Feeds

WinXP SP2 = security placebo?

Feature richness defeats commonsense

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Networking components

In addition to services, Windows also installs a number of networking components that are unnecessary on the vast majority of machines, especially home machines. SP2 has done nothing to change this.

Most home users don't know that TCP/IP is the only networking component needed for an Internet connection to work. Nevertheless, Client for Microsoft Networks, File and Print Sharing, and the QoS Packet Scheduler are all installed by default, and SP2 does little to address these issues - although, presumably, file and print sharing are limited to machines on the same subnet. At least we hope so.

Furthermore, NetBIOS over TCP/IP is enabled, and that is never a good thing on home machines.

Most absurdly, Remote Assistance ("allow script kiddies to control this computer remotely?") is enabled by default, as is Remote Registry ("allow script kiddies to modify your Registry remotely?"). The Remote Desktop "feature" was off, thankfully.

Windows Firewall

The new "Windows Firewall" packet filter is turned on by default, finally. However, an exception for Remote Assistance connections is enabled, which is preposterous, although file and printer sharing, and UPnP, are blocked by the firewall as they should be. The putatively new "Windows Firewall" is actually not much different from its predecessor, the "Internet Connection Firewall", with all its weaknesses. Indeed, the only improvements are that the Security Center pops up a warning if the firewall is turned off, and the firewall alerts users to software willing to accept an outside connection.

Most importantly, the new packet filter, like the old, is incapable of egress filtering, although there were numerous press reports predicting such a capacity before its release, perhaps due to aggressive blogging by overeager MS shills. This particular omission is one of the greatest disappointments in SP2.

Because of the vast amount of malware, spyware, and adware plaguing Windows, it is crucial that a packet filter warn users whenever a program attempts to send data to the Internet. SP2 is of no value in this regard. It does, however, warn users of third-party clients that will accept incoming connections, and offers users an opportunity to block or enable them individually.

Nevertheless, Windows users must monitor outgoing connections, and must therefore continue to deploy a third-party firewall or packet filter capable of egress filtering in order to run Windows XP safely.

Policies

Default security policies with SP2 are basically sensible. However, there are exceptions. For example, to prevent NetBIOS null sessions, which are extremely dangerous, the Security Accounts Manager (SAM) should be configured to reject them. SP2 has done half the work. In the Network Access policy settings, the option "Do not allow anonymous enumeration of SAM accounts" is enabled, as it should be. Unfortunately, "Do not allow anonymous enumeration of SAM accounts and shares" is disabled, although it should be enabled. This arcane setting is not something that a home user should even have to know about, much less play with.

Permissions

If making Windows so dependent on RPC is one of Microsoft's greatest security stuff-ups, allowing Windows XP to be set up as a single user system is the most spectacular of all time.

Windows XP is the first genuine multiuser Windows system marketed to home users, yet Microsoft has stubbornly declined to enforce, or even encourage, its inherent security benefits. SP2 does nothing to improve the situation.

The chief weakness of a single-user system is that whoever sits at the keyboard is the administrator, or root in UNIX parlance, capable of taking any action he pleases. He can install programs and delete files or wipe out whole directories; he can alter system settings with the same privileges as the owner.

This is bad in two ways. First, anyone with physical access to the machine can reconfigure it and possibly destroy important files, whether intentionally or accidentally. Second, when everyone is automatically an administrator, any malware that a user picks up will run with the administrator's level of access - that is, with unlimited privileges.

Establishing less-privileged user accounts, even for the machine's owner, is the single most productive step one can take towards reducing the impact of malware. WinXP makes this possible, but, unfortunately, not necessary.

The level of system access that a user is granted affects the potential of malware, and vectors such as browsers, -mail, and IM clients, to deliver and execute malicious code. It is generally, though not universally, true that we can limit the impact of malicious code by limiting the user's access to the system. Generally, an unprivileged user will run unprivileged malware. This is why even the sole user of a system should always work from a limited-access account, except when performing administrative chores. UNIX-compatible systems enforce this worthwhile discipline strictly; Microsoft still does not even encourage it.

Intelligent flash storage arrays

Next page: Internet Explorer

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.