While Microsoft essentially is the PC by virtue of its dominance in the operating system and application arenas, Google is just as synonymous with in the Web realm. In fact, Google has evolved well beyond its origins as a Web search engine and has sought to rewrite the rules of engagement and take on Microsoft head-to-head in many areas.

Because Google is a web-based company that designs web-based applications, they decided to develop their own web browser from the ground up to work more efficiently, productively, and securely than with current browsers such as Internet Explorer and Firefox.

Crash Control:

One of the most innovative features of Google Chrome is the sandboxing functionality. Internet Explorer and other browsers run one instance of the browser engine with multiple associated processes. That means that if one or more browser windows or tabs crash or run into issues, it will most likely crash the web browser engine and take down every other instance with it.

Google Chrome runs each instance separately. Malware or issues in one tab can not affect other open browser instances, and the browser is unable to write to or modify the operating system in any way- protecting your PC from attack.

Incognito Surfing:

Maybe you are just private and don’t think that details of your web surfing should be retained on your system. Perhaps you are trying to shop for a spouse online and you don’t want the search or history data to reveal what you might be shopping for. Whatever your reason, Google Chrome has an Incognito feature which lets you surf the Web with relative anonymity.

The Incognito mode can also be useful when browsing on public systems like library or school PC’s. With Incognito the sites you open and files you download are not logged in the browser history and all new cookies are removed when the session closes.

Safe Browsing:

Secure web browsing relies on certificates to verify the authenticity of the server you are connected to. Some attacks can be accomplished though by providing a certificate to convince your browser it is safe, but redirect you to a different, malicious web site.

Google Chrome compares the information provided in the certificate with the actual server being connected to and alerts you if the information doesn’t jive. If Chrome detects that the address specified in the certificate and the actual server you connect to are not the same, it issues this warning “‘This is probably not the site you are looking for!”

Vulnerabilities and Flaws:

Almost as soon as Google released the public Beta version of the software security researchers began to identify flaws and vulnerabilities. Any new software is typically run through the ringer, but a web browser from the company synonymous with the web gets some extra attention.

Chrome was quickly discovered to be vulnerable to a ‘carpet-bombing’ flaw originally identified in Apple’s Safari browser. A few days later it was found to have a buffer overflow flaw that could also be exploited for malicious attacks.

The Verdict:

While there have been a couple security flaws and vulnerabilities identified, no web browser is perfect and in Google’s defense Chrome is still in Beta testing.

Chrome does have a variety of innovative features and a unique interface that many users have quickly come to prfer over Internet Explorer and Firefox. Many users also report that it is faster at loading pages than other web browsers. The additional security controls should prove valuable in helping you surf the Web safely. Google Chrome is definitely worth taking a look at.

Download Google Chrome:

You can download the current version of the Google Chrome web browser here: Download Google Chrome

• Microsoft Security Bulletin MS08-003
  Vulnerability in Active Directory Could Allow Denial of Service
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-003.mspx
• Microsoft Security Bulletin MS08-004
  Vulnerability in Windows TCP/IP Could Allow Denial of Service
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-004.mspx
• Microsoft Security Bulletin MS08-005
  Vulnerability in Internet Information Services Could Allow Elevation of Privilege
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-005.mspx
• Microsoft Security Bulletin MS08-006
  Vulnerability in Internet Information Services Could Allow Remote Code Execution
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-006.mspx
• Microsoft Security Bulletin MS08-007
  Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-007.mspx
• Microsoft Security Bulletin MS08-008
  Vulnerability in OLE Automation Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-008.mspx
• Microsoft Security Bulletin MS08-009
  Vulnerability in Microsoft Word Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-009.mspx
• Microsoft Security Bulletin MS08-010
  Cumulative Security Update for Internet Explorer
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-010.mspx
• Microsoft Security Bulletin MS08-011
  Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-011.mspx
• Microsoft Security Bulletin MS08-012
  Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-012.mspx
• Microsoft Security Bulletin MS08-013
  Vulnerability in Microsoft Office Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-013.mspx

