WinXP SP2, boiled down

Got this abbreviated rundown of what’s in SP2 from a friend. He distilled this from the various documents available from this Microsoft page.

The overview White Paper seems to have the most useful info in least amount
of bytes. Major tightening on:
* Firewall (ICF beefed up quite a bit, but still no outgoing protection like ZA does.)
* RIPC – but Firewall has to be on to enforce
* DCOM – better protection from non-authenticated admins lot of safeguards/detection on buffer overruns, other memory protection (enabling hardware protection on Itanium & AMD K8)
* Outlook Express gets most of the Outlook security enhancements (images, HTML, application execution, etc.)
* IE adds a lot of new controls (all URL objects similar to ActiveX controls, no cached scriptable objects, block pop-ups, stop scripts from moving/resizing windows, etc.)
* DirectX and Media Player 9 locked down – details for that in a doc I have not read yet
* Alerter and Messenger services OFF by default

Leave a Comment