Windows XP SP2 may stop the worms

Service Pack 2, the long-awaited upgrade to Windows XP, will prevent the rapid spread of worms such as Sasser, according to a security company that has reverse-engineered some of the code
Written by Michael Parsons, Contributor

Windows XP SP2, which has finally been released for manufacturing, is designed to make the Windows operating more secure by offering a host of new features and functionality. Part of that increased security is protection against buffer overflows, which are a vulnerability that has been exploited to great effect by high-profile worm attacks such as Sasser, Slammer, and Blaster.

Security company F-Secure has reverse-engineered SP2, a process the company compares to taking apart a virus or worm to see how it functions, and the company's initial reaction is very positive.

"They have implemented it very well, especially the stack protection and the memory protection. They really did it right this time. We won't be seeing outbreaks like Sasser. It will be hard to attack Windows XP via automated network worms," said Mikko Hyppönen, director of antivirus research at F-Secure.

"If we had a worm like Sasser again, it would only hit users with earlier versions such as Windows 2000 or those who hadn't patched Windows XP," he said.

Of course, the latest upgrade to Windows is not a complete cure for all of its security ills, says Hyppönen. There are plenty of third-party applications, such as instant messaging clients, that create similar vulnerabilities. There is also the continuing problem of users.

"There are always users who are going to do the wrong things, and that will remain the number one problem -- but the attacks will spread much more slowly. We will be getting rid of most of the fast-spreading network worms," he said.

And of course, none of this protection will take place unless computer users actually bother to update their software.

"I really hope users will be downloading SP2," he said.

Editorial standards