In "Windows XP Service Pack 2," February 2004, InstantDoc ID 41299, I discussed the general features in XP Service Pack 2 (SP2), an important XP upgrade Microsoft hopes to ship by mid-2004. This month, I concentrate on the security-oriented features in this service pack. Here's what you need to know about the new security features in XP SP2.
New Windows Firewall
In XP SP2, Microsoft has significantly enhanced the Internet Connection Firewall (ICF) and renamed it Windows Firewall. This tool is now enabled by default, is easier to find in the UI, and offers a slew of new configuration options, including full, per-connection central manageability through Active Directory. (Note that this capability isn't available on XP Home Edition systems.) For end users, Windows Firewall presents an experience familiar to users of other firewall products: As applications and services attempt to send information from a user's computer over the network for the first time, the firewall intercepts the information and lets the user choose whether to allow that communication.
IE, Outlook Express Improvements
In XP SP2, Microsoft Internet Explorer (IE) is enhanced in two ways. First, IE blocks unwanted pop-up windows by default and lets the user (or enterprise) determine which sites are exempt from pop-up blocking. Second, because of a recent lawsuit with Eolas Technologies, a company that owns a crucial Web-browser patent, Microsoft must reengineer its IE plug-in functionality. This requirement has motivated Microsoft to engineer the new tool so that sites can't silently install add-ons without a user's knowledge, and users can disable or remove undesirable add-ons at any time.
Microsoft has upgraded Microsoft Outlook Express with some welcome features taken from Microsoft Office Outlook 2003. First, the product no longer displays images in HTML email messages by default because spammers often use these images to determine whether a real person opened the message. Second, Outlook Express now isolates suspicious attachments, such as .exe and .bat files, by default so that they can't affect the system.
Low-Level Changes
At a lower level, XP SP2 adds several enhancements to make XP more stable and resilient. A new memory-protection feature helps prevent most buffer-overrun errors, which malicious users can use to run errant code to take control of a system. Also, the remote procedure call (RPC) technology now runs under reduced privileges in XP SP2, lessening the chance that intruder code can successfully attack your system.
Recommendations
As I note in "Windows XP Service Pack 2," XP SP2 is working up to be a major, must-have update for all XP users. If the final product is as good as the current beta, I highly recommend this upgrade.
