Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

First Look At Windows XP Service Pack 2: Page 6 of 7

Security Baked In

There are also some significant areas of security improvement that are invisible in SP2, but they represent some of the more important changes. Windows Messenger Service, the network messaging feature (not to be confused with Windows Messenger, the instant-messaging client), is turned off by default in SP2. The Windows Messenger Service has been the target of spam pop-ups for more than a year. More recently, it has been identified as a possible area of exploit by hackers and malware.

If you make use of Microsoft's Outlook Express e-mail program or Windows Messenger instant-messaging client, the software maker is tweaking these products very slightly to prevent security problems. File attachments to emails or files passed with Windows Messenger will be treated with more suspicion by default. Attachments will be able to open and execute with the fewest permissions possible. Outlook Express will also no longer download external content (such as graphics) in HTML mail by default. Windows XP SP2 will also deliver the latest versions of Windows Media Player 9 and DirectX 9.0b, both of which have numerous security tweaks.

Microsoft has also partially disabled the Remote Procedure Call aspect of Windows, which was targeted by MS Blaster and its variants. It runs with reduced privileges in SP2 and will no longer accept unauthenticated connections by default.

The Distributed Component Object Model (DCOM) has been extended "more granular COM permissions to give administrators the flexibility to control a computer's COM permission policy," according to a Microsoft document. In the current environment, it's not possible to allow a local-area network access to COM without also implicitly allowing that application access via the Internet too.