn on automatic updates today. The best way to ensure you get SP2 when it is
released is by turning on the Automatic Updates feature in Windows XP. Visit
Microsoft's "Protect Your PC" site to
let them turn it on for you to get SP2 automatically as Microsoft releases
MSDN customers can already download
the final version today.