Microsoft has released Service Pack 2. Finally. Although not really released to the public, just to IT professionals, anyone can download it.
Stolen from the microsoft website:
Overview of Windows XP Service Pack 2 Security Technologies
In Windows XP Service Pack 2, Microsoft is delivering several improved security technologies that help protect customers against malware and other risks to their computer. These technologies are not intended to replace periodic security updates as they are released, but rather to help strengthen Windows XP’s overall defenses against malicious attacks.
<table border=“0” cellpadding=“0” cellspacing=“0”> <tbody><tr><td class=“listBullet” valign=“top”>•</td><td class=“listItem”>Network protection. These security technologies help to provide better protection against network-based attacks, like MSBlaster, through a number of innovations, including enhancements to Windows Firewall and a reduced RPC attack surface. These enhancements include turning on Windows Firewall in default installations of Service Pack 2, closing ports except when they are in use, improving the user interface for configuration, improving application compatibility when Windows Firewall is on, and enhancing enterprise administration of Windows Firewall through Group Policy. The attack surface of the Remote Procedure Call (RPC) service is reduced, and you can run RPC objects with reduced credentials. The DCOM infrastructure also has additional access control restrictions to reduce the risk of a successful network attack.
</td></tr><tr><td class=“listBullet” valign=“top”>•</td><td class=“listItem”>Memory protection. Some attacks by malicious software leverage software security vulnerabilities that allow too much data to be copied into areas of the computer’s memory. These vulnerabilities are typically referred to as buffer overruns. Although no single technique can completely eliminate this type of vulnerability, Microsoft is employing a number of security technologies to mitigate these attacks from different angles. First, core Windows components have been recompiled with the most recent version of our compiler technology, which provides added protection against buffer overruns. Additionally, Microsoft is working with microprocessor companies to help Windows support hardware-enforced data execution prevention (DEP) on microprocessors that contain the feature. Data execution prevention uses the CPU to mark all memory locations in an application as non-executable, unless the location explicitly contains executable code. This way, when an attacking worm or virus inserts program code into a portion of memory marked for data only, an application or Windows component will not run it.
</td></tr><tr><td class=“listBullet” valign=“top”>•</td><td class=“listItem”>E-mail handling. Security technologies help to stop viruses (such as SoBig.F) that spread through e-mail and instant messaging. These technologies include default settings that have enhanced security, improved attachment control using the Attachment Execution Service (AES) API. This results in security and reliability enhancements for communications applications such as Microsoft Outlook, Outlook Express and Windows Messenger. As a result, potentially unsafe attachments that are sent through e-mail and instant messages are isolated so that they are less likely to affect other parts of the system.
</td></tr><tr><td class=“listBullet” valign=“top”>•</td><td class=“listItem”>Browsing security. Security technologies that are delivered in Microsoft Internet Explorer provide improved protection against malicious content on the Web. One enhancement includes locking down the Local Machine zone to help prevent the running of malicious scripts and fortifying against harmful Web downloads. Additionally, better user controls and user interfaces are provided that help prevent malicious ActiveX® controls and spyware from running on customers’ systems without their knowledge and consent.
</td></tr><tr><td class=“listBullet” valign=“top”>•</td><td class=“listItem”>Computer maintenance. A very important part of any security plan is keeping computers updated with the latest software and security updates and understanding the role they play in protecting your computer. Ensuring that you have current knowledge of security attacks and trends is also important. For example, some software updates that mitigated known viruses and worms were available days or weeks before any significant attacks began. New technologies are being added to help the end user stay up-to-date. These technologies include Security Center, which provides a central location for information about the security of your computer, and Windows Installer, which provides more security options for software installation.
</td></tr></tbody> </table> Microsoft understands that security technologies are only one aspect of a sound defense-in-depth security strategy. The security technologies outlined here are the next steps being taken in the Trustworthy Computing initiative to make customers’ systems more resilient to malicious attacks.