Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Published byWalker Pelter Modified over 9 years ago

Similar presentations

Presentation on theme: "Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH."— Presentation transcript:

1 Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH

2 Overview Of Windows XP SP2 Memory Provide system-level protection for the base operating system Network Help protect the system from attacks from the network Email/IM Enable safer Email and Instant Messaging experience Web Enable safer Internet experience for most common Internet tasks

3 Windows Firewall Goal and Customer Benefit Provide better protection from network attacks by default Provide better protection from network attacks by default Focus on roaming systems, small business, home users Focus on roaming systems, small business, home users What We’re Doing Windows Firewall (formerly ICF) will be on by default in almost all configurations Windows Firewall (formerly ICF) will be on by default in almost all configurations More configuration options More configuration options Group policy, command line, unattended setup, Group policy, command line, unattended setup, Better user interface Better user interface Boot time protection Boot time protection Multiple profile support Multiple profile support Connected to corporate network vs. home Connected to corporate network vs. home Enable file sharing on home networks with Windows Firewall on Enable file sharing on home networks with Windows Firewall on Developer Impact In-bound network connections not permitted by default In-bound network connections not permitted by default Dynamically enable ports as necessary, but only for as long as necessary, disable when done Dynamically enable ports as necessary, but only for as long as necessary, disable when done Memory Network Email/IM Web

4 DCOM And RPC Changes Goal and Customer Benefit Reducing DCOM / RPC attack surface exposed on network Reducing DCOM / RPC attack surface exposed on network What We’re Doing Require authentication on default interfaces Require authentication on default interfaces Enable programmatic ability to restrict RPC interfaces to local machine only Enable programmatic ability to restrict RPC interfaces to local machine only Configuration of access and launch permissions for DCOM through registry Configuration of access and launch permissions for DCOM through registry Move most RPCSS code into reduced privilege process Move most RPCSS code into reduced privilege process Enable customer-controlled option to require authentication to the end-point mapper Enable customer-controlled option to require authentication to the end-point mapper Disable RPC over UDP by default Disable RPC over UDP by default Developer Impact Where appropriate, use new RPC API to limit calls to local machine Where appropriate, use new RPC API to limit calls to local machine Ensure your application doesn’t require anonymous clients Ensure your application doesn’t require anonymous clients Don’t use RPC over UDP Don’t use RPC over UDPNetwork Memory Email/IM Web

5 Email Attachments Goal and Customer Benefit Consistent system-provided mechanism for applications to determine unsafe attachments Consistent system-provided mechanism for applications to determine unsafe attachments Consistent user experience for attachment “trust” decisions Consistent user experience for attachment “trust” decisions What We’re Doing Create new public API for handling safe attachments (Attachment Execution Services) Create new public API for handling safe attachments (Attachment Execution Services) Default to not trust unsafe attachments Default to not trust unsafe attachments Outlook, Outlook Express, Windows Messenger, Internet Explorer changed to use new API Outlook, Outlook Express, Windows Messenger, Internet Explorer changed to use new API Open / execute attachments with least privilege possible Open / execute attachments with least privilege possible Safer message “preview” Safer message “preview” Replaces AssocIsSafe() Replaces AssocIsSafe() Developer Impact Use new API in your applications for better user experience, and better determination of safe content Use new API in your applications for better user experience, and better determination of safe content Memory Network Email/IM Web

6 Web Browsing Goal and Customer Benefit Ensure a safer web browsing experience Ensure a safer web browsing experience What We’re Doing Locking down local machine and local intranet zones Locking down local machine and local intranet zones Improved notifications for running or installing applications and ActiveX controls Improved notifications for running or installing applications and ActiveX controls HTML files on the local machine will not be able to script unsafe ActiveX controls or access data across domains in the Local Machine Security Zone HTML files on the local machine will not be able to script unsafe ActiveX controls or access data across domains in the Local Machine Security Zone Blocking unknown, unsigned ActiveX controls Blocking unknown, unsigned ActiveX controls Disarm cross domain script attacks on APIs Disarm cross domain script attacks on APIs Improved detection and handling of downloaded files through improvements to mime-handling code path Improved detection and handling of downloaded files through improvements to mime-handling code path Files served with mismatched or missing mime-headers and file extensions may be blocked Files served with mismatched or missing mime-headers and file extensions may be blocked Memory Network Email/IM Web

