Windows XP – a brief description

Windows XP is an operating system (OS) released by the Microsoft Corporation in October of 2001.  The Windows XP platform followed Windows 2000 and Me and became the first consumer OS built on the Windows NT kernel architecture.  The “XP” signifies “eXPerience” and Microsoft describes the XP operating system as the most significant and important work since Windows 95.  Like the Win95 system, XP retains a focus on usability while offering a wide variety of features and functionality. 

Some distinctive characteristics from previous OS iterations include a newly designed interface and options to purchase the “Home” or “Professional” edition.  The Home edition was targeted for the home user while Professional was to meet business and power user needs.  In 2003, Microsoft released the Media Center edition of XP which included support for TV and DVD.  Users can watch and record TV programs, view DVDs, listen to music, and use remote control capability.

Service Packs

A year after the release of XP, Microsoft made Service Pack 1 available which included USB 2.0 support and the ability to set program access and defaults so users could decide what applications open particular files by default.  Two years later, with the release of Windows Update 5, Microsoft rolled out Service Pack 2 which included several major changes.  This service pack emphasized security. 

Some notable additions to SP2 include:

-          A pop-up blocking mechanism for Internet Explorer

-          A firewall enhancement (and officially naming it “Windows Firewall”)

-          Support for Bluetooth

-          Advanced memory protection to address buffer overflow attacks (a security issue)

-          Modifications to address security issues including remote attacks from infected computers, as well as email and web browsing vulnerabilities

The Windows Security Center was also included with Service Pack 2.  The Security Center is a Control Panel tool that offers users the ability to configure the security services on their computer.  These include Firewall, Automatic Updates, and Virus Protection.  These services are monitored and notification appears if a problem should arise.

According to reports, development of SP3 is in progress and is expected to be available after the release of the next Windows operating system (Windows Vista).  The service pack is expected to include new versions of Media Player and Internet Explorer.  It is likely some items included with SP3 will be technologies originally intended for Windows Vista.

Security

The XP Home edition has received criticism for lacking the security and networking capability of the Professional version.  And, while Windows Security Center was touted as a step forward in bringing about greater security, there were critics that made their concerns known.   Shortly after the release of SP2, PC Magazine released a report[1] identifying an area of vulnerability with Security Center.  The article stated that attackers could gain information on how secure the user’s system is and then exploit any attack vectors for the purpose of accessing data, infecting the system, or performing other malicious activities.  Other concerns have come up related to constraints and conflicts when using third party security software in conjunction with Microsoft security tools.

There are critics that warn users that even with SP2, the XP operating system leaves numerous service and network components enabled.  Also, Internet Explorer is seen as being vulnerable to malicious scripts.  Other concerns depict the fact that the administrator account is the default and users rarely use other accounts deciding instead to work primarily with the admin account (this makes the most sense in terms of installing and uninstalling programs).  As a result, if the admin account is hacked the system is wide open to exploitations.  

Due to a wide range of accepted use and a large market share, Windows operating systems are targeted for cybercrime and have been known to be susceptible to malware attacks.  Without patches and service packs, Windows XP is wide open for attacks.  According to one study[2] a Windows XP computer with SP1 was compromised “…in less than 4 minutes immediately after placing the computer live on the Internet.”

Best Practices

Taking a glimpse into the known dangers to system security and computing could send some Windows users into a state of paranoia.  Knowing the results of these exploits doesn’t do anything to help the potential panic.  Cybercrime and malware attacks can include financial or business security breaches; loss of personal data; theft (by hacking credentials for online commerce activities); and loss of computer performance or lack of control due to popup advertisements, browser hijacks, unwanted CPU usage, and more.  Unlike virus attacks, malware exploits are financially motivated.

Operating Windows computer systems in face of these dangers necessitates being prepared and using safe practices.  The two rules of thumb of security, simply put, are 1) be responsible and 2) plug the holes.

Be responsible:

-          Be cautious when surfing: avoid browsing to sites that could download malicious items.

-          Open email attachments from people you trust.

-          Download only items you trust.

Plugging the holes includes:

-          Use a firewall.

-          Use a router instead of the Internet Connection Sharing feature.

-          Manage user accounts with care: disable the guest account, use minimal admin rights where possible, and use passwords for all accounts.

-          Download fixes and updates on a regular basis or configure XP to update these automatically using Security Center.  If you have not already done so, install SP2 on your XP machine and then check the Microsoft web site for recently released updates.

-          Download and run an effective anti-spyware program – one that includes regular updates to its spyware definitions database.

For a more detailed security checklist for Windows XP we recommend going to:

http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

Anti-spyware you can count on

The findings of the security study (sited above) reference a malware attack that occurred in four minutes on a Windows XP SP1 system.  While XP SP2 machines are less vulnerable, the report states in its conclusions: “OS patches are not enough.  Each patch only fixes a known set of vulnerabilities.” 

Findings from an online study[3] reported that while 80% of the computers in the study had been infected by malware, 89% of the study group were unaware this was the case.  Malware is stealthy and is created in such a way that it remains on your system despite efforts to manually remove it.  We recommend using an anti-spyware tool that includes quarantine and backup functionality as well as the ability to schedule scans on a regular basis.  Frequent and reliable spyware database updates provided from the anti-spyware manufacturer, is a necessity. 

XoftSpySE AntiSpyware and RegCure Registry Cleaner are trusted and effective tools.  XoftSpySE will provide the full protection you need to ensure you are safe from the threats that exist with spyware and other forms of malware.  XoftSpySE scans your PC in under 2 minutes to inform you of spyware that may exist on your PC and then allows you to remove them with a click of a button.  Once you are completely free of malware you may want to try RegCure.  RegCure will help restore your PC to optimum performance by removing registry entries and other items that are unnecessary.