Omschrijving
Windows XP Service Pack 2 (SP2) with Advanced Security Technologies provides users with an enhanced security infrastructure to help defend against viruses, worms, and hackers. In addition, it helps provide increased manageability and control along with an improved, more consistent user experience.
Windows Security Center
Windows Security Center provides a central location for viewing security status, changing security settings, and learning more about security issues.
The Security Center is located in the Control Panel and shows the status of three important security components -Windows Firewall, Automatic Updates, and antivirus software. It also serves as a starting point for getting to other security-related areas and for finding security-related support and resources. The Security Center runs as a background process, constantly checking the state of these three important security components:
Windows Firewall
Using a firewall is important no matter what type of Internet connection is used-dial-up, cable modem, or DSL. If a firewall isn't activated when you are connected to the Internet, it's possible for hackers to access your computer and install harmful code that can destroy files or cause malfunctions.
Windows Firewall ships with SP2 and is turned on by default. The Security Center constantly checks to see whether Windows Firewall is on and provides an alert if it is turned off.
Automatic Updates
Windows Security Center also checks to make sure Automatic Updates is using the recommended setting, which is "Automatically download recommended updates for my computer and install them: ". If Automatic Updates is turned off or the settings are other than those recommended, Windows Security Center provides an alert in a bubble at the bottom of your screen that prompts you to download and install the updates. Click the bubble to download the updates.
Virus protection
Windows Security Center looks for the presence of antivirus software. It also looks to see whether the software is up to date and whether real-time scanning is turned on. This helps protect your computer from viruses and worms that can destroy data and consume valuable resources.
If one of these security components is missing or has settings that degrade your computer's security, Windows Security Center places a red shield icon in the notification area and displays an alert when you log on. Clicking the icon or alert opens Windows Security Center. There you'll find a message about the issue and a recommendation to resolve the issue.
If you are using a firewall or antivirus software not detected by Windows Security Center, you can change the setting to stop receiving alerts for that component.
Windows Security Center provides you with an easy way to help ensure your firewall is activated, your antivirus software is up to date, and that your computer is being updated with the latest critical updates from Microsoft.
Windows Firewall
You'll find a number of significant changes to Windows Firewall (formerly called Internet Connection Firewall or ICF) in Service Pack 2-all designed to help improve your computer's security. Following are descriptions of key changes and enhancements.
On-by-default
Prior to Service Pack 2, Windows XP shipped with the firewall disabled by default. Activating the firewall meant having to either run a wizard or navigate through the Network Connections folder to turn it on manually.
With installation of Service Pack 2, Windows Firewall is turned on by default, providing improved default levels of protection on all new installations and upgrades. This also helps protect any new network connections as they are added to the system.
Boot-time security
In earlier versions of Windows, there was a small window of time between the network starting and the firewall becoming active, leaving your computer vulnerable for that brief period time.
In Service Pack 2, during startup and shutdown, the firewall driver uses a rule called a boot-time filter to help prevent attacks during those brief periods. Once Windows Firewall is up and running, it loads your custom firewall settings and removes the boot-time filters. This makes your computer less vulnerable to attacks during startup and shutdown operations.
Windows Firewall exceptions list
You might see a security alert when you run a program that requires connection and two-way communication through a network or the Internet. For example, many multi-player Internet games use ports blocked by default in Windows Firewall. These are often the same ports used by hackers and worms to gain entry to your computer.
To open a port for a game, you can add it to the Windows Firewall exceptions list. The port will open only when the game is being played and then close when the game is shut down.
By blocking these open ports at times other than when you are actively using them for a game or program, your computer can maintain a higher degree of safety from malicious attack.
"On with no exceptions" operational mode
This feature allows you to easily turn off all the exceptions in the Windows Firewall exceptions list. While you need these exceptions to use certain programs, there are times when it is advisable to turn off all exceptions for enhanced security. For example, if you use your computer in an Internet café or airport hotspot, it can be vulnerable to viruses and other security threats.
By setting Windows Firewall to be "On with no exceptions", whenever you are using your computer in a public place, you'll reduce your risk from nearby hackers. Then, when you are using your computer in a more secure setting, you can quickly enable your exceptions list again.
Restore defaults
Over time, through either adding programs or ports to the Windows Firewall exceptions list, it's possible for Windows Firewall to be inadvertently configured to allow unsolicited incoming traffic, compromising your computer's security. In earlier versions of Windows Firewall (formerly Internet Connection Firewall or ICF), there was no way for you to conveniently revert to the original settings.
This option lets you restore Windows Firewall to its default settings. In addition, those defaults can be modified to provide custom configuration options.
Enhanced multicast and broadcast support
Teleconferencing, videoconferencing, streaming media, and Web casts are all examples of multicast and broadcast network traffic. Because these communications are based on a one-to-many format, the stateful filtering normally used in a firewall to allow one-to-one network communications such as e-mail can prevent multicast and broadcast communication from being accepted.
Windows Firewall includes enhanced support to allow programs and services that use multicast and broadcast to work without any alterations to the Windows Firewall settings.
For more detailed information on Windows Firewall, see Understanding Windows Firewall.
Top of pageTop of page
Internet Explorer
This section provides an overview of some of the technologies included in Service Pack 2 to help enhance Web browsing security and provide you with more control over your browsing experience.
