Defending against Viruses
Windows XP Service Pack 2 has many new features that make Windows XP the most secure Microsoft operating system to date. One of the new features, called execution protection, takes advantage of a new hardware protection found in the latest CPUs of modern computers.
One of the most common types of computer break-ins and virus exploits has to do with buffer overflows. These occur when data is being sent to a buffer faster than the CPU can process it. When the buffer becomes filled, the system can become unstable and sometimes can execute code that was placed in the buffer. This is how many types of viruses spread. They take advantage of an unchecked buffer and can get the CPU to execute their malicious code. One easy solution to solve this problem is to include a feature in the CPU that will disable executing of
data in all buffers. By doing this, a virus might be able to get its code into the buffer, but because of limitations of the CPU, the code would never be executed, rendering the virus useless and unable to spread.
The new CPU level security can be found on the AMD Athlon 64 processor and new versions of the Intel Pentium 4 Prescott. If you have one of these chips with the execution protection feature, this feature is enabled by the operating system. However, having this feature enabled for all programs may cause some application errors because some need to be able to execute data in their buffers. To allow for this, Microsoft has created an exception list for such programs. You are advised to make sure every once in a while that no application has automatically added itself to the exception list. You really need to make
sure that only the applications that truly need to be there are there. To do this, follow these steps:
1. Right-click the My Computer icon located on the desktop or Start Menu and select Properties.
2. When System Properties loads, click the Advanced tab.
3. Then, click the Settings button under the Performance section.
4. Next, click the Data Execution Prevention tab and make sure that Help Protect All Programs Except: is selected.
5. Then, review the list and remove any apps except for the ones that you are 100 percent positive should be there.
6. Click OK to save your changes.
7. Select OK once more to close System Properties.
0 comments:
Post a Comment