Review: Windows XP's big security fix

If you've been longing for a more secure version of Windows, then Windows XP Service Pack 2, due midyear, should fit the bill. A response to the electronic attacks that crippled Windows PCs worldwide last year, Windows XP SP2 is a crucial upgrade centered on what Microsoft Corp. calls "security technologies."
I tested a beta of XP SP2 and came away impressed: With a simple installation (I experienced none of the compatibility hassles that some users encountered with SP1), much-needed security enhancements and a friendlier front end to wireless networking, XP SP2 is shaping up as a must-have upgrade for all Windows XP users.
SP2 will be free, but Microsoft hasn't yet said how it will distribute the pack.
A finer firewall
One component of the original Windows XP is the Internet Connection Firewall, but this line of defense is disabled by default and is difficult to find and configure. The version in XP SP2, now renamed Windows Firewall, receives more prominent advertising and is enabled by default, providing a decent level of network protection even when the system is booting up.
In addition, the new Windows Firewall is more powerful than the previous version, with both inbound and outbound scanning capabilities similar to those of third-party firewalls such as ZoneAlarm. For example, the first time an application wants to access the Internet, Windows Firewall pops up a dialog box in which you can configure the firewall to grant such access.
Windows XP included wireless networking support, but Microsoft then hobbled the feature somewhat with SP1, forcing users to log on manually to insecure networks (a hassle for most home users). With SP2, the software maker has significantly improved the user interface for wireless networking, simplifying the tasks of browsing, configuring and connecting to wireless networks. One nice touch is an option that lets you pick the wireless network you always want to connect to when you are within range of it.
In SP2, Internet Explorer has been updated to include pop-up ad blocking, a key feature that some competing browsers have had for months. And if you do choose to allow pop-ups, Internet Explorer prevents questionable Web sites from altering those windows in ways that might harm your system; this innovation should put an end to the annoying proliferation of windows at some Web sites.

In another welcome nod to security, Internet Explorer includes a new browser add-on module that helps deter spyware by controlling how XP installs, configures and enables add-ons. In the short term, some Internet Explorer add-ons -- for example, various Netscape-style plug-ins -- may not work after the upgrade, but even so, the additional security and stability are worth it.
Both Outlook Express and Windows Messenger will now protect you from dangerous file types, isolating attachments so that they can't attack your system. Outlook Express has also been updated with a feature drawn from Outlook 2003: By default, HTML e-mail messages will not download images; this keeps spammers from figuring out that your e-mail address is valid by having the embedded images phone home. This is a fine feature, but the ability to set up a white list of approved senders whose images aren't to be filtered would have been nice, too.
Microsoft has significantly changed Windows Update for use with SP2, placing the most critical software updates into a friendly, new, single-step installation routine. Other software and driver updates are available separately.
Behind the scenes, Microsoft has made many low-level changes to XP in SP2 to make the operating system as secure as possible. A new memory protection system guards XP against common buffer-overrun errors that many viruses and worms exploit to compromise the operating system. And new networking technologies will help ensure that attackers find fewer vulnerabilities when probing SP2-protected Windows systems over the Internet.
A must-have upgrade
Windows XP SP2 may not solve all of your security problems. Hackers are notoriously industrious, and Windows will continue to be their target of choice. It's also too early to tell whether SP2 will generate any woes similar to those that plagued many users who installed SP1.
Nevertheless, this update does provide much of the basic plumbing you need for a better-protected operating system. If the beta is any indication, Windows XP Service Pack 2 will be a winner.