February 24th, 2005

Security Improved…then Destroyed

Heath Stewart
Principal Software Engineer

Michael Howard – our Sr. Security Program Manager here at Microsoft – blogs about how the improved security features in XP SP2 were effectively destroyed in an article in PC Magazine, “Making Windows XP Start Faster“, by turning off the Automatic Updates and Internet Connection Firewall (ICF) services.

Great improvements have – and are still – being made to both the development process, and code and binary quality, through better code reviews, static analysis tools – many of which are developed in Microsoft Research – and more. But it’s information like this that can much more quickly destroy all that.

External firewalls are great to have, but many people are connected directly to the Internet either via modem or broadband (which is more likely to be attacked). People that don’t know what a firewall is might not know that they need it, especially in those cases.

Personally, I’m running both an external firewall on my router as well as the firewall in XP, which I turned on even before SP2 turned it on by default. Automatic updates also make sure that your computer is kept secure.

Topics
Security

Author

Heath Stewart
Principal Software Engineer

Heath is an application architect and developer, looking to help educate others to learn professional development. Besides designing and developing applications he enjoys writing about intermediate and advanced topics. Heath also consults for deployment packages and scenarios within Microsoft and for external customers.

0 comments

Discussion are closed.