• Microsoft Security Bulletin MS08-030
  Vulnerability in Bluetooth Stack Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-030.mspx
• Microsoft Security Bulletin MS08-031
  Cumulative Security Update for Internet Explorer
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms08-031.mspx
• Microsoft Security Bulletin MS08-032
  Cumulative Security Update of ActiveX Kill Bits
  Microsoft Criticality: Moderate
  • http://www.microsoft.com/technet/security/bulletin/ms8-032.mspx
• Microsoft Security Bulletin MS08-033
  Vulnerabilities in DirectX Could Allow Remote Code Execution
  Microsoft Criticality: Critical
  • http://www.microsoft.com/technet/security/bulletin/ms8-033.mspx
• Microsoft Security Bulletin MS08-034
  Vulnerability in WINS Could Allow Elevation of Privilege
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-034.mspx
• Microsoft Security Bulletin MS08-035
  Vulnerability in Active Directory Could Allow Denial of Service
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-035.mspx
• Microsoft Security Bulletin MS08-036
  Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service
  Microsoft Criticality: Important
  • http://www.microsoft.com/technet/security/bulletin/ms8-036.mspx

1. MS08-056

Vulnerability in Microsoft Office Could Allow Information Disclosure
Criticality: Moderate

11. MS08-066

Vulnerability in the Microsoft Ancillary Function Driver Could Allow Elevation of Privilege
Criticality: Important

One of the most talked about additions in SP2 has been the Security Center and the changes Microsoft has made to a number of different features in the name of security. When Windows XP was first released it was hailed as the most secure yet. Windows XP Home edition, although it still lacks some of the most important security features of its Windows XP Pro sibling, was a quantum leap better in stability and security than its Windows home operating predecessors such as Windows 98 or Windows ME (Millennium Edition).

But, one of the chief complaints has been that there are still insecure features that are enabled by default while the security features such as the built-in firewall are disabled by default. This means that users must know enough to determine that they want the security feature turned on and then figure out how to navigate through Windows to find the feature and enable it. Its a little like selling a car with brakes, but having them be disabled until the user finds the right switch to turn them on.

Windows XP Service Pack 2 includes many new or modified features designed to make the operating system more secure such as:

• Managing IE add-ons
• Stopping malicious scripting in IE
• Blocking pop-up ads
• More secure Outlook Express email
• A vastly improved firewall
• New Security Center feature
• Modified Automatic Updates configuration
• Disabled Windows Messenger Service
• Restrict ability of network services to propagate threats

Below is a more detailed explanation of each of these new and improved security features:

• Internet Explorer Updates
  • Manage Add-Ons: Many programs install a plug-in or add-on which adds some functionality to the Internet Explorer (IE) web browser. Many users go about happily clicking OK and may install add-ons they don’t really want or need and some malicious programs might secretly install add-ons. This utility allows you to view the add-ons installed on your system as well as add-ons that have been used by Internet Explorer but not installed. You can enable or disable the different add-ons from this utility as well.
  • Pop-Up Blocking: Yes, you read that right. Internet Explorer will finally have the ability to block those annoying pop-up ads. Most other web browsers have already had this functionality, and many Internet Explorer users have adopted tools like the Google Toolbar which is a plug-in you can add to Internet Explorer to block pop-up ads among other things, so the annoying advertisers have already been busy trying to find other ways to get their ad in front of you. But, there are still plenty of sites with pop-up ads and this new feature will help make sure you don’t have to see them.
  • Modified Scripting Functionality: Unscrupulous sites can use scripting to accomplish a variety of mischievous, if not outright malicious, actions. With the current IE it is possible for a web site to open new windows that aren’t even visible on the screen or to open new windows that don’t have the normal status and toolbars which make them difficult, if not impossible to close via normal means. After SP2, IE will not allow developers- mischievous, malicious or just mis-guided- to do these sorts of things.
• More Secure Email: SP2 makes changes to the way Outlook Express works that will help protect most users from unknowingly or accidentally infecting their systems with viruses or Trojans. Outlook Express will block a variety of file attachment types such as EXE or COM files which are executable and may contain malicious code. Graphic images are blocked by default, but allow you to right-click and download them anyway. This can help prevent the display of potentially offensive pictures in spam email.

