RealTime IT News

Svc. Pack for XP Ready; What About Win2000?

Microsoft is expected to roll out a service pack for Windows XP early next week that is chock full of security-related goodies for Windows customers. But customers running Windows 2000 are not expected to see a similar package.

As previously reported, the software giant will unveil a security makeover to XP's embedded Internet Connection Firewall (IFC) to thwart hacking attempts and provide new tweaks in order to block e-mail borne viruses.

But the service pack is arriving at a time when 70 percent of U.S. enterprises have not yet migrated to the XP platform, which is a major concern, according to Gartner analyst John Pescatore.

"The majority of enterprise desktops are running Windows 2000 desktops. Only 30 percent of corporate clients are running XP but Microsoft hasn't said what they'll do about improving security for Windows 2000. We're urging them to give out security updates for Windows 2000," Pescatore said in an interview with internetnews.com.

Pescatore said he expects more customers to upgrade from their Windows 2000 platforms after Microsoft ends its support for Windows 2000, which is slated for late in 2004, and after the coming XP service ships (in the second quarter next year).

But even then, he expects about half of all enterprises in the U.S. will still be running Windows 2000.

"We've asked Microsoft for quite some time now if the same improvements will be available for Windows 2000 but no one is saying. The XP improvements are necessary for the consumer market but, in the enterprise, similar improvements are needed for Windows 2000," Pescatore reiterated.

A spokesman for Microsoft confirmed there won't be a major security overhaul available for Windows 9x and 2000 customers. "We recommend those customers employ a third party firewall and anti-virus software," the spokesman said.

He said the Windows 2000 Service Pack 4 (SP4) was available to provide the security updates to the Windows 2000 operating systems, nothing that Windows 2000 SP4 contained a collection of fixes dealing with security, application compatibility, operating system reliability and setup.

Gartner's Pescatore described the coming Windows XP SP2 beta as a "very necessary update" to deal with the growing scourge of hacker attacks, virus distribution and spam e-mail.

Joe Wilcox, a Jupiter Research analyst who tracks Microsoft for the Microsoft Monitor Weblog, has provided the most details of what's expected in the XP service pack, describing it as a major rollout that warrants extensive review by businesses and developers.

"For example, the patch will introduce monitoring of browsing, e-mail and instant messaging for malicious attachments or code. This will be done through a new application programming interface (API) called Attachment Execution Services," he wrote on his blog. "The changes mean Outlook Express will block certain types of attachments, like executables, by default. Microsoft first introduced this feature to Outlook 2000 as part of an update and made it standard in subsequent versions. Like Outlook 2003 and MSN, Outlook Express will block external content, such as clear gifs (a.k.a. Web beacons)," Jupiter's Wilcox said. (Jupiter Research and this publication are owned by the same parent company.)

Additionally, Microsoft's flagship Internet Explorer browser has been tweaked to add a series of warnings whenever a user tries to download executable files from the Web. "Service Pack 2 will place more limitations on scripts running from Websites or remote servers," Wilcox noted.

The XP update is also expected to disable unnecessary services that open ports to potential hacks by worms or spam.

"Perhaps the most significant will be Remote Procedure Call, which was a vehicle for spreading Blaster. Service Pack 2 will disable RPC operation in what Microsoft calls the Internet Zone but not necessarily the Intranet Zone," Wilcox said, explain that the update would increase the demarcation between the two zones.

Microsoft also plans to protect against the ubiquitous buffer overflows, the most common software security flaw. New compiler technology will be added to XP to detect buffer overruns and stop malicious code from running on the computer. Wilcox said Microsoft also plans to better protect buffer overruns in heap memory, noting that this protection would only work with some microprocessors.