Microsoft KB Archive/889735

= Windows XP Service Pack 2 (Part 1): Better security with Service Pack 2 =

Article ID: 889735

Article Last Modified on 2/6/2007

-

APPLIES TO


 * Microsoft Windows XP Service Pack 2
 * Microsoft Windows XP Service Pack 2

-



SUMMARY
This article is Part 1 of the Windows XP Service Pack 2 - Step by Step guide. This part introduces this topic.

To view the other topics of the Windows XP Service Pack 2 - Step by Step guide, see the Microsoft Knowledge Base articles that are listed in the &quot;References&quot; section.

The Windows XP Service Pack 2 - Step by Step guide includes the following topics: Part 1: Better security with Service Pack 2

Part 2: Installing Service Pack 2

Part 3: The new Security Center

Part 4: Automatic Updates

Part 5: Virus protection

Part 6: Windows Firewall

Part 7: Protecting against buffer overflows

Part 8: Improvements in Internet Explorer and Outlook Express

Part 9: Uninstalling Service Pack 2



Part 1: Better security with Service Pack 2
More and more computers are remaining continuously connected to the Internet. Although companies use professional protection against possible attacks, many home users do not. Microsoft Windows XP Service Pack 2 (SP2) provides a variety of security settings and protective measures to help make a computer more secure.

Windows XP SP2 contains several operating system changes. The 265-megabyte (MB) security package closes all known security breaches and offers a range of new functions.

The new Security Center
The most noticeable addition to Windows XP SP2 is the Security Center. It combines a firewall, virus protection, and automatic updates. The Security Center creates a single control center for the most important security features. The Security Center keeps you aware of the security status of a computer and lets you take immediate action if it is required.



Automatic Updates
Automatic Updates make it easy to keep a computer up to date. You can visit the Microsoft Windows Update Web site and search for specific updates, or you can let Windows update itself automatically.

Virus protection
Windows does not include a virus protection program. However, you should make sure that the computer is protected against viruses, worms, and Trojan horse programs. When you connect to the Internet just once without protection, you leave a computer vulnerable. Home users can easily download free virus protection software from the Internet.

Windows Firewall
The Windows Firewall creates a protective boundary between a computer and the Internet. Windows Firewall monitors Internet connections and automatically blocks unwanted external access. If you want to allow for certain connections, you can do the following:
 * Define exceptions by opening specific ports
 * Give permissions to programs or to services
 * Specify trusted computers

For example, you can specify only computers that belong to a particular network.

How to protect against buffer overflows
Data and program codes are stored in the same location. Therefore, executable codes can appear in data areas. Malicious users use this fact to start their attacks. The new Data Execution Prevention (DEP) feature specifies certain storage areas as &quot;non-executable.&quot; This step makes stored malicious code ineffective.

Microsoft Internet Explorer
Security in Internet Explorer has also been enhanced. A pop-up blocker that blocks annoying advertising windows has been added. Internet Explorer also blocks unwanted downloads and ActiveX installations. Another new feature is a main gateway to block malicious dialers. The new Add-on Manager function makes it easier to identify unwanted browser add-ins and to deactivate these add-ins. This helps protect a computer against spyware. The additional security zone settings can also significantly reduce the risk of a malicious attack.

Microsoft Outlook Express
E-mail messages in Outlook Express are now displayed as plain text instead of in HTML format. This behavior prevents viruses from starting when you read an e-mail message. However, if you decide to receive messages in HTML format, graphic files that are sent with the e-mail message are at first blocked and replaced with a red X. This step prevents spammers from discovering whether an e-mail address is valid or not. If the graphic files come from a trusted source, you can still download them.

Uninstalling Windows XP SP2
A Windows XP-based computer may not operate as expected after you install Windows XP SP2. If this is the case, you can uninstall Windows XP SP2 and return the computer to its previous state.

