Microsoft's Service Pack 2 for Windows XP is ready and the update will soon be available to end users. Which is great.
SP2 is by far the largest service pack we've seen (it's over 250MB in size and quite a download). What's more important, this SP centers around security features only.
From the antivirus point of view, the three most important features in SP2 are:
- Stack & heap protection: this will make it much harder to generate exploits for buffer overflows, such as those used by automatic network worms like Slammer, Blaster and Sasser. We had a look at how Microsoft actually implemented this, and it looks good.
- Built-in firewall. Which is enabled by default, and running right from the boot-up. It will not only prevent access from the outside but it will also warn users when local applications start to listen on specific ports. It won't warn when local applications send data to the internet, though.
- Patched versions of IE and Outlook. As these are the most common tools to access the net, it's important to have them up-to-date.
The end result will be that once patched XPs become commonplace, it will be much harder to create large network worm outbreaks. User-assisted viruses (like email worms) won't go away...and the bad boys will eventually find ways around the safeguards. But nevertheless, this is a big improvment.
As XP is already the most common operating system on the internet, this Service Pack is very important. We hope majority of XP users will apply it soon. This would benefit everybody on the internet.