What you need to know about Windows XP SP2

Three Keys to a More Stable, Secure, and Available Windows Environment Best Practices for Backup and Recovery Webcast Announcing BE 12 - New Levels of Data Protection and Enhanced Best-in-Class Features Backup Exec System Recovery Server Edition 8 Trialware Backup Exec for Windows Servers 12 Trialware Windows® Enterprise Data Protection with Symantec Backup Exec™ Computerworld Technology Briefing: An open-source path to optimal virtualization Learn-Fast Guide: It's All About You Learn-Fast Guide: Get Up to Speed on Green IT Sign up to receive Security Resource Alerts

August 20, 2004 (Computerworld) -- Microsoft Windows XP Service Pack 2 amounts to a major "life event" for companies using the Windows platform. The update represents a major step forward in security, and many organizations will seriously consider it for several reasons. Those that plan to deploy the update need to understand several important features. Even those that don't use it still will need to consider the service pack's impact.
Key Changes With SP2
The new service pack includes a desktop firewall, enhancements to Internet Explorer, memory protection and tools for management and remote administration.

• Firewall, Internet Explorer enhancements block intrusion, infection
  The desktop firewall arrives installed and turned on by default, and is arguably the most significant aspect of the software. It helps tighten device security on all networks -- especially those in public places.
  There have been plenty of horror stories about employees using wireless networks at the airport or in cafes. Although they don't realize it, file sharing is tied to the network on which they're working, so anyone interested in perusing anything available on their laptop can do so, without the users' knowledge or consent.
  The firewall in SP2 blocks inbound access attempts according to the local, or group, policy in effect. For outbound connections, the user is alerted to a connection attempt, and asked to allow or deny it. IT administrators can configure devices through group policy to conform to their security policy. SP2 adds roughly 600 new group policy objects, providing a finer degree of control than before.
  Enhancements to Internet Explorer block pop-ups and ActiveX controls that can result in inadvertent download of malicious code such as viruses or spyware. Users get an audible signal and warning message that a pop-up has been blocked. They can then unblock the feature for that page.


• Protection against DoS attacks
  SP2 should help significantly with denial-of-service (DoS) attacks caused by buffer overflows, when too much data is sent to an application's temporary storage area -- sometimes causing that excess data to act as executable code. One of the most popular DoS exploits, buffer overflows will now be prevented from executing commands and will shut down systems instead. It's an inconvenience that's worth the peace of mind that no code can be launched and the device won't be further damaged.
  Several other service pack features strengthen administrative security control. Internet Explorer has a new interface for managing add-ins that extend browser capabilities, such as PDF viewing.

Considerations for Companies That Deploy -- and Those That Don't
Whether or not they roll out the update, we're advising clients on SP2 issues involving application development and deployment, information distribution and use, and testing. There are ramifications for activities that companies may have considered outside the "normal" purview of a service pack security update.

• Application development
  We expect a flurry of problems and fixes for off-the-shelf applications. More important, SP2 can interfere with remote procedure call (RPC) and Distributed Common Object Model application architectures. Any client-side application that "listens" for network traffic will need to be explicitly permitted within the firewall rule set.
  The service pack also determines application access based on two distinctions: how and where COM components are launched, and whether RPC applications are running on the local system or elsewhere. If greater access to a particular application is required, some software may have to be revised to provide that availability.
  Whether or not they plan to deploy the update, companies will need to examine their applications' architecture. Firms that won't use it still need to consider how application design will impact their end users or customers who do implement the service pack. For example, a Web site pop-up request for user sign-in may be blocked by the user's Internet Explorer configuration.


• Infrastructure assessment
  The stronger controls built into SP2 will require IT teams to think about how they distribute information and how users get it. Are employees working on the LAN one day, and then wireless the next? How is information distribution managed?
  If an employee has Web and FTP services running on a laptop, the service pack will block both of those capabilities. We use this extreme example to underscore the importance of an up-to-date inventory of company assets and usage. This will help IT managers determine whether the service pack will counter daily operations or improve them.


• Testing
  Testing is important for any security update, and SP2 is no exception. For companies planning to deploy the service pack, running it on the company's standard desktop configuration(s) in a test environment will reveal issues that need to be resolved for successful deployment.

Finally, we advise clients to consider the long-term effects of SP2. By blocking some of the major sources of vulnerability outright, SP2 could eliminate any number of patch-and-recover exercises for specific exploits and introduce a greater degree of security by default.
Christopher Burry is a fellow and the technology infrastructure practice director at Avanade Inc., a Seattle-based integrator for Microsoft technology that's a joint venture between Accenture Ltd. and Microsoft. Steven Chanyi is a senior systems engineer at Avanade. Send comments or questions to Christopher.Burry@avanade.com.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"Apple fans have made much of the fact that the newest figures from Net Applications show that Apple's share of..." Read more... "Anti-Vista passions may be clouding peoples' judgment when it comes to buying new Windows machines. Forget XP downgrades. Vista is..." Read more... Read more Windows posts or See all Blogs

Microsoft promises four patches next week Google gives away home-cooked Web application security scanner Storm botnet stages Fourth of July attacks More top stories...