• New and Improved Firewall: EDIT: This section has been revised after I learned that some of the information I had regarding the improved firewall was incorrent.
  This is one of the best updates in SP2 in my opinion. The Internet Connection Firewall (ICF) that comes with Windows XP is not intuitively named or configured and is disabled by default. With SP2 the firewall gets a new name, Windows Firewall, and a number of significant changes that improve its functionality. Primarily, the Windows Firewall is enabled by default and is monitored through the Security Center. It also allows you to enable or disable it on an interface by interface basis rather than the all-or-nothing approach of ICF. This firewall is leaps and bounds better than ICF but probably not sufficient to replace a 3rd-party personal firewall such as ZoneAlarm.
• New Security Center: With SP2, Windows XP adds a new option in Control Panel called Security Center. The main screen of the Security Center displays information on the current status of your firewall and antivirus protection as well as whether or not automatic updates are enabled. Each item can be green (On), red (Off) or orange (Unknown). Windows does not come with antivirus software, but it will check for 3rd-party antivirus software and let you know if it is running and up to date. The firewall portion favors that you simply use the Windows Firewall. When I disabled the Windows Firewall and ran my ZoneAlarm Pro instead the firewall check turned orange. Security Center was able to tell me that ZoneAlarm Pro is installed, but it was unable to verify it was running or properly configured so it marks the status orange. Regardless, this is a handy step in the right direction. It gives even novice users a sort of “one stop shopping” place to look to see whether their system has the basic protective measures turned on or not.
• Automatic Updates: Automatic Updates are not new. Microsoft has long offered the option of enabling Automatic Updates so that your Windows system could periodically phone home and learn of any new critical updates that might be available. Depending on how you configure it, these updates can occur without your intervention while you’re snug in your bed, thereby keeping your system more or less proactively patched without any effort on your part. With Windows XP a little icon would appear in the Systray asking the user whether they wanted Automatic Updates turned on or not, but with SP2 the question of Automatic Updates is made much more obvious and harder to ignore. Hopefully this new approach will lead more home users to enable this feature.
• Disabled Windows Messenger Service: This is not to be confused with the Microsoft MSN Messenger instant messaging program. The Windows Messenger Service is used to communicate between network devices and send alert messages and such to administrators. It is arguably unneccesary for home users and has been hijacked by spammers as a means for popping up unsolicited messages on users machines. Disabling it by default will stop this annoying spam from showing up on your computer.
• Stop Network Attacks: In the past year or so flaws in the Remore Procedure Call (RPC) and Distributed Component Object Model (DCOM) technologies have resulted in a variety of malware including the MSBlast and Nachi worms. These threats were able to exploit these vulnerabilities to spread across network connections from computer to computer. The changes made by SP2 will help to reduce or eliminate exploits like these.

I could go on and on. This isn’t so much a patch or update as it is a completely new version. Rather than calling it Windows XP Service Pack 2 they could just drop the “Service Pack” part and call it Windows XP 2. With Windows XP SP2 Microsoft has finally made some tremendous strides in providing a more secure operating system by default rather than simply including some questionably functional security features buried somewhere within the operating system.

There is no question that every Windows XP user should acquire and install this update once it becomes available. Windows XP Home users will still be lacking in a number of very key security features that exist in Windows XP Professional (see 5 Steps To Secure Windows XP Home), but with SP2 it will be significantly more secure than without it. Not only will applying SP2 add all of this new security functionality, but it will apply all of the patches for the operating system up through the date they publish the Service Pack so the system will be protected against all of the known vulnerabilities through that time.

One of the biggest issues facing users will be acquiring the update. I have heard reports that it is in the 200Mb range, however the RC1 version that I downloaded was a 475Mb download which would take approximately 20 to 45 hours to download on a standard dial-up connection. While broadband use is growing rapidly, there are still a vast majority of users- the very users who need the updated security the most- who are using slow dial-up connections to access the Internet.

Perhaps Microsoft will offer to ship the CD for free to registered users by request. I have contended that Microsoft should partner with distribution outlets like Blockbuster Video or Best Buy or Target or something to offer Service Packs and other large updates on free CD’s for the taking the same way the ubiquitous America Online CD’s are pushed. If neither of those things occur, you might consider downloading it at work if you have highspeed access and won’t be violating the AUP (acceptable use policy) of your employer, or find a friend with broadband access and a CD burner to help you get the patch.

Spybot S&D
Spybot – Search & Destroy can detect and remove spyware of different kinds from your computer. Spybot S&D is exceptionallu popular and very effective. It can be used in conjunction with a program like Ad-Aware because they will often catch a handful of spyware that the other did not detect. Spybot S&D is available completely free of charge.

IE-SPYAD
IE-SPYAD is a Registry file (IE-ADS.REG) that adds a long list of known advertisers, marketers, and spyware pushers to the Restricted sites zone of Internet Explorer to block those sites from being accessed.

