Full Disclosure mailing list archives
Re: Microsoft's plans for making XP more secure
From: Jelmer <jkuperus () planet nl>
Date: Tue, 16 Dec 2003 20:04:11 +0100
Just had a look, the IE part really looks awsome, it appears they had a long hard look at what kind of stuff people have been throwing at it. And came up with some nice solutions, If this really is followed thru upon I think we'll see a *drastic* decrease in internet explorer vulnerabilities in general and an even more drastic decrease in vulns of the critical kind, the object caching stuff alone was good for something like 25 issues over the last years. (a testament to the intense stupidity of the implementation of that particular feature), Anyway it's nice to see that microsoft is making some proactive changes rather than just keep on patching endless stream of holes ----- Original Message ----- From: "Richard M. Smith" <rms () computerbytesman com> To: <full-disclosure () lists netsys com> Sent: Tuesday, December 16, 2003 5:26 PM Subject: [Full-disclosure] Microsoft's plans for making XP more secure
Microsoft has just released a document describing the changes they will be making in service pack 2 to make Windows XP more secure. Many of the interesting changes are in Internet Explorer. The attached links provide the details. Richard M. Smith http://www.ComputerBytesMan.com ==================================================== Changes to Functionality in Microsoft Windows XP Service Pack 2 http://tinyurl.com/z0rv In Microsoft Windows XP Service Pack 2, Microsoft is introducing a set of security technologies that will help to improve the ability of Windows XP-based computers to withstand malicious attacks from viruses and worms. The technologies include network protection, memory protection, safer
handling, more secure browsing, and improved computer maintenance. Together, these security technologies will help to make it more difficult
to
attack Windows XP, even if the latest updates are not applied. These security technologies together are particularly useful in mitigation
against
worms and viruses. This document specifically focuses on the changes between earlier versions of Windows XP and Windows XP Service Pack 2 and reflects Microsoft's early thinking about Service Pack 2 and its implications for developers.
Examples
and details are provided for several of the technologies that are experiencing the biggest changes. Future versions of this document will cover all new and changed technologies. http://tinyurl.com/z2zv . Safer e-mail handling. Security technologies help to stop viruses (such as SoBig.F) that spread through e-mail and instant messaging. These technologies include default settings that are more secure, improved attachment control for Outlook Express and Windows Messenger, and
increased
Outlook Express security and reliability. As a result, potentially unsafe attachments that are sent through e-mail and instant messages are isolated so that they cannot affect other parts of the system. . More secure browsing. Security technologies that are delivered in Microsoft Internet Explorer provide improved protection against malicious content on the Web. One enhancement includes locking down the Local
Machine
zone to prevent against the running of malicious scripts and fortifying against harmful Web downloads. Additionally, better user controls and user interfaces are provided that help prevent malicious ActiveXR controls and spyware from running on customers' systems without their knowledge and consent. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft's plans for making XP more secure Richard M. Smith (Dec 16)
- RE: Microsoft's plans for making XP more secure Poof (Dec 16)
- Re: Microsoft's plans for making XP more secure Jelmer (Dec 16)
- <Possible follow-ups>
- Microsoft's plans for making XP more secure Helmut Hauser (Dec 16)