7 Web Browsing What We’re Doing (continued) Mitigate ActiveX reuse through potential limited control leashing and more guided user experience Mitigate ActiveX reuse through potential limited control leashing and more guided user experience Limit UI spoofing Limit UI spoofing Pop-up windows will be suppressed unless they are initiated by user action Pop-up windows will be suppressed unless they are initiated by user action Developer Impact Check for web application compatibility with newer, safer browsing defaults Check for web application compatibility with newer, safer browsing defaults Identify whether controls are safe for scripting on the Internet, or if they can be more restricted Identify whether controls are safe for scripting on the Internet, or if they can be more restricted Memory Network Email/IM Web

8 Hardware Execution Protection Goal and Customer Benefit Reduce exposure of some buffer overruns Reduce exposure of some buffer overruns What We’re Doing Leverage hardware support in 64-bit and newer 32-bit processors to only permit execution of code in memory regions specifically marked as execute Leverage hardware support in 64-bit and newer 32-bit processors to only permit execution of code in memory regions specifically marked as execute Reduces exploitability of buffer overruns Reduces exploitability of buffer overruns Enable by default on all capable machines for Windows binaries Enable by default on all capable machines for Windows binaries Ensure application compatibility with NX for Longhorn Ensure application compatibility with NX for Longhorn Developer Impact Ensure your code doesn’t execute code in a data segment Ensure your code doesn’t execute code in a data segment Ensure your code runs in PAE mode with <4GB RAM Ensure your code runs in PAE mode with <4GB RAM Use VirtualAlloc with PAGE_EXECUTE to allocated memory as executable Use VirtualAlloc with PAGE_EXECUTE to allocated memory as executable Test your code on 64-bit and 32-bit processors with “Execution protection” Test your code on 64-bit and 32-bit processors with “Execution protection” Memory Network Email/IM Web

9 Additional Enhancements In Windows SP2 Automatic Update Automatic Update  SP2 will make it more convenient for customers to enable Automatic Update for critical updates SUS 2.0 client SUS 2.0 client  Software Update Services 2.0 will use a consistent engine for reporting system state and reducing inconsistent results on secure patch availability on a computer Windows Media 9 Series Player: Windows Media 9 Series Player:  Enhanced performance and security improvements over prior versions

10 Additional Enhancements In Windows SP2 DirectX 9.0b DirectX 9.0b  Latest, most secure DirectX components include fixes to address a network firewall change that impacts OEM pre- installs and DirectPlay Bluetooth 2.0 Bluetooth 2.0  Includes support for the latest version of Bluetooth 2.0 allowing customers to take advantage of the latest wireless devices Unified Windows Local Area Network (LAN) client Unified Windows Local Area Network (LAN) client  New wireless LAN will work with a broad range of wireless hotspots enabling customers to connect seamlessly without having to install or update a third-party client

11 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Download ppt "Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH."

Similar presentations

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.

Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Windows XP Service Pack 2 Technical Update. Windows XP Service Pack 2 Technical Workshop Agenda –Security Overview –Introduce Windows XP Service Pack.

Windows XP Service Pack 2 Technical Update. Windows XP Service Pack 2 Technical Workshop Agenda –Security Overview –Introduce Windows XP Service Pack.
Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.

Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.
Changes in Windows XP Service Pack 2

Changes in Windows XP Service Pack 2
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Windows XP Service Pack 2 and the Microsoft Virtual Machine: Developer Implications Rudi Larno Developer & Platform Group Microsoft BeLux.

Windows XP Service Pack 2 and the Microsoft Virtual Machine: Developer Implications Rudi Larno Developer & Platform Group Microsoft BeLux.
Windows XP Service Pack 2 Customer Awareness Workshop XP SP2 Technical Drilldown – Part 2 Craig Schofield Microsoft Ltd. UK September.

Windows XP Service Pack 2 Customer Awareness Workshop XP SP2 Technical Drilldown – Part 2 Craig Schofield Microsoft Ltd. UK September.
Security Flaws in Windows XP Service Pack 2 CSE 7339 9/14/04 By: Saeed Abu Nimeh.

Security Flaws in Windows XP Service Pack 2 CSE /14/04 By: Saeed Abu Nimeh.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Similar presentations

Ads by Google