Microsoft has made available Windows Server 2003 Service Pack 1 Release Candidate for download at its Web site.
SP1 provides several security enhancements that should catch the interest of most administrators. In fact, all of the reasons listed in Microsoft's "Top Ten Reasons to Install Windows Server 2003 SP1" relate directly to better security.
The security configuration wizard helps disable unused services, block ports, establish audit configurations, and modify registry settings. A new Post-Setup Security Updates feature helps automate the setup of Automatic Updates and blocks all incoming network traffic until an administrator can apply the latest patches. SP1 also includes the same firewall shipped with Windows XP SP2.
Data Execution Prevention uses both hardware-based and software-based technology to guard against the operation of malicious code. SP1 establishes stronger default security settings and reduced privileges. For example, with SP1 services such as RPC and DCOM require stronger levels of authentication.
A quarantine feature prevents access by systems that do not have current security updates installed. There is also a new audit feature for the IIS metabase, new group policies to manage client and server firewall policies, and more secure versions of Internet Explorer and Outlook Express. Another feature is the new -b switch for the netstat command line tool. As seen in Windows XP SP2 the switch will show which ports are used by applications and services, among other data.
As you might expect, SP1 will also include a long list of fixes that have been provided since Windows Server 2003 was originally released to manufacturing. The release candidate is available for both 32-bit and 64-bit processor platforms and requires approximately 700MB of free disk space to complete the installation, and 445MB of space after installation including the associated un-install files.
In January Microsoft will host two webcasts that cover SP1. "Introducing Windows Server 2003 SP1" will provide an overview of features, benefits, and expected availability of a final release version. "Windows Server 2003 SP1 Technical Overview" will cover the Secure Configuration Wizard, Windows Firewall and new Active Directory groups policies, and VPN Quarantine technologies. You can periodically check the company's related Technet Web page for details on when to sign up for the webcasts.