Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

TruSecure Gives Security Thumbs Up To Microsoft's Windows XP SP2

  • 06 April, 2004 11:20

<p>SYDNEY Australia, April 6, 2004 -- Russ Cooper, Chief Scientist at security specialist TruSecure and editor of NTBugtraq flags the following Microsoft Windows XP SP2 features as representing a huge step forward for Microsoft, in terms of its security:</p>
<p> Enhancement of Outlook Express 6: enabling it to turn off HTML-based email and dramatic attachment restrictions; and
 Blocking Server Message Block and NetBIOS by default finally breaks the legacy connection between XP and prior versions of Windows.</p>
<p>Russ Cooper, Chief Scientist at TruSecure and Editor of NTBugtraq says: “I am very impressed with Windows XP SP2. It represents numerous, significant shifts in Microsoft's prior thinking, marketing, and practice.</p>
<p>“For example, turning on the Internet Connection Firewall will cause consumers to not be able to access services they were able to access prior to the SP, such as game servers. This will result in support calls as the consumer tries to get back what they had prior to SP installation. Microsoft has always erred on the side of reduced support calls. Here they err on the side of security.</p>
<p>“I had previously been told that Outlook Express 6 was going to be the last version of that product. To significantly enhance its capabilities, both by enabling it to turn off HTML-based email (or rather convert HTML-email into plain-text) and dramatic attachment restrictions, suggests support of the product beyond this version. Normally Microsoft would not make significant enhancements to a product they plan on dropping.</p>
<p>“And blocking Server Message Block and NetBIOS by default finally breaks the legacy connection between XP and prior versions of Windows. Making one set of Windows desktop clients disconnect from the legacy environment by default is a significant shift from past versions, which always tried to ensure connectivity between newer desktops and legacy.</p>
<p>“As far as Mr Gates' statements about forward thinking technologies, they sound wonderful but it remains to be seen whether or not Microsoft can deliver such technologies, and whether or not such techniques will be effective against the threat they intend to thwart. Spammers and attackers have shown themselves to be very versatile, to be able to shift with technology changes. For example, while Bayesian anti-spam filters prove reasonably effective today, spammers too are finding ways to make them less effective. Spam messages frequently contain lengthy lists of benign words, or words a filter would normally deem appropriate for passing through, in order to convince Bayesian filters the message is valid.</p>
<p>“So, in general, I would say that it has taken Mike Nash two years now to build product ideas to fill in the slots he had in the Security Business Unit. It’s a shame it has taken so long, as the needs haven't changed that much in that time. What they say they're working on we needed as much two years ago as we need today. Let's hope it doesn't take another two years to see some of these ideas make their way into viable products we can use.”</p>
<p>For interviews with TruSecure, please call me on +61 (0)2 9387 2332.</p>

Most Popular