Microsoft Shows Off New Security Features

Computerworld - Microsoft Corp. gave every indication that it's keeping security on the front burner, as Chairman Bill Gates made the trip to last week's RSA Conference in San Francisco to preview upcoming features in Windows, new protection technologies and an antispam initiative.
Gates introduced the first public demonstration of new security features due in the first half of the year with Service Pack 2 for Windows XP. One prominent update will be the newly enhanced and renamed Windows Firewall, formerly called the Internet Connection Firewall, which will be enabled by default rather than having to be set manually by the user.
Another new feature, the Windows Security Center, will let users check the status of firewalls, automatic updates and antivirus protection. If a problem is discovered, the user will receive a notification with recommended fixes.
To combat spam, Microsoft is touting its Coordinated Spam Reduction Initiative, which includes technical specifications for establishing Caller ID-like functionality for e-mail. The technology would enable a recipient to ensure that a message came from the identified domain.
Gates said Microsoft has royalty-free patents on the technology and is talking with other Internet service providers and e-mail providers about using it. "It uses the DNS to do this, so it's piggybacking an infrastructure that's there," he said.
Microsoft also plans to deliver Exchange Edge Services to enable users to better protect their e-mail systems from junk e-mail and viruses, as well as improve the efficiency of handling and routing Internet e-mail. Those goals will be achieved through an enhancement to the SMTP relay implementation in Exchange 2003, according to Microsoft.

Bill Gates at the RSA Conference Credit: The Associated Press

Another security-related enhancement Microsoft demonstrated was active protection technology. John Pescatore, an analyst at Stamford, Conn.-based Gartner Inc., said the technology will provide behavioral protection for desktops and servers, similar to technology offered by Cisco Systems Inc. and Network Associates Inc.
Zachary Gutt, a technical product manager in Microsoft's security business unit, said the active protection technology will make computers resilient against worms and viruses by preventing and containing attacks. The system does that by recognizing behavior that is out of the ordinary and blocking it.
For example, Gutt said, the Blaster worm caused the remote procedure call service to open a back door and download malicious code onto a machine. But with active protection technology, the behavior would have been recognized as out of the ordinary for the RPC service and blocked, he said.
Another key piece of active protection technology can automatically raise and lower the