Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Microsoft
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

What you need to know about Windows XP SP2

Two Avanade consultants offer advice on how to prepare for the security update

By Christopher M. Burry and Steven Chanyi, Avanade
August 20, 2004 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - Microsoft Windows XP Service Pack 2 amounts to a major "life event" for companies using the Windows platform. The update represents a major step forward in security, and many organizations will seriously consider it for several reasons. Those that plan to deploy the update need to understand several important features. Even those that don't use it still will need to consider the service pack's impact.
Key Changes With SP2
The new service pack includes a desktop firewall, enhancements to Internet Explorer, memory protection and tools for management and remote administration.

  • Firewall, Internet Explorer enhancements block intrusion, infection
    The desktop firewall arrives installed and turned on by default, and is arguably the most significant aspect of the software. It helps tighten device security on all networks -- especially those in public places.
    There have been plenty of horror stories about employees using wireless networks at the airport or in cafes. Although they don't realize it, file sharing is tied to the network on which they're working, so anyone interested in perusing anything available on their laptop can do so, without the users' knowledge or consent.
    The firewall in SP2 blocks inbound access attempts according to the local, or group, policy in effect. For outbound connections, the user is alerted to a connection attempt, and asked to allow or deny it. IT administrators can configure devices through group policy to conform to their security policy. SP2 adds roughly 600 new group policy objects, providing a finer degree of control than before.
    Enhancements to Internet Explorer block pop-ups and ActiveX controls that can result in inadvertent download of malicious code such as viruses or spyware. Users get an audible signal and warning message that a pop-up has been blocked. They can then unblock the feature for that page.

  • Protection against DoS attacks
    SP2 should help significantly with denial-of-service (DoS) attacks caused by buffer overflows, when too much data is sent to an application's temporary storage area -- sometimes causing that excess data to act as executable code. One of the most popular DoS exploits, buffer overflows will now be prevented from executing commands and will shut down systems instead. It's an inconvenience that's worth the peace of mind that no code can be launched and the device won't be further damaged.
    Several other service pack features strengthen administrative security control. Internet Explorer has a new interface for managing add-ins that extend browser capabilities, such as PDF viewing.

Considerations for Companies That Deploy -- and Those That Don't
Whether or not they roll out the update,


Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS
Leading IT Pros Weigh In on Top IT Issues
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
For Best Results, Think Beyond the Box
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Accelerating the Path to Demand Intelligence with a Demand Signal Repository
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

Accelerate SSL Encrypted Applications
The amount of SSL traffic is growing in the enterprise. Because it is encrypted, it cannot be properly controlled and accelerated. Blue Coat...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Shape Your Apps Strategy to Reflect New SaaS Licensing and Pricing Trends
Why are smart companies choosing software-as-a-service? Find out in the complimentary Forrester Research report...  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Natural User Interface for Enterprise Applications
Learn how a revolutionary user interface can make a complex enterprise application so intuitive even casual users can jump right in....  

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

A Truly Global HCM System
Learn about a system built with advanced object-oriented technology that support multi-national requirements and costs less to implement, maintain and upgrade....  

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.