1. Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant Company: A. M. Software Services, Inc. Presentation Date: June 21 st, 2004

2. Slide 2Microsoft Certified Partner: A. M. Software Services, Inc. Agenda  Microsoft Security Strategy  Windows XP Service Pack 2 Feature Overview  Roadmap  Business Value for Partners  Q & A

3. Slide 3Microsoft Certified Partner: A. M. Software Services, Inc.  Security exploits are proliferating  Time to exploit is decreasing  Exploits are more sophisticated  The current approach is insufficient 1.Security is a top priority for Microsoft 2.There is no single solution: the solution is complex 3.This problem has to be tackled across the industry 4.Change requires innovation Security: What customers are experiencing Number of days to exploit

4. Slide 4Microsoft Certified Partner: A. M. Software Services, Inc. Impact of Security Breaches Loss of Revenue Wasted Business Cycles Damage to Reputation Loss or Compromise of Data Interruption of Business Processes Damage to Customer Confidence Legal Consequences

5. Slide 5Microsoft Certified Partner: A. M. Software Services, Inc. Risk Level Impact to Business Probability of Attack ROI Connected Productive Security Enabled Business  Reduce Security Risk  Assess the environment  Improve isolation & resiliency  Develop and implement controls  Increase Business Value  Connect with customers  Integrate with partners  Empower employees

6. Slide 6Microsoft Certified Partner: A. M. Software Services, Inc. Give us better access control” “ Give us better access control” Develop reliable and secure software “ Develop reliable and secure software ” Simplify critical maintenance “ Simplify critical maintenance ” “Reduce impact of malware” Improve Updating Engineering Excellence Authentication, Authorization, Access Control Isolation and Resiliency Provide better guidance “ Provide better guidance ” Deliver Security Guidance, Tools, Responsiveness Customers have told us …

7. Slide 7Microsoft Certified Partner: A. M. Software Services, Inc. Extended support Monthly patch releases SMS 2003 Baseline guidance Community investments Broad training ISA Server 2004 Windows XP Service Pack 2 Windows Server 2003 Service Pack 1 Updating enhancements Active protection technology Visual Studio “Whidbey” Next generation inspection Security Timeline 2003 H1 04 Future H2 04

8. Slide 8Microsoft Certified Partner: A. M. Software Services, Inc. Isolation and Resiliency Active Protection Technologies  “Shield-style” approach will give flexibility to our customers in terms of time to test/deploy  Dynamic system protection  Behavior blocking  Application-aware firewalls  Intrusion prevention

9. Slide 9Microsoft Certified Partner: A. M. Software Services, Inc. Isolation and Resiliency Reducing the modes of attack for the Windows client

10. Slide 10Microsoft Certified Partner: A. M. Software Services, Inc. Windows XP SP2 security goals Help protect the system from attacks from the network Enable more secure Email and Instant Messaging experience Enable more secure Internet experience for most common Internet tasks Provide system-level protection for the base operating system

11. Slide 11Microsoft Certified Partner: A. M. Software Services, Inc. Windows Firewall Formerly known as Internet Connection Firewall Goal and Customer Benefit  Provide better protection from network attacks by default  Focus on roaming systems, small business, home users What We’re Doing  Windows Firewall will be on by default in almost all configurations  More configuration options  Group policy, command line, unattended setup  Better user interface  Boot time protection  Multiple profile support  Connected to corporate network vs. home  Enable file sharing on home networks with Windows Firewall on Compatibility Impact  In-bound network connections not permitted by default  Dynamically enable ports as necessary, but only for as long as necessary, disable when done

12. Slide 12Microsoft Certified Partner: A. M. Software Services, Inc. Windows Firewall (formerly - Internet Connection Firewall)

13. Slide 13Microsoft Certified Partner: A. M. Software Services, Inc. Email / IM Attachments Goal and Customer Benefit  Consistent system-provided mechanism for applications to determine unsafe attachments  Consistent user experience for attachment “trust” decisions What We’re Doing  Create new public API for handling attachments more securely (Attachment Execution Services)  Default to not trust less secure attachment types  Outlook Express, Windows Messenger, Internet Explorer changed to use new API  More secure message “preview”  Replaces AssocIsSafe() Compatibility Impact  Use new API in your applications for better user experience, and better determination of security implications of content

14. Slide 14Microsoft Certified Partner: A. M. Software Services, Inc. Web Browsing Goal and Customer Benefit  Ensure a more secure web browsing experience What We’re Doing  Locking down local machine and local intranet zones  Improved notifications for running or installing applications and ActiveX controls - Limit UI spoofing  HTML on local machine won’t be able to script unsafe ActiveX controls or access data across domains in the Local Machine Security Zone  Blocking unknown, unsigned ActiveX controls  Files served with mismatched or missing mime-headers and file extensions may be blocked  Pop-up windows will be suppressed unless they are initiated by user action Compatibility Impact  Check for web application compatibility new defaults

15. Slide 15Microsoft Certified Partner: A. M. Software Services, Inc.

16. Slide 16Microsoft Certified Partner: A. M. Software Services, Inc. Advanced Pop-up Blocker Settings

17. Slide 17Microsoft Certified Partner: A. M. Software Services, Inc. Data Execution Prevention (DEP) Goal and Customer Benefit  Reduce exposure of some buffer overruns What We’re Doing  Leverage hardware support in 64-bit and newer 32-bit processors to only permit execution of code in memory regions specifically marked as execute  Reduces exploitability of buffer overruns  Enabled by default on NX capable machines  Ensure application compatibility with NX for Longhorn Compatibility Impact  Ensure your code doesn’t execute code in a data segment  Ensure your code runs in PAE mode with <4GB RAM  Use VirtualAlloc with PAGE_EXECUTE to allocated memory as executable  Test your code on 64-bit and 32-bit processors with “Execution protection”

