Zu der Diskussion eben "was ändert sich an der XP Firewall" denke ich passt
diese Übersicht dazu
Many customers do not or cannot roll out security updates as soon as they
become available, but still need to be protected against the risks that
these security updates are designed to mitigate. Each security bulletin that
Microsoft delivers includes information that customers can use to help
mitigate risk while they deploy the update. However, Microsoft is delivering
other security technologies that provide additional mitigation when a
security update cannot be deployed immediately. These security technologies
cover the following areas:
* Network protection. These security technologies help to provide better
protection against network-based attacks, like MSBlaster, through a number
of innovations, including enhancements to Windows Firewall. The enhancements
include turning on Windows Firewall in default installations of Service Pack
2, closing ports except when they are in use, improving the user interface
for configuration, improving application compatibility when Windows Firewall
is on, and enhancing enterprise administration of Windows Firewall through
Group Policy. The attack surface of the Remote Procedure Call (RPC) service
is reduced, and you can run RPC objects with reduced credentials. The
Distributed Component Object Model (DCOM) infrastructure also has additional
access control restrictions to reduce the risk of a successful network
attack.
* Memory protection. Some attacks by malicious software leverage software
security vulnerabilities that allow too much data to be copied into areas of
the computer's memory. These vulnerabilities are typically referred to as
buffer overruns. Although no single technique can completely eliminate this
type of vulnerability, Microsoft is employing a number of security
technologies to mitigate these attacks from different angles. First, core
Windows components have been recompiled with the most recent version of our
compiler technology. Additionally, Microsoft is working with microprocessor
companies to help Windows support hardware-enforced execution protection
(also known as NX, or no execute) on microprocessors that contain the
feature. Execution protection uses the CPU to mark all memory locations in
an application as non-executable unless the location explicitly contains
executable code. This way, when an attacking worm or virus inserts program
code into a portion of memory marked for data only, an application or
Windows component will not run it.
* Safer e-mail handling. Security technologies help to stop viruses (such as
SoBig.F) that spread through e-mail and instant messaging. These
technologies include default settings that are more secure, improved
attachment control for Outlook Express and Windows Messenger, and increased
Outlook Express security and reliability. As a result, potentially unsafe
attachments that are sent through e-mail and instant messages are isolated
so that they cannot affect other parts of the system.
* More secure browsing. Security technologies that are delivered in
Microsoft Internet Explorer provide improved protection against malicious
content on the Web. One enhancement includes locking down the Local Machine
zone to prevent against the running of malicious scripts and fortifying
against harmful Web downloads. Additionally, better user controls and user
interfaces are provided that help prevent malicious ActiveX® controls and
spyware from running on customers' systems without their knowledge and
consent.
* Improved computer maintenance. A very important part of any security plan
is keeping computers updated with the latest software and security updates.
You must also ensure that you have current knowledge of security attacks and
trends. For example, some software updates that mitigated known viruses and
worms were available before any significant attacks began. New technologies
are being added to help the end user stay up-to-date. These technologies
include Security Center, which provides a central location for information
about the security of your computer and Windows Installer, which provides
more security options for software installation.
--
Mit freundlichen Grüßen
Hubert Daubmeier
_______________________________________________
Coffeehouse Mailingliste, Postings senden an:
[EMAIL PROTECTED]
An-/Abmeldung und Suchfunktion unter:
http://www.glengamoi.com/mailman/listinfo/coffeehouse
