Windows XP's Big Security Fix

Illustration: Joe Zeff
If you've been longing for a more secure version of Windows, Windows XP Service Pack 2, due in mid-2004, should fit the bill. A response to the electronic attacks that crippled Windows PCs worldwide last year, Windows XP SP2 is a crucial upgrade centered on what Microsoft calls security technologies.

I tested a beta of XP SP2 and came away impressed: With a simple installation (I experienced none of the compatibility hassles that some users encountered with SP1), much-needed security enhancements, and a friendlier front-end to wireless networking, XP SP2 is shaping up as a must-have upgrade for all Windows XP users.

Service Pack 2 will be free, but Microsoft hasn't yet said how it will distribute the pack.

A Finer Firewall

One component of the original Windows XP is the Internet Connection Firewall, but this line of defense is disabled by default and is difficult to find and configure. The version in XP SP2, now renamed Windows Firewall, receives more-prominent advertising and is enabled by default, providing a decent level of network protection even when the system is booting up.

In addition, the new Windows Firewall is more powerful than the previous version, with both inbound and outbound scanning capabilities similar to those of third-party firewalls such as ZoneAlarm. For example, the first time an application wants to access the Internet, Windows Firewall pops up a dialog box in which you can configure the firewall to grant such access.

Windows XP included wireless networking support but Microsoft then hobbled the feature somewhat with Service Pack 1, forcing users to log on manually to insecure networks (a hassle for most home users). With SP2, the software giant has significantly improved the user interface for wireless networking, simplifying the tasks of browsing, configuring, and connecting to wireless networks. One nice touch is an option that lets you pick the wireless network you always want to connect to when you are within range of it.

In Service Pack 2, Internet Explorer has been updated to include pop-up ad blocking, a key feature that some competing browsers have had for months. And if you do choose to allow pop-ups, Internet Explorer prevents questionable Web sites from altering those windows in ways that might harm your system; this innovation should put an end to the annoying proliferation of windows at some Web sites.

In another welcome nod to security, Internet Explorer includes a new browser add-on module that helps deter spyware by controlling how XP installs, configures, and enables add-ons. In the short term, some IE add-ons--for example, various Netscape-style plug-ins--may not work after the upgrade; but even so, the additional security and stability are worth it.

Both Outlook Express and Windows Messenger will now protect you from dangerous file types, isolating attachments so that they cannot attack your system. OE has also been updated with a feature drawn from Outlook 2003: By default, HTML e-mail messages will not download images; this keeps spammers from figuring out that your e-mail address is valid by having the embedded images phone home. This is a fine feature, but the ability to set up a whitelist of approved senders whose images aren't to be filtered would have been nice, too.

Microsoft has significantly changed Windows Update for use with SP2, placing the most critical software updates into a friendly, new, single-step installation routine. Other software and driver updates are available separately.

Behind the scenes, Microsoft has made many low-level changes to XP in SP2 to make the operating system as secure as possible. A new memory protection system guards XP against common buffer overrun errors that many viruses and worms exploit to compromise the OS. And new networking technologies will help ensure that attackers find fewer vulnerabilities when probing SP2-protected Windows systems over the Internet.

A Must-Have Upgrade

Windows XP Service Pack 2 may not solve all of your security problems: Hackers are notoriously industrious, and Windows will continue to be their target of choice. It's also too early to tell whether SP2 will generate any woes similar to those that plagued many users who installed SP1.

Nevertheless, this update does provide much of the basic plumbing you need for a better-protected operating system. If the beta is any indication, Windows XP Service Pack 2 will be a winner.

SP2's Greatest Hits

  • Simple, secure wireless networking
  • Stronger firewall enabled by default
  • Pop-up blocking in Internet Explorer
  • Attachment protection in Outlook Express and Windows Messenger
  • Automatic updates

Subscribe to the Windows Tips & Trends Newsletter

Comments