Microsoft is preparing a publicity assault aimed at making systems administrators aware of a coming Windows XP service pack that changes a number of security settings in the operating system.
The service pack, due later this year on the Software Update service, includes changes to Internet Explorer and Outlook Express, hardware execution protection and memory protection. But the most significant change is that XP’s built-in firewall will be enabled.
Administrators need to be prepared for the service pack, says Steve Riley, a visiting product manager at Microsoft’s security business unit.
“We have webcasts under development right now for the sysadmins, developers and so on,” he says. Microsoft has also placed a guide to deploying the new service pack on its TechNet website.
Because the firewall will be set to deny traffic by default, users or administrators will need to manually create rules that allow them to use local networks. The migration to service pack 2 might be painful for some users, but it fits well with Riley’s belief that companies can’t rely on the security of the corporate firewall alone.
“I have it as my life goal to eliminate the network as a mechanism of security,” Riley says. Network hosts should trust each other based upon shared certificates, mutual authentication and encryption of local communications, he says, leaving networks to push packets.
“There’s got to be a point at which maybe we can build something on the network that exists solely for data transfer purposes.”
That requires investment in networks, systems and software, but Riley says that companies need to update their IT infrastructures as often as the rest of the business. A CEO who doesn’t believe a modern infrastructure is worth paying for probably doesn’t know how expensive a virus outbreak or a successful attack can be.
The main threat is no longer from script kiddies, Riley says, but from computer experts looking for personal gain. Some might wish to use attacked computers for nefarious purposes, and others might be motivated by revenge, he says. Attackers are increasingly sophisticated with powerful tools at their disposal, such as root kits — programs written to let a local user take administrative control of a machine and hide their tracks.
“I can’t believe the number of root kits we are seeing on people’s computers recently,” says Riley.
A final release candidate of the service pack is available to download for administrators who want to test their systems, but Riley says the final release isn’t imminent. “There will be a release candidate 2.”
Microsoft is considering including some of the XP changes for a future service pack for Windows 2000, he says, but no decision has been made yet. “If enough people ask for it and it’s technically possible, we’ll consider it.”