Internet Explorer Pop-up Blocker
The Internet Explorer Pop-up Blocker, a new feature with Service Pack 2, stops most unwanted pop-up windows from appearing. Available from the Internet Explorer Tools menu, it provides more control over the browsing experience, while giving you the choice to allow pop-ups from some Web sites yet block others.
Turned on by default, the Internet Explorer Pop-up Blocker will still allow pop-ups windows to appear in a few instances such as when:
- The site generating the pop-up has been added to a list of Allowed sites.
- The pop-up opens from a site listed in the Trusted Sites or Local Intranet zones.
- ActiveX controls initiated from a Web site open the pop-up.
With Internet Explorer Pop-up Blocker enabled, if a Web site opens a pop-up window blocked by Internet Explorer, the Internet Explorer Information Bar notifies the user, and a sound plays.
Clicking the notice provides a number of choices:
- Temporarily Allow Pop-Ups
- Always allow Pop-Ups from this site
- Settings
You can add or remove sites from the Allow list, turn the notification sound on or off, and more.
Internet Explorer Add-on Manager
While Internet Explorer Add-ons, such as ActiveX controls, browser help objects, and toolbars can enhance your browsing experience they can also be the cause of instability problems. In addition, they can pose a security risk because one might contain potentially harmful code. Previously, when users experienced frequent crashes, there was no easy way to diagnose whether the issue was related to an add-on or not.
Internet Explorer Add-on Manager, available on the Internet Explorer Tools menu, allows you to view and control the list of add-ons that can be loaded by Internet Explorer, to help improve system security and stability. For example, an unintentionally installed add-on could secretly record all Web page activity and report it to a central server. Previously, specialized software and technical skills were required to identify and remove these add-ons.
Internet Explorer Add-on Manager provides an easy way to detect and disable add-ons. It's easy to turn each add-on on and off individually as well as view information such as how often an add-on has been used as well as the name of the add-on's publisher.
There is also an option for updating individual ActiveX controls. Choosing to update a control initiates a Web search for an update from the control's original location. Once located, the update downloads and installs. Keeping your ActiveX controls up-to-date can help prevent system and security issues.
Internet Explorer Information Bar
After installing Service Pack 2, the default settings in Internet Explorer will block certain content from loading. The Internet Explorer Information Bar provides warnings about what is being blocked, with options for viewing the content, maintaining the restriction, and adjusting the settings involved. All warnings appear below the Internet Explorer toolbar and above the Web page in view, and then disappear with the next navigation.
This provides a highly visible area for displaying and acting on the information provided. The text in the information bar varies depending on the warning being given. For example, a common message is "This site might require the following ActiveX control:...". Clicking on the Internet Explorer Information Bar brings up a menu related to the warning, letting you decide what content to view and what content to block.
Internet Explorer Local Machine Zone Lockdown
When Internet Explorer opens a Web page, it places restrictions on what the page can do, based on the page's location and assigned security zone. There are several possible security zones, each with a different set of restrictions. For example, pages located on the Internet will normally be in the more restrictive Internet security zone. Pages located on a corporate network would normally be in the Intranet security zone, and have fewer restrictions.
Prior to the release of Service Pack 2, it was assumed that content on the local file system was secure. As such, it was assigned to the Local Machine security zone and allowed to run with few restrictions. However, it was discovered that hackers often try to take advantage of the Local Machine zone to compromise a computer or system.
The default setting in Service Pack 2 places restrictions on the Local Machine zone in Internet Explorer. Any time restricted content attempts to run, a warning appears on the Internet Explorer Information Bar, giving you the option to click and remove the restriction, and allow access to the content.
Outlook Express
The changes and enhancements to Outlook Express found in Service Pack 2 are designed to give you more control over privacy and security issues and help provide improved security from potentially harmful code transmitted via e-mail messages.
Use Plain Text mode
Computers running earlier versions of Windows XP were often vulnerable to potentially harmful code because Outlook Express processed and executed the HTML header scripts in HTML content.
Service Pack 2 changes the default Outlook Express view to Plain Text providing an additional barrier to malicious code hidden in the header scripts. Because plain text e-mail does not require HTML header processing, there is usually no visible difference from this change. You can still opt to view messages in HTML through the Outlook Express View menu.
HTML Content Blocking
Turned on by default, this Outlook Express feature helps you avoid repeated spam mailings by preventing you from unknowingly validating your e-mail address to spammers. Often hidden inside a spam message are references to images that reside on remote Web servers. These can be as small as a single pixel and thus never visible to the recipient.
When you open an e-mail message containing the image, previous versions of Outlook Express automatically contacted the Web server to download and display the images. The server replying validated your e-mail address when the request was made, and could then add your e-mail address to a validated list, causing you to receive additional spam in the future.
With the Don't Download External HTML Content option enabled, the default behavior of Outlook Express changes so that it will not contact a Web server to download external content without your permission. You can choose to download the content or not, or turn the feature off. The feature is available in the Outlook Express Tools menu, on the Security tab of the Options window.
This feature also minimizes a common problem experienced by anyone using dial-up connections. Previously, if you downloaded your e-mail messages and then disconnected from the network, when viewing messages off the network your modem would automatically dial out to download any external content. However, because almost all external HTML references in e-mail messages point to sites that are part of the Internet zone, by default content is not displayed and a dial-up network connection is not requested.
Voeg toe aan verlanglijst
Afdrukken
