Windows XP Troubleshooting Desktop Applications & Windows XP
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter:...
-
Upload
edwin-sugden -
Category
Documents
-
view
216 -
download
3
Transcript of Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter:...
Desktop Value - IntroducingWindows XP Service Pack 2
with Advanced Security Technologies
Desktop Value - IntroducingWindows XP Service Pack 2
with Advanced Security Technologies
Presenter: James K. MurrayTitle: Information Technologies ConsultantCompany: A. M. Software Services, Inc.Presentation Date: June 21st, 2004
Slide 2 Microsoft Certified Partner: A. M. Software Services, Inc.
AgendaAgenda
Microsoft Security Strategy Windows XP Service Pack 2 Feature Overview Roadmap Business Value for Partners Q & A
Slide 3 Microsoft Certified Partner: A. M. Software Services, Inc.
Security exploits are proliferating Time to exploit is decreasing Exploits are more sophisticated The current approach is
insufficient
1. Security is a top priority for Microsoft
2. There is no single solution: the solution is complex
3. This problem has to be tackled across the industry
4. Change requires innovation
Security: What customers are experiencingSecurity: What customers are experiencing
Number of days to exploit
Slide 4 Microsoft Certified Partner: A. M. Software Services, Inc.
Impact of Security BreachesImpact of Security Breaches
Loss of Revenue
Wasted Business Cycles
Damage to Reputation
Loss or Compromise of
Data
Interruption of Business Processes
Damage to Customer
ConfidenceLegal
Consequences
Slide 5 Microsoft Certified Partner: A. M. Software Services, Inc.
Risk Level
Impact toBusiness
Probabilityof Attack
ROI
Connected
Productive
Security Enabled BusinessSecurity Enabled Business
Reduce Security Risk Assess the environment Improve isolation & resiliency Develop and implement controls
Increase Business Value Connect with customers Integrate with partners Empower employees
Slide 6 Microsoft Certified Partner: A. M. Software Services, Inc.
“Give us better Give us better access control”access control”“Give us better Give us better access control”access control”
“Develop reliable Develop reliable and secure softwareand secure software”
“Develop reliable Develop reliable and secure softwareand secure software”
“Simplify Simplify critical critical
maintenancemaintenance”
“Simplify Simplify critical critical
maintenancemaintenance”
““Reduce impact Reduce impact of malware”of malware”
““Reduce impact Reduce impact of malware”of malware”
Improve UpdatingImprove Updating
Engineering ExcellenceEngineering Excellence
Authentication, Authentication, Authorization, Access Authorization, Access ControlControl
Isolation and ResiliencyIsolation and Resiliency
“Provide betterProvide betterguidanceguidance”
“Provide betterProvide betterguidanceguidance”
Deliver Security Guidance, Deliver Security Guidance, Tools, ResponsivenessTools, Responsiveness
Customers have told us …Customers have told us …
Slide 7 Microsoft Certified Partner: A. M. Software Services, Inc.
Extended supportMonthly patch releasesSMS 2003Baseline guidanceCommunity investments
Broad trainingISA Server 2004
Windows XP Service Pack 2Windows Server 2003 Service Pack 1Updating enhancements
Active protection technologyVisual Studio “Whidbey”Next generation inspection
Security TimelineSecurity Timeline
2003
H1 04
Future
H2 04
Slide 8 Microsoft Certified Partner: A. M. Software Services, Inc.
Isolation and ResiliencyActive Protection Technologies
Isolation and ResiliencyActive Protection Technologies
“Shield-style” approach will give flexibility to our customers in terms of time to test/deploy
Dynamic system protection Behavior blocking Application-aware firewalls Intrusion prevention
Slide 9 Microsoft Certified Partner: A. M. Software Services, Inc.
Isolation and ResiliencyReducing the modes of attack for the Windows client
Isolation and ResiliencyReducing the modes of attack for the Windows client
Slide 10 Microsoft Certified Partner: A. M. Software Services, Inc.
Windows XP SP2 security goalsWindows XP SP2 security goals
Help protect the system fromattacks from the network
Enable more secure Email and Instant Messaging experience
Enable more secure Internet experience for most common Internet tasks
Provide system-level protection for the base operating system
Slide 11 Microsoft Certified Partner: A. M. Software Services, Inc.
