Windows 2003 leaves security gaps
Microsoft will launch Windows Server 2003 Thursday, offering improved security and faster file and web server performance compared with Windows 2000, according to tests carried out by vnunet.com's sister title, IT Week.
But Microsoft's security-by-default strategy and new advanced features will demand tough policy decisions.
Basic security is improved because most server features, including the IIS web server, are disabled when the operating system is installed. This reduces the impact of automated attacks such as the Nimda and Code Red worms.
However, the Windows File and Print Sharing service runs by default, which provides an obvious entry point for hackers attempting to break into the system.
"Microsoft's decision to do this could be deemed a mistake by some in the security community," said Russ Cooper, editor of the NTBugtraq mailing list.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.