What you need to know about Windows XP SP2

Two Avanade consultants offer advice on how to prepare for the security update

By Christopher M. Burry and Steven Chanyi, Avanade

August 20, 2004 12:00 PM ET

Recommended

Computerworld - Microsoft Windows XP Service Pack 2 amounts to a major "life event" for companies using the Windows platform. The update represents a major step forward in security, and many organizations will seriously consider it for several reasons. Those that plan to deploy the update need to understand several important features. Even those that don't use it still will need to consider the service pack's impact.
Key Changes With SP2
The new service pack includes a desktop firewall, enhancements to Internet Explorer, memory protection and tools for management and remote administration.

Firewall, Internet Explorer enhancements block intrusion, infection
The desktop firewall arrives installed and turned on by default, and is arguably the most significant aspect of the software. It helps tighten device security on all networks -- especially those in public places.
There have been plenty of horror stories about employees using wireless networks at the airport or in cafes. Although they don't realize it, file sharing is tied to the network on which they're working, so anyone interested in perusing anything available on their laptop can do so, without the users' knowledge or consent.
The firewall in SP2 blocks inbound access attempts according to the local, or group, policy in effect. For outbound connections, the user is alerted to a connection attempt, and asked to allow or deny it. IT administrators can configure devices through group policy to conform to their security policy. SP2 adds roughly 600 new group policy objects, providing a finer degree of control than before.
Enhancements to Internet Explorer block pop-ups and ActiveX controls that can result in inadvertent download of malicious code such as viruses or spyware. Users get an audible signal and warning message that a pop-up has been blocked. They can then unblock the feature for that page.

Protection against DoS attacks
SP2 should help significantly with denial-of-service (DoS) attacks caused by buffer overflows, when too much data is sent to an application's temporary storage area -- sometimes causing that excess data to act as executable code. One of the most popular DoS exploits, buffer overflows will now be prevented from executing commands and will shut down systems instead. It's an inconvenience that's worth the peace of mind that no code can be launched and the device won't be further damaged.
Several other service pack features strengthen administrative security control. Internet Explorer has a new interface for managing add-ins that extend browser capabilities, such as PDF viewing.

Considerations for Companies That Deploy -- and Those That Don't
Whether or not they roll out the update,

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Windows

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Informatica 9 Launch: Transform your Business. Transform your world.

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Forrester Consulting - Optimizing Users and Applications in a Mobile World
Learn how to successfully deploy a WAN optimization solution that is specifically tuned for a mobile environment!

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

IDC Research Report: The Business Value of Consolidating on Energy-Efficient Servers
Download this Resource Now!

Strategies for Driving Down IT Support Costs with Lite ITIL Practices
View this now!

HP Technology Guide for Scalable Business Solutions
Download This Resource Now!

Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.

All White Papers | All Webcasts