Windows Firewall Formerly known as Internet Connection Firewall
Windows Firewall Formerly known as Internet Connection Firewall
Goal and Customer BenefitProvide better protection from network attacks by defaultFocus on roaming systems, small business, home users
What We’re DoingWindows Firewall will be on by default in almost all configurationsMore configuration options
Group policy, command line, unattended setupBetter user interface
Boot time protectionMultiple profile support
Connected to corporate network vs. homeEnable file sharing on home networks with Windows Firewall on
Compatibility ImpactIn-bound network connections not permitted by defaultDynamically enable ports as necessary, but only for as long as necessary, disable when done
Slide 12 Microsoft Certified Partner: A. M. Software Services, Inc.
Windows Windows FirewallFirewall
(formerly - Internet (formerly - Internet Connection Firewall)Connection Firewall)
Slide 13 Microsoft Certified Partner: A. M. Software Services, Inc.
Email / IM AttachmentsEmail / IM Attachments
Goal and Customer BenefitConsistent system-provided mechanism for applications to determine unsafe attachmentsConsistent user experience for attachment “trust” decisions
What We’re DoingCreate new public API for handling attachments more securely (Attachment Execution Services)Default to not trust less secure attachment typesOutlook Express, Windows Messenger, Internet Explorer changed to use new API More secure message “preview”Replaces AssocIsSafe()
Compatibility ImpactUse new API in your applications for better user experience, and better determination of security implications of content
Slide 14 Microsoft Certified Partner: A. M. Software Services, Inc.
Web BrowsingWeb Browsing
Goal and Customer BenefitEnsure a more secure web browsing experience
What We’re DoingLocking down local machine and local intranet zonesImproved notifications for running or installing applications and ActiveX controls - Limit UI spoofingHTML on local machine won’t be able to script unsafe ActiveX controls or access data across domains in the Local Machine Security ZoneBlocking unknown, unsigned ActiveX controlsFiles served with mismatched or missing mime-headers and file extensions may be blockedPop-up windows will be suppressed unless they are initiated by user action
Compatibility ImpactCheck for web application compatibility new defaults
Slide 15 Microsoft Certified Partner: A. M. Software Services, Inc.
Slide 16 Microsoft Certified Partner: A. M. Software Services, Inc.
Advanced Pop-up Blocker Settings
Slide 17 Microsoft Certified Partner: A. M. Software Services, Inc.
Data Execution Prevention (DEP)Data Execution Prevention (DEP)
Goal and Customer BenefitReduce exposure of some buffer overruns
What We’re DoingLeverage hardware support in 64-bit and newer 32-bit processors to only permit execution of code in memory regions specifically marked as executeReduces exploitability of buffer overrunsEnabled by default on NX capable machinesEnsure application compatibility with NX for Longhorn
Compatibility ImpactEnsure your code doesn’t execute code in a data segmentEnsure your code runs in PAE mode with <4GB RAMUse VirtualAlloc with PAGE_EXECUTE to allocated memory as executableTest your code on 64-bit and 32-bit processors with “Execution protection”
Slide 18 Microsoft Certified Partner: A. M. Software Services, Inc.
DEP User ExperienceDEP User Experience
What the user sees on buffer overrun
Adding the app to exception list
DEP Control Panel settings
Slide 19 Microsoft Certified Partner: A. M. Software Services, Inc.
Additional Enhancements in Windows SP2Additional Enhancements in Windows SP2
Windows Update client Will use a consistent engine for reporting system state and reducing inconsistent
results on secure patch availability on a computer.
Windows Media 9 Series Player Enhanced performance and security improvements over prior versions.
DirectX 9.0b Latest, most secure DirectX components include fixes to address a network
firewall change that impacts OEM pre-installs and DirectPlay.
Bluetooth Client v2.0 Includes support for the latest version of Bluetooth (v1.2) allowing customers to
take advantage of the latest wireless devices.
Unified Windows Local Area Network (LAN) client New wireless LAN will work with a broad range of wireless hotspots enabling
customers to connect seamlessly without having to install or update a third-party client.
“SmartKey” Wireless Setup Simplifies configuration of security settings for wireless networks by using USB
Flash Drive or other removable media to transfer configuration and security keys to PCs & devices.
Automatic Updates
Configured upon SP2 installation
GUI redesigned
Slide 21 Microsoft Certified Partner: A. M. Software Services, Inc.
