Microsoft working to enhance XP security

Anne Saita

Microsoft's Trustworthy Computing Initiative received plenty of potshots last week in the wake of a 200-day delay releasing a patch for the critical ASN.1 vulnerability that affects all supported Windows OSes.

Prior to this latest transgression, though, people were buzzing about the enhanced security features in service pack 2 (SP2) that move Windows XP closer to "secure by default." SP2 is due to be released this summer.

SP2's security technologies include:

  • Turning on the Internet Connection Firewall (ICF) by default, closing ports except when they're in use and improving the firewall configuration interface.
  • Recompiled core Windows components to make the OS more resilient to malware-induced buffer overruns.
  • More secure default settings in Outlook Express and Windows Messenger.
  • Improved Internet Explorer controls and user interfaces to block malicious ActiveX controls and spyware.

"This is a big step toward improving the default security level of a very widely deployed OS," says Jason Chan, a principal security architect for network security provider @stake.

Chan, who is technical leader for the company's Secure Infrastructure Center of Excellence, is particularly interested in improvements in the ICF, which originally was shipped disabled by default. He and others, though, said interoperability could pose a problem.

Another enhancement gaining attention is the restriction of RPC remote anonymous access, which could reduce

    Requires Free Membership to View

the number of worms that use RPC to proliferate. Again, compatibility is seen as a potential problem.

"This should increase overall security, but there could be issues with many applications not initially working with ICF, and non-technical users having trouble with ICF configuration," he said. "Also, the fact that ICF can be configured via Active Directory Group Policy (GPO) could be huge for enterprise users looking to roll out a distributed host firewall to users. Previously, this was pretty unwieldy using ICF without GPO support.

"I think organizations will be wise to perform wide and thorough internal compatibility testing as well," Chan advised.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: