Post on 25-May-2015
How hard is itHow hard is it to hack a PC to hack a PC??
Securing your desktop PCSecuring your desktop PC
using using Windows XP SP2Windows XP SP2
Itai AlmogItai AlmogSoftware development EngineerSoftware development EngineerSecurity Business and Technology UnitSecurity Business and Technology UnitMicrosoft CorporationMicrosoft Corporationitaia@microsoft.comitaia@microsoft.com
AgendaAgenda
The world of hacking is changing
Windows XP SP2
Tips for securing your PC
The World of Hacking is ChangingThe World of Hacking is Changing
Number of attacks is increasing
Hackers are getting smarter
Motivation: pride money
Worms & Viruses aremore sophisticated
Looks Familiar?Looks Familiar?
Microsoft is ChangingMicrosoft is Changing
Security is our No. 1 priority!Security is our No. 1 priority!
Secure by Secure by designdesignCode inspectionCode inspection
Threat modelingThreat modeling
Penetration testingPenetration testing
Secure by defaultSecure by defaultMost secured configuration out-of-the-boxMost secured configuration out-of-the-box
Reduced attack surfaceReduced attack surface
Infection MethodsInfection MethodsUse opened ports on unsecuredunsecured computers
Not everyone uses a firewall
Via email attachments, Active X, “save&run”Many users fall for these tricks
Exploit vulnerabilities on unpatchedunpatched computersNot everyone installs patches
Not enough time to installDays between patch and Days between patch and
exploitexploit
Sasser
Sasser
151151180180
331331
Blaster
Blaster
Welchia/ Nachi
Welchia/ Nachi
NimdaNimda
2525
SQL Slammer
SQL Slammer
1717
Securing Windows XPSecuring Windows XPMake it more resilient to attacks
Even if updates are not installed!
Make it easier to secureEasier security management
Help the user do what’s right for him
Windows XP Service Pack 2Windows XP Service Pack 2
Windows XP Service Pack 2Windows XP Service Pack 2
Network ProtectionNetwork Protection
New Windows Firewall
Blaster
Blaster Sasser
Sasser
Network ProtectionNetwork ProtectionOn by default!
Boot time security
Exception list
“Shielded” mode
Scope restrictions
Windows FirewallWindows Firewall
Network ProtectionNetwork Protection
Inbound connection alert
Network ProtectionNetwork Protection
Exceptions
Network ProtectionNetwork Protection
Per interface policy
Network ProtectionNetwork ProtectionGroup policy
Network ProtectionNetwork ProtectionRPC & DCOM restrictions ( )
Messenger service is disabledLooks familiar?
Blaster
Blaster
Windows XP Service Pack 2Windows XP Service Pack 2
IE Security EnhancementsIE Security Enhancements
Pop-up blocker
IE Security EnhancementsIE Security EnhancementsAdd on manager
Information bar Information bar Pop-up blockerPop-up blockerAdd on managerAdd on manager
IE Security EnhancementsIE Security EnhancementsCrash detection
Windows restrictions
Local zone lockdown
Zone elevation block
Windows XP Service Pack 2Windows XP Service Pack 2
Email & IM EnhancementsEmail & IM EnhancementsBlock unsafe Email & IM attachments(using AES)
Email & IM EnhancementsEmail & IM EnhancementsBlock external html content
Windows XP Service Pack 2Windows XP Service Pack 2
Buffer Overrun ProtectionBuffer Overrun ProtectionWindows XP Service Pack 2 binaries are hardened (/GS)
“No Execute” (NX) hardware level protection
Windows XP Service Pack 2Windows XP Service Pack 2
Simplified ManagementSimplified Management
Windows Security Center
Simplified ManagementSimplified ManagementNew Windows Update (ver 5.0)
Before Service Pack 2Before Service Pack 2
Blaster
Blaster
After Service Pack 2After Service Pack 2No ExecuteNo Execute
Lower PrivilegeLower PrivilegeWindows UpdatesWindows Updates
RPC RestrictionsRPC RestrictionsFirewallFirewall
Blaster
BlasterBlaster
Blaster
Use a firewallUse a firewallUse a firewallUse a firewall
Update Windows and applicationsUpdate Windows and applicationsUpdate Windows and applicationsUpdate Windows and applications
Don’t open unsafe attachmentsDon’t open unsafe attachmentsDon’t open unsafe attachmentsDon’t open unsafe attachments
Use an Anti-Virus softwareUse an Anti-Virus softwareUse an Anti-Virus softwareUse an Anti-Virus software
Don’t install unsafe ActiveXDon’t install unsafe ActiveXDon’t install unsafe ActiveXDon’t install unsafe ActiveX
Deploy XP Service Pack 2Deploy XP Service Pack 2
What you should doWhat you should do
ResourcesResourcesDownload Windows XP Service Pack 2 RC2www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
Microsoft Israel Windows XP Service Pack 2 Home Pagewww.microsoft.com/israel/windowsxp/sp2
Windows XP Service Pack 2 - Information for IT Prohttp://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx
Windows XP Service Pack 2 - Information for Developersmsdn.microsoft.com/security/productinfo/xpsp2/default.aspx
Get Secured!Get Secured!