Subscribe to the::unwired's RSS Feedthe::unwired at Twitterthe::unwired on Facebookthe::unwired on Google Plus
the::unwired Article
SECURITY: Microsoft released Windows XP Service Pack 2
Posted by Arne Hess - on Saturday, 07.08.04 - 17:14:13 CET under 01 - General News - Viewed 6490x
Not Tagged

In Windows XP Service Pack 2, Microsoft is delivering several security technologies that help protect customers against malware and other risks to their computer. These technologies are not intended to replace periodic security updates as they are release, but rather to help strengthen Windows XP's overall defenses against malicious attacks.

Available soon, Windows XP Service Pack 2 (SP2) will bring users the latest security updates and innovations from Microsoft. It will establish stronger security settings that help defend against viruses, hackers, and worms and will provide unique new security features designed to make it easier for you to protect your PC.


  • Network protection. These security technologies help to provide better protection against network-based attacks, like MSBlaster, through a number of innovations, including enhancements to Windows Firewall and a reduced RPC attack surface. These enhancements include turning on Windows Firewall in default installations of Service Pack 2, closing ports except when they are in use, improving the user interface for configuration, improving application compatibility when Windows Firewall is on, and enhancing enterprise administration of Windows Firewall through Group Policy. The attack surface of the Remote Procedure Call (RPC) service is reduced, and you can run RPC objects with reduced credentials. The DCOM infrastructure also has additional access control restrictions to reduce the risk of a successful network attack.
  • Memory protection. Some attacks by malicious software leverage software security vulnerabilities that allow too much data to be copied into areas of the computer’s memory. These vulnerabilities are typically referred to as buffer overruns. Although no single technique can completely eliminate this type of vulnerability, Microsoft is employing a number of security technologies to mitigate these attacks from different angles. First, core Windows components have been recompiled with the most recent version of our compiler technology, which provides added protection against buffer overruns. Additionally, Microsoft is working with microprocessor companies to help Windows support hardware-enforced data execution prevention (DEP) on microprocessors that contain the feature. Data execution prevention uses the CPU to mark all memory locations in an application as non-executable, unless the location explicitly contains executable code. This way, when an attacking worm or virus inserts program code into a portion of memory marked for data only, an application or Windows component will not run it.
    Safer e-mail handling. Security technologies help to stop viruses (such as SoBig.F) that spread through e-mail and instant messaging. These technologies include default settings that have enhanced security, improved attachment control using the Attachment Execution Service (AES) API. This results in security and reliability enhancements for communications applications such as Microsoft Outlook, Outlook Express and Windows Messenger. As a result, potentially unsafe attachments that are sent through e-mail and instant messages are isolated so that they cannot affect other parts of the system.
  • Enhanced browsing security. Security technologies that are delivered in Microsoft Internet Explorer provide improved protection against malicious content on the Web. One enhancement includes locking down the Local Machine zone to prevent against the running of malicious scripts and fortifying against harmful Web downloads. Additionally, better user controls and user interfaces are provided that help prevent malicious ActiveX controls and spyware from running on customers’ systems without their knowledge and consent.
  • Improved computer maintenance. A very important part of any security plan is keeping computers updated with the latest software and security updates and understanding the role they play in protecting your computer. You must also ensure that you have current knowledge of security attacks and trends. For example, some software updates that mitigated known viruses and worms were available days or weeks before any significant attacks began. New technologies are being added to help the end user stay up-to-date. These technologies include Security Center, which provides a central location for information about the security of your computer, and Windows Installer, which provides more security options for software installation.

Microsoft understands that security technologies are only one aspect of a sound defense-in-depth security strategy. The security technologies outlined here are the next steps being taken in the Trustworthy Computing initiative to make customers’ systems more resilient to malicious attacks.

Get Ready for SP2:
Turn on automatic updates today. The best way to ensure you get SP2 when it is released is by turning on the Automatic Updates feature in Windows XP. Visit Microsoft's "Protect Your PC" site to let them turn it on for you to get SP2 automatically as Microsoft releases it.

MSDN customers can already download the final version today.

Cheers ~ Arne

Related Links : [More Information]


Related Articles SECURITY Microsoft released Windows XP Service Pack 2

  • No related articles found.
Social Sharing
This Week's Top Stories
Feeds & More
Awards & More
Recent Discussions
© Copyright 1998 - 2013 by the::unwired® & Arne Hess
All rights reserved!
the::unwired is a registered trademark of Arne Hess.
All trademarks are owned by their respective companies.
All site video, graphic and text content is copyrighted to the respective party and may not be reproduced without express written consent.