The next Service Pack for Microsoft Windows will be released in the near future. The aim of this Service Pack is to increase the security of the Operating System so that users without a firewall or anti virus are less vulnerable to hacking or viral worms. This Service Pack is one more step in the march of Microsoft for the Trustworthy Computing initiative.
Four Feature Highlights:
• Network protection with boot time security and restricting Remote Procedure Calls (RPC). The Internet Connection Firewall (ICF) will be enabled by default after Windows XP Service Pack 2.
“Prior to Windows XP Service Pack 2, Windows XP shipped with ICF disabled by default. The user either needed to run a wizard or navigate through the Network Connections folder to manually enable ICF.
By enabling ICF by default, the computer has more protection from many network-based attacks. For example, if ICF had been enabled by default, the recent MSBlaster attack would have been greatly reduced in impact, regardless of whether users were up-to-date with patches.”
• Memory protection
“With execution protection (also known as NX, or no execute) prevents code execution from data pages such as the default heap, various stacks, and memory pools. Protection can be applied in both user and kernel-mode.
Since execution protection prevents data execution from the stack, if it is implemented, the specific exploit that was leveraged by the recent MSBlaster worm results in a memory access violation and termination of the process. On a system with execution protection, MSBlaster is limited to a Denial-of-Service (DOS) attack, but does not have have the ability to replicate and spread to other systems. Execution protection is by no means a comprehensive defense against all viruses, worms and other malicious code.”
• Safer e-mail handling – No details on expected changes for e-mail yet.
• More secure browsing – Internet Explorer Add-on Management and Crash Detection as well as a pop-up ad blocker
“These are two new, closely-related features that are included in Internet Explorer.
Internet Explorer Add-on Management allows users to view and control the list of add-ons that can be loaded by Internet Explorer with more detailed control than before.
Internet Explorer Add-on Crash Detection attempts to detect crashes in Internet Explorer that are related to an add-on. When the add-on is successfully identified, this information is presented to the user. The user has the option of disabling add-ons to diagnose frequent crashes and improve the overall stability of Internet Explorer.”
References: Preliminary Document – Changes to Functionality in Microsoft Windows XP Service Pack 2
For more information see “New Security Technologies in Windows XP Service Pack 2 (SP2)” on the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=20969.
