Re: Microsoft's plans for making XP more secure

[Jelmer <jkuperus () planet nl>]

Just had a look, the IE part really looks awsome, it appears they had a long
hard look at what kind of stuff people have been throwing at it. And came up
with some nice solutions,

If this really is followed thru upon I think we'll see a *drastic* decrease
in internet explorer vulnerabilities in general and an even more drastic
decrease in vulns of the critical kind, the object caching stuff alone was
good for something like 25 issues over the last years. (a testament to the
intense stupidity of the implementation of that particular feature),

Anyway it's nice to see that microsoft is making some proactive changes
rather than just keep on patching endless stream of holes


----- Original Message ----- 
From: "Richard M. Smith" <rms () computerbytesman com>
To: <full-disclosure () lists netsys com>
Sent: Tuesday, December 16, 2003 5:26 PM
Subject: [Full-disclosure] Microsoft's plans for making XP more secure


> Microsoft has just released a document describing the changes they will be
> making in service pack 2 to make Windows XP more secure.  Many of the
> interesting changes are in Internet Explorer.  The attached links provide
> the details.
>
> Richard M. Smith
> http://www.ComputerBytesMan.com
>
> ====================================================
>
> Changes to Functionality in Microsoft Windows XP Service Pack 2
>
> http://tinyurl.com/z0rv
>
> In Microsoft Windows XP Service Pack 2, Microsoft is introducing a set of
> security technologies that will help to improve the ability of Windows
> XP-based computers to withstand malicious attacks from viruses and worms.
> The technologies include network protection, memory protection, safer
e-mail
> handling, more secure browsing, and improved computer maintenance.
>
> Together, these security technologies will help to make it more difficult
to
> attack Windows XP, even if the latest updates are not applied. These
> security technologies together are particularly useful in mitigation
against
> worms and viruses.
>
> This document specifically focuses on the changes between earlier versions
> of Windows XP and Windows XP Service Pack 2 and reflects Microsoft's early
> thinking about Service Pack 2 and its implications for developers.
Examples
> and details are provided for several of the technologies that are
> experiencing the biggest changes. Future versions of this document will
> cover all new and changed technologies.
>
> http://tinyurl.com/z2zv
>
> . Safer e-mail handling. Security technologies help to stop viruses
> (such as SoBig.F) that spread through e-mail and instant messaging. These
> technologies include default settings that are more secure, improved
> attachment control for Outlook Express and Windows Messenger, and
increased
> Outlook Express security and reliability. As a result, potentially unsafe
> attachments that are sent through e-mail and instant messages are isolated
> so that they cannot affect other parts of the system.
>
> . More secure browsing. Security technologies that are delivered in
> Microsoft Internet Explorer provide improved protection against malicious
> content on the Web. One enhancement includes locking down the Local
Machine
> zone to prevent against the running of malicious scripts and fortifying
> against harmful Web downloads. Additionally, better user controls and user
> interfaces are provided that help prevent malicious ActiveXR controls and
> spyware from running on customers' systems without their knowledge and
> consent.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html