SpywareBlaster
Rather than detecting and removing spyware after the fact, SpywareBlaster proactively protects your system to block spyware and adware from infiltrating in the first place.

HiJack This
Despite all of your security and protection you may still get infected with spyware or a web browser hijacker that the other tools are unable to detect for some reason. HiJack This will generate a report of all browser add-ons, buttons and start-up items to help you determine rogue items and remove them.

XP-AntiSpy
XP-AntiSpy does not detect or disable spyware in the traditional sense. There are services running by default on many Windows XP systems which some may consider a privacy or security concern. You can disable them on your own, but using XP-AntiSpy you can view and disable these services much quicker and allow you to re-enable them just as quickly if you choose.

X-Cleaner
X-Cleaner performs cookie cleaning, Internet cache cleaning, scans for many popular spy software packages and performs permanent file shredding. This version is available for free, but the developer also offers a Professional version with more functionality for purchase.

Yahoo Companion Toolbar
The Yahoo Companion Toolbar is similar to the Google Toolbar. It offers a variety of functions designed to make web surfing and especially web searching easier and more efficient. As an added bonus it also allows you to control how and if pop-ups will appear.

Pop-Up Stopper Free
Surf with style with this free browser pop-up ad blocking utility for Internet Explorer and Netscape. This program is completely free, and does not require registration to use or download.

Stop-The-Pop-Up
Stop-the-Pop-Up is a free pop-up blocker preventing all annoying pop-up windows from appearing as you surf the web.

Pop-Up Killer
Free-Popup-Killer SPEEDS UP your surfing. It effortlessly kills those invisible background popunders that chew up your bandwidth ($$) and slow down your downloads.

NoAds
NoAds stops Internet popup ads from getting in the way of your web surfing. NoAds is fully configurable, allowing you to specify which ads you want to be destroyed automatically.

Stop Messenger Spam
Our software allows any user, even those with minimal to no knowledge of computers, to be able to stop messenger spam with one click.

SecretMaker
All-in-One SECRETMAKER is designed to help users keep their email box free of spam, avoid irritating pop-up and banner ad interruptions, protect their privacy and avoid profiling and use the Internet efficiently for private or business use.

DiamondCS RegistryProt
RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. Just 94kb – download your free copy today!

DiamondCS IRClean IRClean is a 100% free, standalone, compact (30kb total download), and easy-to-use yet very powerful anti-worm system designed to specifically combat worms that target or use IRC chat networks to propagate. It has been released into the public domain for free to help stem the growing tide of IRC-propagating worms.

DiamondCS TaskMan+
TaskMan+ is a free tiny utility that launches Windows Task Manager in a special way as to boost the security privileges of Task Manager, which in turn gives it a real unconditional license to terminate ANY process. Requires Administrator privileges

DiamondCS Console Tools
Finds Ascii, Unicode and Resource strings in a file

Foundstone BinText
Add more power to your command prompt with our free console tools! Freeware tools include CRC32/MD5/SHA-160 secure hashes, Password Reveal, Uptime, ICMP TraceRoute, ICMP Ping, IP list, Send Mail, HTTP Get, Resolve, XWhois and more!

Foundstone Blast
A small, quick TCP service stress test tool.

Foundstone BOping
A scanner for the infamous Back Orifice program.

Foundstone Forensic Toolkit
This tool is a file properties analyzer. Examine the files on a disk drive for unauthorized activity. Lists files by their last access time, search for access times between certain time frames, scan the disk for hidden files, data streams. Dump file and security attributes. Report on audited files. Discover altered ACL’s. See if a server reveals too much info via NULL sessions. Contains the following utilities:

• AFind is the only tool that lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will. AFind allows you to search for access times between certain time frames, coordinating this with logon info provided from ntlast, you can to begin determine user activity even if file logging has not been enabled.
• HFind scans the disk for hidden files. It will find files that have either the hidden attribute set, or NT’s unique and painful way of hiding things by using the directory/system attribute combination. This is the method that IE uses to hide data. HFind lists the last access times.
• SFind scans the disk for hidden data streams and lists the last access times.
• FileStat is a quick dump of all file and security attributes. It works on only one file at a time but this is usually sufficient.
• Hunt is a quick way to see if a server reveals too much info via NULL sessions.