Microsoft trumpets security additions in upcoming IE8 Apple cuts price of high-end SSD MacBook Air by $500 Ultrathin showdown: Apple MacBook Air vs. Lenovo ThinkPad X300 vs. Toshiba Portege R500

This old laptop: Revitalizing an aging notebook on the cheap All it takes is a couple hours and about $125 to breathe new life into an old laptop. Here's how. Bill Gates moves on Is Microsoft's Golden Age over? What are Gates' most memorable quotes? Find out in Computerworld's complete coverage of the end of the Bill Gates era at Microsoft. Five things you should never tell your boss There are some things your CIO definitely doesn't want to hear. Also don't miss the flipside, Five things you should always tell your boss. Hands-On: Firefox 3 fixes what's broke and keeps what's right With its latest version, Mozilla's browser continues to raise the bar for what Web browsers should be. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class2006 Computerworld Horizon Awards2006 Premier 100 IT Leaders2006 Salary Survey2007 Best Places to Work in IT2007 IT Forecast2007 Premier 100 IT Leaders40 Years of ComputerworldASPs, Take TwoBest Places to Work in IT 2003Best Places to Work in IT 2004Best Places to Work in IT 2005Best Places to Work in IT 2006Business Intelligence Home RunsBusiness Intelligence: Smarter BIBusiness Intelligence: The Future of BICRM Goes VerticalCRM: Sober CRMCareer Planning Guide 2005Careers: IT Profession 2010Computerworld Horizon Awards 2005Data Management: Mining for GemsData Management: Taming Data ChaosDevelopment: Hard-Workin' Web SitesDevelopment: New Tools New ChoicesDevelopment: The New World of Application DevelopmentDevelopment: The Web Services TsunamiDevelopment: Web Services HurdlesDisaster Recovery: Preparing for the WorstE-commerce Grows UpE-mail/Groupware: Big DecisionsFaces of Mobile ITForecast 2006Global MobileHardware: Multiple Cores, Multiple ChallengesHardware: On-Demand Un-HypedHardware: The Shape of Things to ComeHorizon Awards: 10 Cool Cutting Edge TechnologiesIT Management: Guide to Managing VendorsIT Management: Navigating Global ITIT Management: Recovery AheadIT Management: The Future of ITIT Management: The Resourceful Project ManagerInnovative Technology Awards 2004Management: Reinventing ITMicrosoft in TransitionMobile/Wireless Leaders and LaggardsMobile/Wireless: The Untethered WorkerMobile/Wireless: Tiny Gadgets, Huge CostsNetwork Management: Taking ControlNetworking: Turbulence Ahead!Networking: VoIP Goes MainstreamOperating Systems: In the Slow LaneOperating Systems: Linux Goes GlobalOperating Systems: Should You Nix Unix?Outsourcing: Offshore Buyer's GuideOutsourcing: Outsourcing DangersPremier 100 IT Leaders 2004 Best in ClassPremier 100 IT Leaders 2005 Best in ClassROI: Do the Math!Salary Survey 2003Salary Survey 2004Salary Survey 2005Security Action PlanSecurity: Compliance HeadachesSecurity: Proactive SecuritySecurity: Risk and RewardSecurity: Tips From Security ProsSouped-up SecurityStorage: Battling ComplexityStorage: Cheap & Secure Data StoresStorage: Stretching Your Storage DollarsStorage: The Lean Storage MachineStorage: The New Rules of StorageStorage: The Ultimate Backup GuideSupply Chain: Missing LinksSupply Chain: RFID Reality CheckThe Business of SecurityWeb 2.0 SecurityWireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone Data Center Management Zone Enterprise-Class Security Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone Business Intelligence and Analytics Zone See your link here

Symantec Backup Exec System Recovery-Restore Systems Anytime, from Anywhere to Virtually Any Device Download this white paper, FREE, compliments of Symantec! Restore Windows systems quickly, easily, and reliably to dissimilar hardware, virtual environments or in remote, unattended locations. Watch this Symantec webcast to learn how you can perform bare metal system recovery in minutes, meet and exceed service level agreements and recovery time objectives, and minimize requirements for remote on-site IT support. Download this executive briefing  Long Tail Supplier Collaboration - What's In It For You? Long Tail Supplier Collaboration - What's In It For You? Download this webcast, free, compliments of Sterling Commerce Go to the webcast  Intercept Spam & Viruses Download this whitepaper to learn how to outsmart spam & viruses, compliments of MessageLabs. (Source: MessageLabs) Register for a complimentary 30 day trial of MessageLabs' new managed Anti-virus and Anti-spam security solutions. MessageLabs guarantees complete protection against all known and unknown email threats. By providing 24 hour support, your business can increase productivity and decrease risk. Register now for a complimentary trial and receive a free datasheet. Download this white paper  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Deploying Virtualized NetWare on Linux Whitepaper Toward More Flexible, Next-Generation Collaboration Solutions Driving Business Success Through Workgroup Choice and Flexibility View more whitepapers

• Microsoft promises four patches next week
• Google gives away home-cooked Web application security scanner
• Storm botnet stages Fourth of July attacks
• More top stories 

Advance your BlackBerry® solution management know-how this July Register to attend the BlackBerry Technical Seminar 2008 live on July 9th, 2008, 9AM - 11PM ET. Attend this seminar virtually from the comfort of your desktop and take advantage of learning opportunities designed uniquely for BlackBerry Administrators and Managers. Visit this seminar now!

Eliminate Hidden Processes that Sap Up to 40% of Developers' Time Are time constraints pressuring your development, QA, and support resources to cut corners on software quality? If so, your company's not alone. According to a commissioned study conducted by Forrester Consulting on behalf of BMC Software, "...problem resolution is a major time-sink for developers and a drain on the efficiency of application development and support." Watch this webcast now!  See more Webcasts