Skip the navigation

Windows XP: Is it safe?

The newest release of Windows offers substantial security enhancements. But some IT managers still have concerns.

By Deborah Radcliff
October 22, 2001 12:00 PM ET

Computerworld - "When Windows XP is released, soon all hell will follow. New zombies and nanobots are waiting to exploit vulnerabilities. Be warned . . . " When an Australian hacker identified only as "Z" sent this e-mail message to Computerworld on Aug. 7, he was referring to a controversial paper claiming that hackers will exploit weaknesses in Microsoft Corp.'s new Windows XP operating system to turn PCs into an unwitting army of denial-of-service (DOS) attack zombies.

But closer inspection suggests otherwise, according to users and analysts. So far, those zombie bots in Z's rant are nowhere to be found.

Despite several potential vulnerabilities raised in the past few months by security analysts and privacy advocates, beta testers have been unable to find any serious security threats in Windows XP. To the contrary, "with Windows XP, Microsoft has at least fixed the sins of their past, which is more than I can say for other operating systems," says John Pescatore, senior security analyst at Gartner Inc. in Stamford, Conn.

Not only do analysts and beta testers generally praise Microsoft for repairing past security mistakes that riddled Windows 9x and NT machines, but they also feel that XP's new embedded security features, particularly the ability to set privileges and an embedded firewall, will go far in protecting novice users from themselves and one another. And, in the case of XP Professional, these same security features can be centrally configured to follow corporate security policies by groups and locations.

However, some IT professionals aren't convinced that Microsoft has committed to a more secure operating system. They cite possible vulnerabilities with raw sockets and the Remote Assistance feature, and privacy concerns over built-in support for the Passport personal information management service.

The Raw Deal

Last summer, Steve Gibson, president of Gibson Research Corp., a security and privacy software and Web publisher in Laguna Hills, Calif., published a paper accusing Microsoft of opening a new "back door" into Windows by building raw sockets support into XP.

Windows XP Security: Related Links

The Keys to XP Security

Windows XP: Is it Safe?

"Raw sockets means raw access to the Internet. And the problem of malicious agents getting into people's computers and launching DOS attacks with spoofed packets goes up dramatically with use of raw sockets," he says.

Because they skirt traditional TCP/IP protocols, hackers can use raw sockets to generate TCP packets, and it's impossible for receiving networks to determine if those packets are legitimate. There's no way to block them, Gibson explains, because that would mean blocking all TCP packets. That would effectively drop all inbound traffic.

Raw sockets are nothing new. Various flavors of Unix and Linux run raw sockets, as does Windows 2000. "But all operating systems that offer raw sockets deliberately protect the access to those raw sockets by requiring the highest system privileges possible," Gibson says.

Our Commenting Policies