March 11, 2005, 2:59 PM — Microsoft has released Windows Server 2003 Service Pack 1 RC2, which
includes many utilities and fixes that you should begin to look at right
away.
One of the biggest additions is the new Security Configuration Wizard
(SCW). This GUI-based tool uses Window 2003's roles-based
infrastructure to examine the ports and services that must be enabled
for a server to fulfill its intended roles. The SCW turns off unwanted
services and closes unwanted ports. The new wizard takes advantage of
XML security templates that you can easily modify to meet your specific
needs.
Additionally, SP1 RC2 also adds all the relevant security fixes that
Microsoft first added to XP SP2, including Windows Firewall, the Data
Execution Prevention (DEP) environment, and boot-time protection.
However, these features behave differently in Windows 2003 SP1. By
default, on clean installations, Windows Firewall is enabled to protect
the system from network-based attacks during the installation. After
installation, Windows Firewall is then disabled until you re-enable it.
Windows 2003 SP1 RC2 also adds the DEP memory-protection technology, as
well as changes to low-level technologies such as Distributed COM (DCOM)
and user-level applications such as Microsoft Internet Explorer (IE).
IE gets the Local Machine zone lockdown, Information Bar, pop-up
blocking, add-on management, and low-level architectural changes.
Join me next week when I touch on some of the additional improvements
offered by Windows Server 2003 Service Pack 1 RC2.