New Bluetooth ClientNew Bluetooth Client
Improved user experience Improved security New profiles:
Personal Area Network user (PANU) File push – Object Push Profile (OPP) Virtual COM ports
Boot-mode support for keyboards Selective suspend support Benefits
Enables scenarios without the mess of wires Extends use of a loosely connected devices for use with the PC Same devices used with PC in both corporate and consumer
contexts Easy discovery of devices with Windows Bluetooth support
Slide 22 Microsoft Certified Partner: A. M. Software Services, Inc.
Improved Wireless configurationImproved Wireless configuration
Improved detection of wireless networks
Friendlier user interface
Wireless Network Setup Wizard
WEP Key configuration/transfer using removable storage
Slide 23 Microsoft Certified Partner: A. M. Software Services, Inc.
How to discuss SP2 with your customersHow to discuss SP2 with your customers
Naming: “Windows XP Service Pack 2” In Marketing Communications: “Microsoft® Windows® XP
Service Pack 2 with Advanced Security Technologies” Why your customers should care about SP2:
Advanced security technologies and default safeguards will help provide proactive protection to help guard against hackers, viruses and other security risks.
Strong Strong SecuritySecuritySettingsSettings
Security Tools:Security Tools:Manageability Manageability
& Control& Control
ImprovedImproved& Safer User & Safer User ExperiencesExperiences
Improved FirewallImproved Firewall New Internet Explorer with Security New Internet Explorer with Security
ImprovementsImprovements Safe Attachment execution ServiceSafe Attachment execution Service
Windows Security CenterWindows Security Center Pop-up Blocker for IEPop-up Blocker for IE Firewall Centralized ManagementFirewall Centralized Management
Smartkey Wireless SupportSmartkey Wireless Support Improved Wireless LAN supportImproved Wireless LAN support Bluetooth support built-inBluetooth support built-in WM Player 9 Series and Movie Maker 2.1WM Player 9 Series and Movie Maker 2.1
Slide 24 Microsoft Certified Partner: A. M. Software Services, Inc.
SP2 Value for PartnersSP2 Value for Partners
The release of SP2 creates an opportunity for you to conduct security audits with your customers: Use Microsoft Baseline Security Analyzer to check security status on
existing systems• (http://www.microsoft.com/security/guidance/tools/default.mspx)
Check for Anti-Virus and Firewall usage/status Upgrade existing Windows XP capable systems to SP2 Upgrade older PCs to new ones with Windows XP SP2
Upgrade small business networks to Windows Small Business Server 2003 with Windows Update Services installed http://www.winnetmag.com/Windows/Article/ArticleID/
41969/41969.html Windows Security Center dramatically underlines the need for AV
software for your customers This is a great revenue opportunity for you
When your customers have SP2, they’re less likely to require support Can increase your customer satisfaction Increase your credibility as reliable source of security solutions
Slide 25 Microsoft Certified Partner: A. M. Software Services, Inc.
Closing RemarksClosing Remarks
“I've been reviewing Windows products for a decade now, and very rarely have I been able to wholeheartedly recommend any product. Windows XP Service Pack 2 (SP2), however, is such a product: Barring a massive incompatibility issue, virtually every Windows XP user should upgrade to this release as soon as possible, in order to take advantage of its enhanced security features.” Paul Thurrott, Windows & .NET Magazine
Slide 26 Microsoft Certified Partner: A. M. Software Services, Inc.
Visit the Windows XP SP2 Readiness Center on MOSB : www.microsoft.com/oem
Visit the Windows XP SP2 Readiness Center on MOSB : www.microsoft.com/oem
Make security a high priority when configuring & customizing new PCs
Make security a high priority when configuring & customizing new PCs
Help us get the Windows XP installed base updated with SP2
Help us get the Windows XP installed base updated with SP2
Call to Action for PartnersCall to Action for Partners
Evaluate pre-installed applications using Microsoft security guidelines
Evaluate pre-installed applications using Microsoft security guidelines
Download Windows XP SP2 from www.microsoft.com
Download Windows XP SP2 from www.microsoft.com
Questions?Questions?
For more SP2 feature information:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/maintain/winxpsp2.asp
Slide 28 Microsoft Certified Partner: A. M. Software Services, Inc.
© 2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.