1 / 37

Microsoft Windows XP Service Pack 2 Release Candidate 2

Microsoft Windows XP Service Pack 2 Release Candidate 2. David A. Greenberg Lead Security Engineer IT Security Office Office of the Vice President for Information Technology Indiana University. Service Pack 2 Goals. Provide all post SP1 updates and patches More regression testing

ekram
Download Presentation

Microsoft Windows XP Service Pack 2 Release Candidate 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Windows XPService Pack 2Release Candidate 2 David A. Greenberg Lead Security Engineer IT Security Office Office of the Vice President for Information Technology Indiana University

  2. Service Pack 2 Goals • Provide all post SP1 updates and patches • More regression testing • Fixing known vulnerabilities not enough • New and enhanced technology added • Network and Memory Protection • Safer e-mail handling • More secure browsing • Additional enhancements

  3. Installation Two distribution channels • Windows Update • http://v5.windowsupdate.microsoft.com/ • Full Network package • Can be extracted using: • Xpsp2.exe /U /X:c:\xpsp2 • update.msi can be used for a group policy deployment of SP2 • Update\update.exe /S can be used for slipstream

  4. Network Protection • Alerter and Messenger Service Disabled • Distributed Component Object Model (DCOM) ACLs expanded

  5. Network Protection • Remote Procedure Call (RPC) interface eliminates remote anonymous connections • WebDAV Redirector • Windows Media Player 9 Series • Windows Messenger • Windows Network Setup Wizard

  6. Windows Installer 3.0 • Smaller and more reliable patches • Not prompted for install media as often • Improved patch removal ability • Sequencing • FTP and GOPHER is no longer supported • Installer service is no longer interactive

  7. On by default Boot time security Global configuration Local subnet restriction Command line support Netsh Exceptions List No exceptions mode Multiple Profiles Domain and non-domain Unattended Setup Support Group Policy Support Windows Firewall

  8. Remote Administration Tools • Blocked by default from remote locations • Computer Management • Device Manager • Event Viewer • Group Policy Management • Local Users and Groups • Services • Shared Folders • WMI Control

  9. Internet Connection Firewall

  10. Windows Firewall

  11. Windows Firewall

  12. Windows Firewall

  13. Windows Firewall

  14. Windows Firewall

  15. Memory ProtectionData Execution Prevention • Memory protection technology • Memory locations are marked as non-executable and executable. • Should help prevent or even eliminate buffer overruns.

  16. Safer e-mail handlingOutlook Express • Plain text mode for reading e-mail • Behind the scenes security enhancement • Don’t download external HTML option • Developer changes to the way attachments are opened

  17. Pre SP2 Post SP2

  18. Safer Web BrowsingInternet Explorer • Download and attachment enhancements • MIME file type agreement enforcement

  19. Download and attachment enhancements • Users will see a redesigned pop up box when downloading and installing programs • Simple and Advanced view

  20. Internet Explorer Information Bar • Replaces many balloon text and pop up boxes • Designed to be unobtrusive and less confusing

  21. Pop up blocker • Enabled by default • Regardless of settings, pop ups can not open outside of visible desktop • Trusted sites and Local Intranet Zones never block pop ups

  22. Pop-Up Blocker

  23. Pop-Up Blocker Settings

  24. Download Example

  25. Automatic Updates • More choices, prioritized, consolidated • Critical updates (same as pre SP2) • Security updates • Update roll-ups • Service Packs • Future - Products including • Microsoft Office, Microsoft SQL Server

  26. Automatic Updates • Background Intelligent Transfer Service (BITS) 2.0 • Less bandwidth needed • More configurable than version 1 • Automatic Updates configurable through group policy • Improved Update Applicability Rules

  27. Automatic Updates

  28. Windows Update • Windows Update • For components that shipped with the Operating System • Microsoft Update (planned) • Not currently available • For all other Microsoft products. • SQL, Exchange, Office

  29. Security Center • Firewall • Virus Protection • Automatic Updates • Controlled through Group Policy in a domain environment

  30. Security Center

  31. Security Center

  32. Windows XP SP2 http://www.microsoft.com/SP2Preview Changes in Functionality in Microsoft Windows XP Service Pack 2 http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2chngs.mspx • Network and Memory Protection • Safer e-mail handling • More secure browsing • Additional enhancements

  33. Microsoft Windows XPService Pack 2Release Candidate 2 David Greenberg Lead Security Engineer IT Security Office Office of the Vice President for Information Technology Indiana University

More Related