Windows 2003 leaves security gaps

Wednesday, 23 April 2003, 12:37 PM EST

Microsoft will launch Windows Server 2003 Thursday, offering improved security and faster file and web server performance compared with Windows 2000, according to tests carried out by vnunet.com's sister title, IT Week.

But Microsoft's security-by-default strategy and new advanced features will demand tough policy decisions.

Basic security is improved because most server features, including the IIS web server, are disabled when the operating system is installed. This reduces the impact of automated attacks such as the Nimda and Code Red worms.

However, the Windows File and Print Sharing service runs by default, which provides an obvious entry point for hackers attempting to break into the system.

"Microsoft's decision to do this could be deemed a mistake by some in the security community," said Russ Cooper, editor of the NTBugtraq mailing list.

[ Read more ]




Spotlight

Implementing an effective risk management framework

How do we balance the benefit of the free flow of information with the risk of inappropriate access and/or disclosure? What are the consequences of not doing so?


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Mar 26th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //