What you need to know about Windows XP SP2
Two Avanade consultants offer advice on how to prepare for the security update
Computerworld - Microsoft Windows XP Service Pack 2 amounts to a major "life event" for companies using the Windows platform. The update represents a major step forward in security, and many organizations will seriously consider it for several reasons. Those that plan to deploy the update need to understand several important features. Even those that don't use it still will need to consider the service pack's impact.
Key Changes With SP2
The new service pack includes a desktop firewall, enhancements to Internet Explorer, memory protection and tools for management and remote administration.
- Firewall, Internet Explorer enhancements block intrusion, infection
The desktop firewall arrives installed and turned on by default, and is arguably the most significant aspect of the software. It helps tighten device security on all networks -- especially those in public places.
There have been plenty of horror stories about employees using wireless networks at the airport or in cafes. Although they don't realize it, file sharing is tied to the network on which they're working, so anyone interested in perusing anything available on their laptop can do so, without the users' knowledge or consent.
The firewall in SP2 blocks inbound access attempts according to the local, or group, policy in effect. For outbound connections, the user is alerted to a connection attempt, and asked to allow or deny it. IT administrators can configure devices through group policy to conform to their security policy. SP2 adds roughly 600 new group policy objects, providing a finer degree of control than before.
Enhancements to Internet Explorer block pop-ups and ActiveX controls that can result in inadvertent download of malicious code such as viruses or spyware. Users get an audible signal and warning message that a pop-up has been blocked. They can then unblock the feature for that page.
- Protection against DoS attacks
SP2 should help significantly with denial-of-service (DoS) attacks caused by buffer overflows, when too much data is sent to an application's temporary storage area -- sometimes causing that excess data to act as executable code. One of the most popular DoS exploits, buffer overflows will now be prevented from executing commands and will shut down systems instead. It's an inconvenience that's worth the peace of mind that no code can be launched and the device won't be further damaged.
Several other service pack features strengthen administrative security control. Internet Explorer has a new interface for managing add-ins that extend browser capabilities, such as PDF viewing.
Considerations for Companies That Deploy -- and Those That Don't
Whether or not they roll out the update, we're advising clients on SP2 issues involving application development and
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Taking Windows Mobile on Any Device Taking Windows applications mobile has many advantages, but the process of identifying a solution is complex. Learn how to solve this complex problem...
- Accelerating Network Convergence in Virtualized and Cloud Data Centers Adopting a converged networking strategy enables organizations to traffic server and storage I/O workloads on consolidated data throughput channels. Intelligent software helps optimize...
- Omnichannel: From Buzzword to Strategy Customers demand a seamless experience across channels, especially mobile. Read this whitepaper for a research-based framework for using omnichannel for higher customer engagement.
- How 10GbE Network is the Backbone of the Virtual Data Center The shift to a virtual data center has put tremendous strain on legacy networks; driving the need for more speed, lower latency, more...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Windows White Papers | Webcasts