I have been to a microsoft partner briefing today......
most of the day was MS talking good things about SP2 (service pack 2 for windows XP)
hackers are getting a exploit out faster and faster.
after the patch comes out the hack follows soon.
when nimda come out the patch had been out for 331 days.
when blaster come out the patch had been out for 25 days.
when sasser came out the patch had only been out for 14 days.
hackers are looking at the patch and using that to design the exploit/worm.
first thing that they all want us to know about is that the firewall gets an upgrade.
ICF gets renamed to Windows firewall. the firewall gets to a standard that MS call EAL4 (I don't know what that is yet)
the main point about the firewall is that it is ON by default.
out going traffic is not stopped at all, in coming ports are all blocked ports can be opened by port number or by program name.
if the named program is run then the port will be opened for that program to get in coming traffic.
you can do IP filtering as well.
the firewall will stop ports for file and print sharing if you don't watch yourself.
the other cool thing about the firewall is that it gives protection from boot time, in the current system the network card is brought up, given an IP address and the IP stack is all ready, then the system does other booting stuff and at the end of all the booting the ICF kicks in. the new firewall will give protection form the moment the IP stack is started.
a new icon in the control panel is call security center and gives access to info about the security of your system, the three big things are the status of the firewall, antivirus,auto updates.
if any of the three big security things are NOT running/uptodate then an icon comes up in the system tray and tells you to get your ass over to the security center and see what the problem is.
the security center can detect and work with firewall and anti-virus program written be third parties and display the info about if they are on and if they are uptodate. the support is NOT a MS issue , MS has provided an API and any developers can include support in there program if they want.
at this point there are about 10 firewalls and 10 anit-virus venders who have support, more are coming everyday, if your anit-virus program is not supported than don't tell MS its not there fault, tell you anit-virus vender.
Data Execution Protection (DEP)
this is the thing that has had the most news and is of the least importance to most of us.
the NX-bit is a feture of new CPUs (athlon64s)
this will stop buffer overflows, don't ask how is a long story.
support for the NX-bit can be turned on or off on global way or on a program by program way.
the option will be gray out if you don't have CPU support.
outlook express get a make over for security too, more work has been done to stop users from opening attachments that may do damage.
IE gets popup blocking,better protecting from phishing attacks, also a way to see what activeX controls you have on the system and you can then disable any of them.
Windows will now come with its own bluetooth stack, no more using thirdparty bluetooth support.
60MB-80MB for users
240MB-250Mb for the full download/CD
SP2 will be installed be default on all systems by the end of the year.
SP2 will NOT install on systems that are not legal MS versions.
as well as all of this security stuff the service pack comes with about 1500 bug fixes.
there is a lot of talk on the internet about how SP2 will break applications and network settings....
all of the new security feture that will break things can be turned off on a program by program way.
as with installing any service pack, BACKUP your system just to be safe. after installing service pack 2 you might have to list a program or two in either the firewall safe list or the DEP safe list, this should fix any issues you have with programs not working.
many new security dialogs are to be seen all over the system and they all have lots of information so users can decied what to do, the default will be to go for more security when ever a question is asked.
and now for all of the users that have read all the crap above......
I have a copy of Office 2004 which was given to me on the day, i don't need it so who ever can give me the best "why give it to me..." post will get a copy of OFFICE 2004 pro
anyone who posts flames is automatically out :-)