Microsoft to Enhance Windows Security Defenses
by Arie Slob
Hello Windows users,
This week, at the annual RSA Conference, Microsoft announced three new technology enhancements designed to help antivirus vendors provide customers with deeper levels of protection against viruses and worms as well as improve the performance of virus-scanning engines. These technologies, developed in close collaboration with the antivirus vendor community, include new antivirus APIs for Microsoft® Exchange Server 2003, enhanced virus scanning capabilities for Microsoft Office Word 2003 and a new Windows® File System Filter Manager Architecture designed to simplify the antivirus software development process and improve overall system reliability.
"Customers told us they needed more comprehensive antivirus protection at all levels of their computing infrastructure," said Mike Nash, corporate vice president of the Security Business Unit at Microsoft. "I'm excited that our work with industry partners will help customers have a safer, more trustworthy computing experience."
The new Windows File System Filter Manager Architecture simplifies the antivirus software development process and improves overall system reliability by providing a core engine into which antivirus software providers can plug a variety of "mini" file system filter drivers. A key advantage of this new architecture is that it allows users to freely mix and match antivirus scanners more reliably, enhancing performance and providing greater resiliency to attacks. In addition, it offers simplification of the antivirus code and enables antivirus companies to more easily extend their products to deeper levels in the operating system. Microsoft has involved a wide range of antivirus software vendors in the design process for the new Windows File System Filter Manager Architecture and has been able to incorporate a great deal of industry feedback into it.
"Microsoft's close involvement in the creation of new APIs at the operating system level will help us continue building more comprehensive antivirus solutions that ensure greater protection for customers, both now and in the future," said Ryan McGee, director of product marketing for McAfee Security at Network Associates Technology Inc.
Microsoft Office Word 2003, set to be released later this year, will include technology enhancements that allow virus scanners to quickly and effectively scan the W3C-compliant native Word XML file format. Microsoft worked with antivirus researchers to add three flags to the header of documents saved in the native Word XML file format that will allow virus scanning software to more quickly determine if a document contains potentially dangerous embedded objects or macros and remove them if necessary.
Microsoft Exchange Server 2003, due for release in midyear, will feature Virus Scan API (VSAPI) 2.5, an enhanced antivirus API that scans incoming and outgoing messages for malicious or unwanted content.
Microsoft believes that together, these technologies will make it easier to stay one step ahead of viruses, worms, and spam by enhancing antivirus software protection.
Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges
Microsoft has posted a patch for Microsoft Windows NT 4.0, Windows 2000 and Windows XP. A flaw exists in the Windows kernel, the core of the operating system. There is a flaw in the way the kernel passes error messages to a debugger. An attacker could exploit this flaw to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system.
Severity Rating: Important
Affected Software Versions
Microsoft Windows NT 4.0 and Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Rose City Software
Make your Windows computers faster, more efficient and more secure with hundreds of powerful tweaks and hidden registry settings. Easily customize the appearance, speed and security of your computer with just a few mouse clicks.
Download Trial: For 9x / Me / 2000 [830 KB] - For XP [805 KB]
Note: Windows-Help.NET Newsletter readers can get a 15% discount on the regular registration fee for the above programs! To qualify, you have to follow this link when you want to order your registration.
Recent Support BBS Postings
Post-SP1 hotfixes guide - bat install - Windows XP
Switching Identities--SLOW! - Internet Explorer
What is a router, a gateway, and a access point? - Networking
DMA versus PIO ... Help Please - Hardware
Outlook Express fails to send - Internet Explorer
Web Site Updates
These pages were added/updated in the past week. Information on previously updated/added pages is available on the What's New? page for 1 month.
Added: Mobile Wi-Fi hits the streets
Added: Microsoft Posts Windows Server 2003 Administration Tools Pack Download
Added: Microsoft Security: Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges
Added: Microsoft to Enhance Future Windows Security Defenses Against Viruses and Worms
Added: Windows XP File System: NTFS
Added: Windows Messenger 4.7 for Windows XP