[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1AWIrU-0001u5-00@smtp02.mrf.mail.rcn.net>
Date: Tue, 16 Dec 2003 12:19:54 -0500
From: "Richard M. Smith" <rms@...puterbytesman.com>
To: "BUGTRAQ@...URITYFOCUS. COM" <BUGTRAQ@...URITYFOCUS.COM>
Subject: Microsoft's plans for making XP more secure
Microsoft has just released a document describing the changes they will be
making in service pack 2 to make Windows XP more secure. Many of the
interesting changes are in Internet Explorer. The attached links provide
the details.
Richard M. Smith
http://www.ComputerBytesMan.com
====================================================
Changes to Functionality in Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=7bd948d7-b791-40b6-
8364-685b84158c78&displaylang=en
(http://tinyurl.com/z0rv)
In Microsoft Windows XP Service Pack 2, Microsoft is introducing a set of
security technologies that will help to improve the ability of Windows
XP-based computers to withstand malicious attacks from viruses and worms.
The technologies include network protection, memory protection, safer e-mail
handling, more secure browsing, and improved computer maintenance.
Together, these security technologies will help to make it more difficult to
attack Windows XP, even if the latest updates are not applied. These
security technologies together are particularly useful in mitigation against
worms and viruses.
This document specifically focuses on the changes between earlier versions
of Windows XP and Windows XP Service Pack 2 and reflects Microsoft's early
thinking about Service Pack 2 and its implications for developers. Examples
and details are provided for several of the technologies that are
experiencing the biggest changes. Future versions of this document will
cover all new and changed technologies.
http://download.microsoft.com/download/8/7/9/879a7b46-5ddb-4a82-b64d-64e791b
3c9ae/WinXPSP2_Documentation.doc
(http://tinyurl.com/z2zv)
. Safer e-mail handling. Security technologies help to stop viruses
(such as SoBig.F) that spread through e-mail and instant messaging. These
technologies include default settings that are more secure, improved
attachment control for Outlook Express and Windows Messenger, and increased
Outlook Express security and reliability. As a result, potentially unsafe
attachments that are sent through e-mail and instant messages are isolated
so that they cannot affect other parts of the system.
. More secure browsing. Security technologies that are delivered in
Microsoft Internet Explorer provide improved protection against malicious
content on the Web. One enhancement includes locking down the Local Machine
zone to prevent against the running of malicious scripts and fortifying
against harmful Web downloads. Additionally, better user controls and user
interfaces are provided that help prevent malicious ActiveXR controls and
spyware from running on customers' systems without their knowledge and
consent.
Powered by blists - more mailing lists