Security benefits of XP SP2 touted again

Microsoft has once again extolled the virtues of Windows XP's second service pack, claiming that upgrading makes systems 15 times more secure

Computers running Windows XP Service Pack (SP) 2 are 15 times less likely than those running XP or XP SP1 to be infected by some of the most dangerous forms of malware, Microsoft said.

Head of the anti-malware product team at Microsoft, Jason Garms, said at the AusCERT conference in Queensland on Tuesday the improvement was revealed by internal analysis of the performance of XP SP 2. The latest service pack — released in August as a major security update to the Windows XP operating system — boosted the firewall , turned on auto-update by default and consolidated security controls into a 'security centre'.

"A machine that had Windows XP or XP SP1 was 15 times more likely to have one of the highly prevalent top 20 worms installed than on a machine running XP SP2," said Garms. He said the default turning-on of auto update had made a dramatic difference to users. "Within days of Microsoft releasing a patch, the vast majority of the Windows ecosystem is up-to-date".

Garms also revealed Microsoft was planning on releasing an enterprise version of its anti-spyware tool, currently available in beta version on the company’s Web site. However, he would not reveal when the new tool would be available, or whether it would be a free utility or sold as a separate application.

"It is currently in our plans for an enterprise offering that addresses spyware. The product and packaging details are still to be decided," said Garms.

He noted that the Windows error reporting tool — which sends data back to Microsoft when an application crashes — had revealed spyware could be at least partly responsible for up to one-third of all Windows crashes.

"The primary problem that users have with spyware is that their systems crash or are really slow or don't behave in the way they expect them to. We try to figure out how many of the crashes that are reported to us are actually attributable to spyware and it turns out that at least one-third of those machines had spyware installed on them — so it is a big problem," said Garms.

Interestingly, Garms said that people are more worried about their computer behaving erratically and running slowly than they are about being spied upon by malware. "Some people will have you believe that the primary impact of spyware is the spying on your systems but that is the secondary impact of spyware. [Spyware causing crashes and erratic behaviour] are the things that generate user helpdesk calls," said Garms.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.