Executives from Microsoft security group yesterday demonstrated some of the new security features planned for the next major Windows XP software update, known as Service Pack 2, and faced persistent questions from customers about whether the new features will interfere with other security technology.
Speaking at the company's monthly Executive Circle webcast, Mike Nash, corporate vice president of the security business and technology unit (SBTU) showed off new features to simplify the management of security technology like antivirus and desktop firewalls, and to protect users from malicious e-mail attachments.
Rebecca Norlander, group manager for the SBTU, spoke with Nash and confirmed that a second test version of Service Pack 2, known as release candidate 2 will be released in May, and that the final version of XP SP 2 is still on schedule for the first half of this year. More release candidates are possible after the RC2 release, depending on customer feedback, Norlander said.
Demonstrating XP SP2 for Nash, Norlander displayed the new Windows Security Center, which consolidates security configuration information, and displayed features in the Outlook e-mail client that will strip out malicious attachments or warn users when unknown and potentially harmful programs are trying to run.
In a question-and-answer session, Nash and Norlander responded to frequent questions from customers, submitted electronically, about how third-party antivirus products and firewalls would work with the new Windows version.
A query from someone named "Pablo" asked Norlander whether the Windows Firewall will work with common third-party firewalls like those by Network Associates and Zone Alarm.
Microsoft is working hard on compatibility testing, but it is ultimately up to customers to make the Windows Firewall run alongside another firewall product, Norlander said.
Microsoft encourages all XP customers to run the new version of the Windows Firewall so they can benefit from boot time security, a new feature in XP SP2 that protects Windows systems from attack while they are booting, she said. Customers who encounter compatibility problems between the Windows firewalls and other firewalls should report them to Microsoft and to the firewall vendor, she said.
A similar question was asked about whether third-party antivirus products automatically appear in the new Security Center. Microsoft responded that the company expects around 70 percent of commercial antivirus products to be recognised by Windows XP SP2 and to appear in the new Security Center management interface when XP SP2 is released.
Customers who experience problems with their existing antivirus package were also told to contact Microsoft and the antivirus vendor and report the problems.
Asked whether new security features make desktop antivirus and firewall products unnecessary, Nash said that companies should understand what security features are in Windows XP SP2 and to "evaluate your security products to see what's right for your environment," but that Microsoft is working to make Windows interact with and manage a variety of third-party products.
There has been speculation within the information technology community that Microsoft's tougher stance on security in XP SP2 might cause some applications to stop working. In an interview with IDG News Service in March, a Microsoft product manager warned that changes to default settings in Windows XP SP2 could affect the way older applications run.
Microsoft is reaching out to developers and large software vendors with training courses to discuss the impact of XP SP2 on existing applications and help making software applications compatible with the new version of XP, Microsoft said.
Nash and others encouraged Microsoft customers to download and test the first test release of Windows XP SP2, and to report any problems they encounter to the company.