1 / 65

Windows XP Service Pack 2

Discover how Windows XP Service Pack 2 delivers advanced protection technologies, network security, safer web and email experiences, memory protection, and improved maintenance for a more secure computing environment.

yair
Download Presentation

Windows XP Service Pack 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows XP Service Pack 2 Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team

  2. Agenda • Background • Business Opportunity • Protection Technologies • Network protection • Safer Web and email experience • Memory protection • Improved maintenance • But that’s not all… • Availability

  3. Days between patch and exploit 331 180 151 25 SQL Slammer Nimda Blaster Welchia/ Nachi Security is our No. 1 prioritybut there is no silver bullet Background: Security Challenges • Patch management too complex • Time to exploit accelerating • Exploits are more sophisticated • Current approach is not sufficient

  4. Client Attacks Malicious Web content Malicious e-mail attachments Buffer overrun attacks Port-based attacks

  5. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  6. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  7. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  8. Protection Technologies • Windows Firewall • on by default • boot time protection • multiple profile support • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  9. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  10. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • The RPC service runs with reduced privileges • no longer accepts unauthenticated connections by default • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  11. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  12. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Granular configuration of launch permissions for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  13. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  14. Protection Technologies • Windows Firewall • Reduction of attack surface of a Windows XP computer • More secure infrastructure for DCOM • Windows Messenger Service is off by default • a tool that has been exploited by spammers • spammers will not be able to use the feature to send unwanted pop-ups NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  15. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  16. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  17. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  18. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  19. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  20. Protection Technologies • Blocking of un-requested pop-ups • More control over Active-X controls • More control over downloads • More control over attachments NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  21. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  22. Protection Technologies • What is a buffer overrun? • Technologies to reduce exploitation of buffer overruns NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  23. “Buffers” are space set aside for input, such as your name when a computer asks you to type it in Information should not over-fill the buffers Good Data Frame Pointer Function Return Address Function Parameters Exception Handler Frame Locally DeclaredVariables and Buffers Callee save registers What is a buffer executioncontinues when input is received Data GoesHere

  24. A “buffer overflow” works by filling the buffer with computer commands and forcing the commands to execute by changing the return address Frame Pointer Function Return Address Function Return Address Function Parameters Overflow attack Overwrites outside Buffer Bad Code Exception Handler Frame Locally DeclaredVariables and Buffers Callee save registers What is a buffer overflow Data GoesHere

  25. Protection Technologies • What is a buffer overrun? • Technologies to reduce exploitation of buffer overruns • Microsoft has recompiled all code changed since the release of Windows XP using the latest Visual Studio® compiler and the “/GS” flag NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  26. XP SP2 uses a "speed bump," or cookie, between the buffer and the return address (called the /GS switch) If an overflow writes over the return address, it will have to overwrite the cookie This is detected and the program stops Function Stackwith /GS Switch Frame Pointer Function Return Address Function Parameters Overflow attack Overwrites outside Buffer Bad Code Exception Handler Frame Locally DeclaredVariables and Buffers Cookie Callee save registers Solution: /GS Switch Reduce Risk of Buffer Overruns Cookieoverwritten,executionhalts Data GoesHere

  27. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  28. Protection Technologies • Windows Security Center • Automatic Update enhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  29. Protection Technologies • Windows Security Center • Automatic Updateenhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  30. Protection Technologies • Windows Security Center • Automatic Update enhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  31. Protection Technologies • Windows Security Center • Automatic Updateenhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  32. Protection Technologies • Windows Security Center • Automatic Updateenhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  33. Protection Technologies • Windows Security Center • Automatic Updateenhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  34. Protection Technologies • Windows Security Center • Automatic Updateenhancements • Group Policy management of security features • New Wireless LAN client • SmartKey Wireless Setup • Bluetooth update NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  35. To help protect all computers connected to the Internet or an internal network To enable a safer Internet experience for the most common Internet tasks To provide system-level protection for the base operating system To ensure that updates are easier and quicker to deploy Protection Technologies NetworkProtection Safer Weband Email MemoryProtection ImprovedMaintenance

  36. Availability • Available as of August 2004 • Download from http://www.microsoft.com • Delivered as a critical update via Automatic Update - intelligently managed via new download service • CDs available on request via the website (no cost)

  37. Diagnostic and fixing process • For Windows Applications • Add application to firewall exceptions • Check with application vendor for COM+ requirements • Check with application vendor for patch • For Web based applications • Add website to trusted list • Manage Security Zone settings • Look at http://support.microsoft.com • Read documents at http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx

  38. Call to Action Plan and Test! • New security features will make the system secure but may break some applications • In common test scenarios expect >=90% of applications to work without any configuration changes • Majority of fixes are enabling pop-ups in browser applications and “listening” for firewall setup.

  39. © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

  40. Exchange Intelligent Message Filter(Exchange2003 Anti Spam) Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team

  41. Agenda • The Spam Problem • How to Fight Spam • Exchange2003 Anti-Spam Features • Exchange Intelligent Message Filter • Outlook and OWA Client Features • Deployment

  42. “Spam fighters make a good killing” “No silver bullet for spam” “Spam works” “Estimates vary, but IDC reckons that over 30 percent of US e-mail is spam, while Brightmail says…over 50 percent…the world's 500 million business e-mail users are wasting countless hours sorting through and deleting spams, costing companies millions each year in lost time…” http://www.enn.ie/frontpage/news-9380566.html “The Radicati Group says unwanted e-mail cost U.S. corporations about $9 billion last year in lost productivity. Within four years, the firm says, $198 billion will be spent for servers to handle spam..” http://www.comnews.com/stories/articles/c1103editor.htm “Ferris Research has estimated the cost of spam to a company of 10,000 workers is $1.1 million. …” http://www.cnn.com/2003/TECH/internet/11/04/spam.killer/index.html The Spam Problem

More Related