18. Slide 18Microsoft Certified Partner: A. M. Software Services, Inc. DEP User Experience What the user sees on buffer overrun Adding the app to exception list DEP Control Panel settings

19. Slide 19Microsoft Certified Partner: A. M. Software Services, Inc. Additional Enhancements in Windows SP2  Windows Update client  Will use a consistent engine for reporting system state and reducing inconsistent results on secure patch availability on a computer.  Windows Media 9 Series Player  Enhanced performance and security improvements over prior versions.  DirectX 9.0b  Latest, most secure DirectX components include fixes to address a network firewall change that impacts OEM pre-installs and DirectPlay.  Bluetooth Client v2.0  Includes support for the latest version of Bluetooth (v1.2) allowing customers to take advantage of the latest wireless devices.  Unified Windows Local Area Network (LAN) client  New wireless LAN will work with a broad range of wireless hotspots enabling customers to connect seamlessly without having to install or update a third-party client.  “SmartKey” Wireless Setup  Simplifies configuration of security settings for wireless networks by using USB Flash Drive or other removable media to transfer configuration and security keys to PCs & devices.

20. Automatic Updates  Configured upon SP2 installation  GUI redesigned

21. Slide 21Microsoft Certified Partner: A. M. Software Services, Inc. New Bluetooth Client  Improved user experience  Improved security  New profiles:  Personal Area Network user (PANU)  File push – Object Push Profile (OPP)  Virtual COM ports  Boot-mode support for keyboards  Selective suspend support  Benefits  Enables scenarios without the mess of wires  Extends use of a loosely connected devices for use with the PC  Same devices used with PC in both corporate and consumer contexts  Easy discovery of devices with Windows Bluetooth support

22. Slide 22Microsoft Certified Partner: A. M. Software Services, Inc. Improved Wireless configuration  Improved detection of wireless networks  Friendlier user interface  Wireless Network Setup Wizard  WEP Key configuration/transfer using removable storage

23. Slide 23Microsoft Certified Partner: A. M. Software Services, Inc. How to discuss SP2 with your customers  Naming: “Windows XP Service Pack 2”  In Marketing Communications: “Microsoft® Windows® XP Service Pack 2 with Advanced Security Technologies”  Why your customers should care about SP2:  Advanced security technologies and default safeguards will help provide proactive protection to help guard against hackers, viruses and other security risks. StrongSecuritySettings Security Tools: Manageability & Control Improved & Safer User Experiences Improved Firewall Improved Firewall New Internet Explorer with Security Improvements New Internet Explorer with Security Improvements Safe Attachment execution Service Safe Attachment execution Service Windows Security Center Windows Security Center Pop-up Blocker for IE Pop-up Blocker for IE Firewall Centralized Management Firewall Centralized Management Smartkey Wireless Support Smartkey Wireless Support Improved Wireless LAN support Improved Wireless LAN support Bluetooth support built-in Bluetooth support built-in WM Player 9 Series and Movie Maker 2.1 WM Player 9 Series and Movie Maker 2.1

24. Slide 24Microsoft Certified Partner: A. M. Software Services, Inc. SP2 Value for Partners  The release of SP2 creates an opportunity for you to conduct security audits with your customers:  Use Microsoft Baseline Security Analyzer to check security status on existing systems (http://www.microsoft.com/security/guidance/tools/default.mspx)  Check for Anti-Virus and Firewall usage/status  Upgrade existing Windows XP capable systems to SP2  Upgrade older PCs to new ones with Windows XP SP2  Upgrade small business networks to Windows Small Business Server 2003 with Windows Update Services installed  http://www.winnetmag.com/Windows/Article/ArticleID/41969/41969.html  Windows Security Center dramatically underlines the need for AV software for your customers  This is a great revenue opportunity for you  When your customers have SP2, they’re less likely to require support  Can increase your customer satisfaction  Increase your credibility as reliable source of security solutions

25. Slide 25Microsoft Certified Partner: A. M. Software Services, Inc. Closing Remarks  “I've been reviewing Windows products for a decade now, and very rarely have I been able to wholeheartedly recommend any product. Windows XP Service Pack 2 (SP2), however, is such a product: Barring a massive incompatibility issue, virtually every Windows XP user should upgrade to this release as soon as possible, in order to take advantage of its enhanced security features.”  Paul Thurrott, Windows &.NET Magazine

26. Slide 26Microsoft Certified Partner: A. M. Software Services, Inc. Visit the Windows XP SP2 Readiness Center on MOSB : www.microsoft.com/oemwww.microsoft.com/oem Visit the Windows XP SP2 Readiness Center on MOSB : www.microsoft.com/oemwww.microsoft.com/oem Make security a high priority when configuring & customizing new PCs Help us get the Windows XP installed base updated with SP2 Call to Action for Partners Evaluate pre-installed applications using Microsoft security guidelines Download Windows XP SP2 from www.microsoft.comwww.microsoft.com Download Windows XP SP2 from www.microsoft.comwww.microsoft.com

27. Questions? For more SP2 feature information: http://www.microsoft.com/technet/treeview/default.asp?u rl=/technet/prodtechnol/winxppro/maintain/winxpsp2.asp

28. Slide 28Microsoft Certified Partner: A. M. Software Services, Inc. © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.