XP's security offers no excuse for ignoring antivirus updates

XP's security offers no excuse for ignoring antivirus updates

Software experts say most viruses don't need to rely on vulnerabilities and could flourish in the new operating system

Microsoft Windows XP's built-in security includes a firewall and software restriction policies'but not antivirus protection.

'We've done some things to make [the operating system] more resilient to malicious code,' said Sean Finnegan, Microsoft Corp.'s security program manager.

But Graham Cluley, senior technology consultant at Sophos PLC, the United Kingdom parent of Sophos AntiVirus Inc. of Wakefield, Mass., said that 'many viruses don't rely on vulnerabilities in the operating system at all. The majority of viruses will still be able to operate quite well under XP.'

Leading antivirus products from vendors such as Sophos and Symantec Corp. of Cupertino, Calif., work with XP, whose Professional and Home editions share new security features such as the Internet Connection Firewall and personalized log-ins for multiple users. The Professional version adds certificate services and file encryption.

XP is the first OS to come out of Microsoft's Secure Windows Initiative. Scott Culp, manager of the Microsoft Security Response Center, said the initiative improves software development by better testing, better educating the company's software engineers, and checking source code for complex logic errors as well as coding errors.

For small offices, XP's Internet Connection Sharing lets multiple computers use a single broadband or dial-up connection. Only the host is visible to the Internet, giving more protection to clients behind it.

The Internet Connection Firewall is a stateful, or context-aware, packet filter that blocks unsolicited connections from outside. In the XP Professional edition, the firewall does not function when the host PC is connected to an enterprise network. That permits the use of notebook or other client PCs without the firewall's performance impact.

When the same computer is used for remote connections, the firewall goes into operation and does not respond to pings from possible hackers.

There is a tradeoff, however. The firewall makes it difficult to configure the XP platform as an Internet server.

In the next release of Microsoft's .Net enterprise server products, Internet Information Services 6.0 will not install automatically, Culp said. A wizard will first query the user to determine needs and turn off unnecessary services.

IIS' vulnerabilities have been notoriously exploited this year by worms such as Code Red and Nimda.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above