Because Windows XP SP2 will overhaul the way the operating system handles security, it's been informally known as Security Pack 2. Here are some reasons it deserves the moniker.
Firewall and network protections
One of the biggest changes, and most likely biggest headaches for administrators, is Windows Firewall being on by default. It replaces the Internet Connection Firewall and is easier to configure and shouldn't break other applications. While welcomed, especially by enterprises concerned with laptop security among remote users, some security testers say this firewall isn't as robust as others on the market and could create a false sense of superior security. Additionally, ports that had been left open also will be shut unless in use.
Browser security
Internet Explorer, one of this summer's favorite targets for malicious coders, will come with the pop-up blocker enabled to cut down on spyware. Others may actually see an increase in legitimate prompts -- not that annoying adware -- since Web surfing will now include more, transparent configuration options. Web sites that use some code- or scripting-based functions, as in downloads, might find some Web features no longer work correctly. And even for those that don't have conflicts, IE requires user acceptance to continue access. IE also will also better scan downloads to warn of potentially unsafe content.
E-mail, AV protection
Another soft spot in the Windows arsenal has been
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
e-mail as an attack vector, especially in those programs running on a Windows platform. Now, more AV protections will be turned on by default, such as more aggressive quarantine of attachments to prevent them from infecting computer systems. But in beta, some testers found the Windows Security Center that checks for AV, firewall and system updates encountered detection deficiencies when using the popular Symantec Norton AntiVirus 2004, the 3.01.00 version of Panda Software Titanium Antivirus 2004 and Zone Labs ZoneAlarm Security Suite 5.0. However, Symantec and Zone Labs are said to have corrected the problem by the release date.
Updates and patches
Users will now be prompted at the first startup if they want to automatically download any Microsoft security patches. If it's a critical patch, and installation didn't occur at startup, the computer will automatically download the update as it powers down. Both ways are meant to automatically update vulnerable desktops much more quickly to prevent networks from massive viral and worm infections. Beta users in the first release complained that the process can be defeated, either by turning off the automatic updates function, or by selecting "Turn off computer without installing updates" box. It's unclear whether that option remained in the final release.