Discover how Windows XP Service Pack 2 (SP2) will improve Windows XP-based computers? ability to withstand malicious attacks from viruses and worms. With Windows XP Service Pack 2 (SP2), Microsoft is introducing a set of security technologies that include: Network protection, Memory protection, Safer email and Safer browsing.
Overview of Windows XP SP2 Security Technologies Many customers do not or cannot roll out patches as soon as they become available, but still need to be protected against the risks that the patches mitigate. Each security bulletin that Microsoft delivers includes information that customers can use to help mitigate risk while they deploy the patch. However, Microsoft is innovating further delivering security technologies that provide additional mitigation ahead of deploying a patch. These security technologies will cover the following areas: Network protection. These security technologies will help provide better protection against network-based attacks, like Blaster, through a number of innovations, including enhancements to Internet Connection Firewall (ICF). The planned enhancements include turning on ICF in default installations of SP2, closing ports except when they are in use, improving the user interface for configuration, improving application compatibility when ICF is on, and enhancing enterprise administration of ICF through Group Policy. The attack surface of the RPC service will be reduced as well as running in a reduced privilege. The DCOM infrastructure will also have additional access control restrictions to reduce the risk of a successful network attack. Memory protection. Some attacks by malicious software leverage software vulnerabilities that allow too much data to be copied into areas of the computer's memory. These vulnerabilities are typically referred to as buffer overruns. Although no single technique can completely eliminate this type of vulnerability, Microsoft is employing a number of security technologies to mitigate these attacks from different angles. First, core Windows components are being recompiled with the most recent version of our compiler technology to help mitigate against buffer overruns. Additionally, Microsoft is working with microprocessor companies to help Windows support hardware-enforced "no execute" (or NX) on microprocessors that contain the feature. NX uses the CPU itself to enforce the separation of application code and data, preventing an application or Windows component from executing program code that an attacking worm or virus inserted into a portion of memory marked for data only. Safer e-mail. Security technologies will help stop viruses (such as SoBig.F) that spread through e-mail and instant messaging. These technologies include default settings that are more secure, improved attachment control for Outlook Express and Windows Messenger, and increased Outlook Express security and reliability. As a result, potentially unsafe attachments sent through e-mail and instant messages will be isolated so that they cannot affect other parts of the system. Safer browsing. Security technologies delivered in Internet Explorer that will provide improved protection against malicious content on the Web. One enhancement includes locking down the local machine zone to prevent against the running of malicious scripts and fortifying against harmful Web downloads. Additionally, we will provide better user controls and user interfaces that help prevent malicious ActiveX® controls and spyware from running on customers' systems without their knowledge and consent. Microsoft understands that security technologies are only one aspect of a sound defense-in-depth security strategy. The security technologies outlined here are the next steps being taken in the Trustworthy Computing initiative to make customers' systems more resilient. Microsoft PDC Central has more...
Overview of Windows XP SP2 Security Technologies Many customers do not or cannot roll out patches as soon as they become available, but still need to be protected against the risks that the patches mitigate. Each security bulletin that Microsoft delivers includes information that customers can use to help mitigate risk while they deploy the patch. However, Microsoft is innovating further delivering security technologies that provide additional mitigation ahead of deploying a patch. These security technologies will cover the following areas: Network protection. These security technologies will help provide better protection against network-based attacks, like Blaster, through a number of innovations, including enhancements to Internet Connection Firewall (ICF). The planned enhancements include turning on ICF in default installations of SP2, closing ports except when they are in use, improving the user interface for configuration, improving application compatibility when ICF is on, and enhancing enterprise administration of ICF through Group Policy. The attack surface of the RPC service will be reduced as well as running in a reduced privilege. The DCOM infrastructure will also have additional access control restrictions to reduce the risk of a successful network attack. Memory protection. Some attacks by malicious software leverage software vulnerabilities that allow too much data to be copied into areas of the computer's memory. These vulnerabilities are typically referred to as buffer overruns. Although no single technique can completely eliminate this type of vulnerability, Microsoft is employing a number of security technologies to mitigate these attacks from different angles. First, core Windows components are being recompiled with the most recent version of our compiler technology to help mitigate against buffer overruns. Additionally, Microsoft is working with microprocessor companies to help Windows support hardware-enforced "no execute" (or NX) on microprocessors that contain the feature. NX uses the CPU itself to enforce the separation of application code and data, preventing an application or Windows component from executing program code that an attacking worm or virus inserted into a portion of memory marked for data only. Safer e-mail. Security technologies will help stop viruses (such as SoBig.F) that spread through e-mail and instant messaging. These technologies include default settings that are more secure, improved attachment control for Outlook Express and Windows Messenger, and increased Outlook Express security and reliability. As a result, potentially unsafe attachments sent through e-mail and instant messages will be isolated so that they cannot affect other parts of the system. Safer browsing. Security technologies delivered in Internet Explorer that will provide improved protection against malicious content on the Web. One enhancement includes locking down the local machine zone to prevent against the running of malicious scripts and fortifying against harmful Web downloads. Additionally, we will provide better user controls and user interfaces that help prevent malicious ActiveX® controls and spyware from running on customers' systems without their knowledge and consent. Microsoft understands that security technologies are only one aspect of a sound defense-in-depth security strategy. The security technologies outlined here are the next steps being taken in the Trustworthy Computing initiative to make customers' systems more resilient. Microsoft PDC Central has more...
