Archive from September, 2004
Sep 18, 2004 - General    No Comments

Has Microsoft updated any of the Windows Support Tools in Windows XP Service Pack 2 (SP2)?

Microsoft updated some Windows Support Tools in XP SP2. The updated tools include

bitsadmin.exe
extract.exe
httpcfg.exe
iadstools.dll
ipseccmd.exe
netdom.exe
replmon.exe
You can download the updated XP support tools at
Link

Sep 8, 2004 - General    No Comments

What’s new in Windows XP Service Pack 2 (SP2)?

XP SP2 greatly improves XP’s network and memory protection and email handling and contains a new firewall called Windows Firewall. Windows Firewall is enabled by default; however, if an application tries to access a blocked port, the firewall lets the user opt to grant the application access to that port. XP SP2 also includes a new Control Panel feature called Windows Security Center, which the figure at Figure shows. Security Center provides an interface to the firewall configuration and ensures that Automatic Update is enabled and adequate virus protection is running. You can manage the Windows Firewall configuration through Group Policy. Microsoft has also enhanced the Remote Procedure Call (RPC) service in XP SP2 to let some parts of the service run with lower privileges (i.e., under the local system context) and make RPC less vulnerable to intruders.

XP SP2 is large (approximately a 250MB download) because Microsoft rebuilt much of the XP code with enhanced memory protection to help avoid problems such as buffer overrun when an application attempts writes that exceed its allocated memory space. XP SP2 also includes code that works with new hardware processor features to block the use of memory areas to execute code, thereby preventing the execution of worms. In addition to providing beefed-up security, XP SP2 includes some “nice-to-have” features, such as a pop-up blocker for Microsoft Internet Explorer (IE) and improved integrated Bluetooth wireless network support.

XP SP2 is a much-needed release that you should take advantage of; nevertheless, you should roll out the service pack with care–it provides several fixes that could prevent your applications from working correctly. Before you deploy XP SP2, test every application on a dedicated test platform and roll out application updates where needed. For example, the XP Messenger and Alerter services are disabled by default in XP SP2. If any of your applications use these services, you’ll need to either enable them or update the application so that it doesn’t use them. As another example, an application that incorrectly addressed memory but worked before XP SP2 will no longer work now that Windows is “fixed.”

Sep 8, 2004 - General    No Comments

Should I run Windows XP Service Pack 2′s (SP2′s) Windows Firewall, a third-party firewall, or both?

A Microsoft source answers as follows:

“We strongly recommend that users run only one host firewall on their system. Yes, the XP SP2 Windows Firewall can coexist with third-party firewalls, but multiple firewalls don’t make you safer. Running multiple firewalls just means you have to configure the settings in multiple places (e.g., opening ports for each firewall you run). For anyone who wants to keep using a third-party firewall after installing XP SP2–for example, because they like some of the extra features–we suggest they turn off the Windows Firewall. We have already advised third-party firewall vendors to programmatically turn off the Windows Firewall in their future releases, so this will eventually be automatic.

“We don’t have any specific guidance as to whether people should use the built-in XP SP2 Windows Firewall or use a third-party product. We absolutely believe that people who don’t already have host firewalls should run the Windows Firewall in XP SP2. Almost all firewalls on the market (including the Windows Firewall) provide good security; it then boils down to what features and capabilities people want. The Windows Firewall, for example, doesn’t do any alerting or intrusion detection. Neither does it offer outbound filtering capabilities. The Windows Firewall focuses on preventing attacks from successfully penetrating a system, but it doesn’t do anything to protect systems once bad software is locally installed. Some other products also have better diagnostics and centralized reporting than the Windows Firewall (which has no reporting whatsoever). I don’t believe people are “safer” running third-party firewalls, but there may be some features in these products that they would like to have.”