Among the many updates that Service Pack 2 will provide, there will be two major changes to Windows in the way the Windows Firewall and Internet Explorer operate. When Windows XP was released to market in 2001, it included a component called the Internet Connection Firewall (ICF). This firewall could be used to protect against some common network attacks. ICF was not enabled by default on Windows XP systems and as a result many home user systems with broadband connections were left vulnerable to attacks that a simple firewall like ICF could have prevented. In Service Pack 2, Microsoft has beefed up the firewall and renamed it Windows Firewall. The first major change that applying Service Pack 2 will produce is that Windows Firewall will be turned on automatically. In addition, changes to the boot sequence will help protect your PC from network attacks during the boot process. Most firewalls do not become active until after the Windows network stack has been initialized. Windows Firewall includes boot-time filters which become active before networking has been initialized. These filters will still allow normal boot-time operations, but will prevent inbound attacks from reaching the operating system while the network stack is initializing. Also, the protection that Windows Firewall offers remains in effect until the network stack has shut down.

     Service Pack 2 will also make major changes to Internet Explorer 6. Windows XP users will be happy to learn that after the Service Pack is applied, Internet Explorer 6 will have a built-in pop-up blocker. The pop-up blocker will show itself in the new Information Bar toolbar to indicate that pop-ups have been blocked. The user can click the bar to enable the pop-up or configure exceptions for particular websites to allow their pop-ups to always open. Also, the blocker may be overridden by holding down the ‘Alt’ key while clicking the link. The Information Bar will also show blocked Active X controls and downloads. Administrators can configure Internet Explorer to block publishers of Active X controls, executable files, and add-ons. Content from blocked publishers will not be executed and the user will no longer be repeatedly prompted to choose whether or not to activate the controls. In addition, Internet Explorer will also include window restrictions. Websites will no longer be able to use the window.open() command to create pop-up windows which are located off-screen, which have their title bar or other controls position off-screen, or which hide portions of the user interface in order to conceal malicious activity.

     There will be changes to the Automatic Updates feature as well. The update to the Automatic Updates client will support the download of Security Updates, Critical Updates, Update Roll-ups and Service Packs. The current version of the client only supports Critical Updates. The new client will prioritize downloads (i.e. smaller security updates to correct exploits will be downloaded before larger service packs). In addition, the client will include a new checkbox on the Shutdown Windows and Turn Off Computer dialog boxes, "Install updates and shutdown". This will allow the updates to be applied at a time when the computer is not being used for anything else.

     In addition, a new Security Center will be added to the Windows XP control panel which will allow home users and corporate users to monitor important features of their PC security: Automatic Updates, Firewall, and Antivirus. The new antivirus APIs will allow the Security Center to monitor the status of the antivirus application and warn the user if the application enters a stopped state. Since many viruses attempt to disable or destroy antivirus applications, the user can get an early warning of the problem. If the antivirus application has not been configured to use the new APIs (as most older versions of commercial antivirus have not been), the Security Center will not recognize it and will warn the user that no antivirus application is in place. The option to check for antivirus can be disabled to prevent this warning from appearing. A few other changes will be included. Windows XP currently supports 802.11 wireless services, but Service Pack 2 will add Bluetooth compatibility to the package, allowing all your mobile devices to communicate effectively with Windows. In addition, the Messenger and Alerter services will be disabled by default. Among other things, this will prevent Messenger Spam (pop-up spam messages that look like normal Windows message boxes). Administrators who use this feature to notify users of server outages will need to re-enable it manually or through Group Policy. Also, any application that requires Messenger or Alerter will not function properly until those services are re-enabled.

     Administrators will be able to control the new security features through Group Policy. The settings for each security zone will be able to be configured centrally allowing for company-wide security settings to be easily rolled out. Another new feature will be the Local Machine Zone Lockdown. There are five security zones in Internet Explorer: Local Machine, Internet, Intranet, Trusted Sites and Restricted Sites. The Local Machine zone is not normally displayed in the Internet Options, but it is configured with low security to allow applications on the local PC to run properly. Developers of malware can use various methods to try and get their code to run in this zone, bypassing all the restrictions placed on the other security zones. This lockdown feature can be configured to allow Line-Of-Business applications to work normally. This feature will prevent untrusted processes from executing code in the local machine zone (such as the ADODB exploit). The feature can be disabled on a case-by-case basis through the Information Bar.

     There are many other changes that Service Pack 2 will make to Windows XP than have been listed here. In a corporate environment, it is vitally important that administrators test the deployment of Service Pack 2 to determine what effect it will have on their normal business processes. The current version of RC2 may be downloaded from Microsoft for testing. Be aware that this is still not the final version of the Service Pack and there could be other issues that might arise when the gold version is released to manufacturing.

 —--------------------------
If you have problems that arise when you install SP2, MicroAge would be happy to assist you with your PC service needs. You may contact the MicroAge Service Department for assistance at 979-846-9727 or by email at Support@MicroAgeCS.com.