News from the SP2! :wink:

Execution Protection

This is a very tricky thing to explain in detail without getting all geeky, but if this feature had been in place when the MSBlaster worm hit last year, it would not have been able to spread itself as it did. There would still have been problems if you got the worm on your computer, but it would not have had as much of an impact as it did.

When a program executes and runs on your computer, it can run in a variety of memory areas. The Execution Protection feature being introduced in the Service Pack will prevent the programs from accessing certain areas of the memory unless these areas are specifically ‘marked’ to allow execution. The ‘marking’ of these areas is done in the program, so there is nothing you need to do to make this happen - it is up to the programmers!

Execution Protection is NOT a replacement for anti-virus software - it is simply one more tool in the well protected computer’s arsenal. If the person who wrote MSBlaster had to deal with the Execution Protection, they could have worked on a different vulnerability to try to spread the worm.

Microsoft seems certain that most programs and device drivers (the programs that communicate with things like the keyboard, mouse and video card) will not be adversely affected by this change in how a program runs, so this should not affect us too much if they are right.

Internet Explorer

Love it or hate it, IE comes standard with Windows. Because it is so ubiquitous, it is the target of a lot of hackers, and because it is the target for so many hackers, it has had a lot of security holes exploited.

Windows XP Service Pack 2 will address a lot of these holes, and most of it will be behind the scenes.

Internet Explorer Add-on Management will allow us to view and control the add-ons that can be loaded by Internet Explorer with more detailed control than before. It also shows the presence of some add-ons that were previously not shown and could be very difficult to detect. This includes toolbars, ActiveX controls, and other types of files that control various aspects of how Internet Explorer works. You can enable and disable each add-on individually and view information about how often the add-ons have been used by Internet Explorer.

Internet Explorer Add-on Management works alongside the new Add-On Crash Detection that will examine what add-ons were running when IE crashed, and give you the ability to disable them before you restart Internet Explorer.