News

Gates Shows Off Windows XP Service Pack 2

New security features promise more secure desktops, says Microsoft chairman at RSA Conference 2004.

• By Keith Ward
• 02/24/2004

At his keynote presentation at RSA Conference 2004, Microsoft Chairman and Chief Software Architect Bill Gates addressed a number of security topics and ignored others, including questions about recent vulnerabilities discovered in Windows.

Gates emphasized that Microsoft has the biggest research and development budget of any software company—about $6 billion. He said that the lion's share of that "bucket" of R&D money goes for security research, and showed some of the results, including the new features of XP SP2.

The most important one is the Windows Security Center, which was shown in public for the first time. It's a screen that shows the status of three key items for keeping XP safe.

• The Windows Firewall. This replacement for the Internet Connection Firewall will be on by default, unlike previous versions.
• Anti-virus software, including whether it's installed, and if it's current.
• Automatic Updates, and whether or not it's enabled.

"For consumers," Gates said, "The message is simple: Automatic Updating should be turned on."

Settings for all three items are configurable from the screen, and can also be managed through group policy or scripts. An interesting feature of the firewall is that it blocks all ports by default, and alerts the user if a program across the Internet tries to access a port on the XP computer. When that happens (the example shown was of an Internet-based game), a warning message pops up asking if the user wants to open the port. If Yes is clicked, the port's opened and the session can continue; the port is automatically closed after the session ends. With XP SP2, administrators will also have the ability to block any ports from being opened on an end-user's computer. The product was demonstrated by Zachary Gutt, a Microsoft product manager in the business security unit.

Bill Gates, Microsoft Chairman and Chief Software Architect Bill Gates observes as Gavin Jancke, Development Manager with Microsoft Research, shows new biometric ID-card technology during Gates' keynote presentation at RSA Conference 2004. (Photo: Microsoft.)

To reinforce his point about Microsoft's security emphasis, Gates displayed a chart showing that for the first 292 days following Windows 2000 Server's release, Redmond issued 38 "critical" and "important" security bulletins for vulnerabilities. During the same time period for Windows Server 2003, there were nine bulletins.

Gates also briefly addressed the recent Internet release of Windows source code. Although Microsoft hasn't said how the code was stolen, he did confirm that it wasn't one of its shared-source partners.

Turning to the next version of Visual Studio, code-named "Whidbey," Gates said it will include new tools for developers that will encourage safer coding practices, including development of applications that don't require a user to have administrative privileges to install or run programs. There will also be a built-in tool, called PREfast, that will scan the code and search for vulnerabilities like buffer overflows.

Looking further into the future, Gates said that coming generations of Windows will include "Active Protection Technology," (APT) which makes computers—both clients and servers—more resilient in both preventing and containing attacks. Using a methodology called "behavior blocking," a computer would be able to recognize behavior that's out of the ordinary and protect itself. For example, it would note the way the Blaster worm tried to exploit the Remote Procedure Call (RPC) vulnerability, and take action to prevent the exploit, perhaps by shutting down RPC or closing ports.

Gates also updated the Microsoft roadmap, although much has not changed. In the first half of 2004, expect to see releases of XP SP2, Software Update Services (SUS) 2.0 and Internet Security and Acceleration (ISA) Server 2004. In the second half of 2004, look for Windows 2003 SP1. In the cloudy future (no dates were given) will come APT, Whidbey and the Next Generation Secure Computing Base.