Antivirus Defense in Depth Guide Updated for XPSP2


On Friday, Microsoft posted version 2.0 of the Antivirus Defense in Depth Guide. You can find out more and download it from here:

The Antivirus Defense-in-Depth Guide

The information presented in the Antivirus Defense-in-Depth guide has been updated to reflect the security improvements provided as part of Windows XP Service Pack 2. A number of the features in Windows XP Service Pack 2 have made it more difficult for malware to attack a Windows XP based computer. The updates to this guide are designed to ensure these enhancements are identified and explained.

Comments (3)
  1. "The first line of defense at the application layer is to reduce the attack surface of the computer. All unnecessary applications or services should be removed or disabled on the computer to minimize the number of ways an attacker could exploit the system."

    This is a good recommendation and I’m glad to see it listed first, before antivirus software and patches.

    Does Microsoft provide a more detailed guide as to what the various services are for and when it’s safe to disable them? The page referenced from this paper is just a list of names and defaults, with only a few of them documented.

    Is there a way to control what applications have access to components with a large attack surface, particularly the HTML control? We have been pretty successful until recently by simply avoiding the use of IE and Outlook and using third-party products that implement their own sandboxed HTML rendering engine. But as more and more applications use it, it’s become almost impossible to keep it from opening.

Comments are closed.

Skip to main content