Spyware, Viruses, & Security forum

General discussion

News - August 21, 2004

What's Next on Microsoft's Security Agenda?

Even though the Windows XP Service Pack 2 (SP2) bits are done and in the midst of being disseminated, there's no rest ahead for Microsoft's security team.

Next up on the company's security agenda: Porting the pertinent SP2 security fixes to Windows Server 2003 and certain versions of Internet Explorer; introducing new patching technologies, including Windows Update Services and Microsoft Update; and rolling out Microsoft's next-generation "Active Protection" security technologies?starting with behavior-blocking technologies.

And that's not all. Microsoft also is working on its own antivirus offering, which it is expected to deliver as a service, as well as on new, hosted security offerings for small businesses.

But first things first. Microsoft still has a lot of work yet to do on Windows XP SP2, in terms of getting this collection of new features and fixes out to as many of the estimated 300 million Windows XP users as possible. Starting on Wednesday, August 25, Microsoft is set to begin pushing the service pack automatically to users' desktops over the Web.


Discussion is locked
You are posting a reply to: News - August 21, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - August 21, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Latest SP2 Flaw Bypasses IE Security Zone

In reply to: News - August 21, 2004

Security researchers have discovered another vulnerability in Windows XP Service Pack 2, but it doesn't appear to be an immediate threat.

The researcher who uncovered the drag-and-drop flaw in Windows XP SP2 earlier in the week has reported that a new vulnerability exposes a hole in the lockdown of Internet Explorer's My Computer security zone.

The lockdown of the My Computer zone is one of the major security enhancements in SP2. Web pages in Internet Explorer run in one of several security "zones," each of which has different security rules. Prior to SP2, the My Computer zone?designed for Web pages stored on the computer itself?had extremely permissive rules. In order to take advantage of them, malware attacks frequently exploited vulnerabilities to get their Web-based pages to execute. Microsoft tightened the rules in SP2 to make it a less inviting target.


Collapse -
More Vendors Report SP2 Woes

In reply to: News - August 21, 2004

Glitches between Windows XP Service Pack 2 and critical applications continue to emerge.

Security vendor McAfee told CRN this week that its flagship VirusScan product prior to version 7.1 requires a custom patch from McAfee in order to be operational with Windows Security Center, a utility in SP2 that monitors third-party security tools.

Steve Crutchfield, director of product marketing for McAfee, Santa Clara, Calif., said the vendor's enterprise Desktop Firewall product also requires a patch before it can function with Windows Security Center.

Depending on the exact McAfee product, the patch McAfee will offer to remedy the two affected product categories could take months to arrive, explained Crutchfield, who said, "Generally speaking, if (a patch) is not available now, they will be available in the next quarter or so."

McAfee's security rival Symantec, Cupertino, Calif., posted a support bulletin on its Web site last week to help customers understand which products required a Symantec patch to function with Windows Security Center. McAfee, on the other hand, has only offered a McAfee/SP2 interoperability FAQ sheet and white paper available to channel partners who request them.

"We make it available if they ask us," said Crutchfield, adding

More: http://www.crn.com/showArticle.jhtml?articleID=29116619&flatPage=true

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Here's Everything to Know About the 2019 Grammys

Find out how to watch the Grammy Awards if you don't have cable and more.