Foundstone FPipe
FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream with a source port of your choice. This is useful for getting past firewalls that allow traffic with source ports of say 23, to connect with internal servers.

Foundstone FSMax
A scriptable, server stress testing tool.

Foundstone NTLast
Security log analyzer. Identify and track who has gained access to your system, then document the details—Enhanced audit/tracking features, such as reading saved files. Includes raw time output for Excel analysis and many more additional features for Webmasters.

Foundstone Pasco
An Internet Explorer activity forensic analysis tool.

Foundstone PatchIt
A binary file byte-patching program.

Foundstone ShoWin
Show information about Windows. Reveal passwords etc.

Foundstone SQLScan
A tool for scanning Microsoft SQL Server 2000 Worm.

Foundstone UDPFlood
UDP packet sender utility.

Knoppix
Linux-Kernel 2.4.x * Internet connection software * utilities for data recovery and system repairs, even for other operating systems * network and security analysis tools for network administrators * more than 900 installed software packages with over 2000 executable user programs & utilities.

SMAC
KLC Consulting has created a tool to spoof MAC addresses. This can be used for a variety of purposes such as high-availability systems so you can seamlessly put another system online without changing the MAC address. For more information see this site: SMAC FAQ

Sysinternals BgInfo
This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more.

Sysinternals Ctrl2Cap
This is a kernel-mode driver that demonstrates keyboard input filtering just above the keyboard class driver in order to turn caps-locks into control keys. Filtering at this level allows conversion and hiding of keys before NT even “sees” them. Full source is included. Ctrl2cap also shows how to use NtDisplayString() to print messages to the initialization blue-screen.

Sysinternals FAT32 for Windows NT4
Another first from Sysinternals: a FAT32 file system driver for NT 4.0. Dual booting with Windows 95OSR2 and Windows98 just got more efficient!

Sysinternals Fundelete
This utility expands the NT 4.0 Recycle Bin to catch file deleted from command prompts and within programs, and it comes with full source code. Several powerful device driver techniques, including getting a user’s SID within a driver, enumerating a directory’s contents, and generating IRPs, are demonstrated in source code available for download.

Sysinternals LDMDump
Dump the contents of the Logical Disk Manager’s on-disk database, which describes the partitioning of Windows 2000 Dynamic disks.

Sysinternals NewSID
Learn about the computer SID problem everybody has been talking about and get a free computer SID changer, NewSID, complete with full source code.

Sysinternals NTRecover
Finally, the utility that NT system administrators have been waiting for. With NTRecover you can access a dead x86 NT system’s disks from a good system over a serial connection. You can then salvage data off of the drives using native NT commands and utilities. With the write-version you can even run chkdsk on the dead system’s drives! The read-only version is freeware.

Sysinternals Locksmith
Locksmith is an add-on program to NTRecover that allows for the changing of passwords on systems where the administrative password has been lost. It works 100% of the time, and if you’ve forgotten the password to your machine, you can gain entry within minutes using Locksmith.

Sysinternals NTFSCHK
If you dual boot between NT 4 and Windows 2000 then your NTFS drives were upgraded to NTFS v5 and you have had to boot into Windows 2000 to check them. With NTFSCHK you can check your NTFS v5 drives from NT 4.

Sysinternals NTFSDos Pro
Full read/write access to NTFS drives from DOS! Download this free read-only version.

Sysinternals NTFSFlp
Ever wondered why you can’t put NTFS on a floppy disk? Find out how and why NT stops you from doing it, and use NTFSFlp to bypass NT’s preventative measures and create and access NTFS floppy disks.

Sysinternals NTFS for Windows 98
Yet another first from Sysinternals: a full-blown NTFS file system driver for Windows 95/98!

Sysinternals Remote Recover
Access unbootable systems from across a LAN or WAN. With Remote Recover you can access a dead x86 NT system’s disks from a good system over a TCP/IP connection. You can then salvage data off of the drives using native NT commands and utilities. With the write-version you can even chkdsk, format or partition the dead system’s drives! The read-only version is freeware.

Sysinternals SDelete
Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program. Complete source code is included.

Sysinternals ShareEnum
Scan file shares on your network and view their security settings to close security holes.

Sysinternals Sync
Force NT to flush all modified file system data to disk, insuring that it will be safe in the face of a crash.

Sysinternals VolumeID
Set volume ids on FAT and NTFS hard drives and floppy disks using this little utility.