Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP SP2 - Security gets tighter


  • Please log in to reply
6 replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:06:55 AM

Posted 10 April 2004 - 03:21 PM

Another good article on improved security in SP2

Windows XP SP2 - Security gets tighter
http://news.bbc.co.uk/1/hi/technology/3579355.stm

XP is getting a security makeover

Microsoft is preparing an update to Windows XP that is intended to make the operating system more secure.

Dubbed Service Pack 2 (SP2) the update will close some loopholes that virus writers and malicious hackers have exploited to infect or take over PCs.

The add-on for XP will also include extras that block pop-up ads by default and give users a clearer picture of how secure their system is.

The update is due to be finished and released to users by the end of June.



BC AdBot (Login to Remove)

 


m

#2 Guest_MrSnausage_*

Guest_MrSnausage_*

  • Guests
  • OFFLINE
  •  

Posted 10 April 2004 - 06:04 PM

Looking forward to service pack 2. I am surprised the article did not mention one of the fixing of one of the worst flaws in the current Internet Connection Firewall component.
That flaw is that currently the TCP/IP stack in Windows XP starts before the Firewall starts, therefore giving a limited opportunity when the machine is not protected. This will be fixed in SP2.

Also curious to see how much this effects the bank accounts of companies like Zone Alarm and ISS.

Should be interesting.

#3 CalamityKen

CalamityKen

  • Members
  • 128 posts
  • OFFLINE
  •  
  • Location:Whitby. Ont.

Posted 10 April 2004 - 10:13 PM

Is the Internet Connection Firewall in SP2 an outbound firewall as well?

#4 Guest_MrSnausage_*

Guest_MrSnausage_*

  • Guests
  • OFFLINE
  •  

Posted 11 April 2004 - 12:17 AM

From reading the info in XP SP2 release candidate release notes, it still does not let you filter outbound traffic. It looks like you may be able to filter outbound ICMP packets such as ping or traceroutes, but not specified ports.

It does though support application protection, so you can specify which applications can use the Internet.

#5 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:55 AM

Posted 12 April 2004 - 12:37 PM

Anyone interested in a preview? Here's a nice one that is pretty in depth:

http://216.239.53.104/search?q=cache:0Y59R...&hl=en&ie=UTF-8

The IE Add-on Management tool seems to me to be the most needed it seems to me. If it works as described here it may put an end to browser hijackings.

New to IE in XP SP2 is an IE Add-on Management tool that helps you view and manage the list of plug-ins, toolbars, and other IE add-ons you may have installed on your system. The Add-on Management tool has two basic functions, from what I can tell. First, it allows you to arbitrarily deactivate or uninstall any plug-in that's been installed in Internet Explorer, whether you installed it manually or it was installed for you, surreptitiously or not, when you visited a Web site. Second, it prevents new plug-ins from being installed going forward, unless of course you want them there.



Don't know if it will stop stuff like CWS that exploits security holes. Anyone have any insights or comments about that?

Here is another preview that is a little more up to date (I think) but not as thorough:

http://www.iamnotageek.com/articles.php?aid=11&page=1

The fate of all mankind, I see

Is in the hands of fools

--King Crimson


#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,300 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA

Posted 12 April 2004 - 01:26 PM

Interesting articles. Thanks for sending them our way.

I thinjk XP SP2 is going to be a great addition, and will help a lot of users immediately right afte rbeing installed.

I am not sure how much it will deter the CWS type hijackers, but will definitely make it easier to diagnose them. I am going to play around with the preview a bit and see if I can get hijacked with CWS when running it, or at least get an alert that a BHO is being installed.

Looks good though

#7 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:04:55 AM

Posted 06 May 2004 - 10:45 PM

Another link to SP2 info:

updatexp.com
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users