Windows XP Service Pack 2 Strengthens the Defense Against Spyware

Related Links • Ask questions or discuss this topic in the Windows XP Security and Administration Newsgroup • Windows XP Service Pack 2 Web site • Get SP2 via Automatic Updates • What to know before you download and install SP2 • Windows XP SP2 Support Center • Order Windows XP SP2 on CD • Windows XP SP2 Network Installation Package • How to Protect Your Computer from Spyware and Adware • Column: Introduction to Windows XP Service Pack 2 • Column: Getting and Installing Windows XP Service Pack 2 • Lavasoft • Windows XP Service Pack 2: What's New for Internet Explorer and Outlook Express • What You Should Know about Spyware and Other Unwanted Software • Non-Microsoft Anti-Spyware Guide • Previous columns by Jerry Honeycutt Get Windows XP SP2 Windows XP SP2 is an important, free update that helps you protect your PC against viruses, hackers, and worms. You can download SP2 from Microsoft and install it on your own computer. You can get SP2 and all future critical updates automatically by turning on the Automatic Updates feature in Windows XP. You can download SP2 right now from Microsoft Update.

In an earlier column, How to Protect Your Computer from Spyware and Adware, I described the damage that spyware can do to your computer. I also explained how you can remove it from your computer and even prevent its installation in the first place.

I wrote that column before Microsoft released Windows XP Service Pack 2 (SP2). I'm back now to tell you how SP2 helps spyware and other unwanted software from getting on your computer. Because SP2 strengthens your defense against Web sites installing spyware on your computer, I encourage you to update your computer as soon as possible. See Windows XP Service Pack 2 and Barb Bowman's article, Introduction to Windows XP Service Pack 2 for more information about installing the service pack and learning about its new features.

Check for Spyware before Installing Service Pack 2

Before you install SP2, make sure you scan your computer for spyware and other unwanted software—particularly if you're experiencing the symptoms of spyware, such as unwanted pop-up advertisements even when your browser is closed, or poor performance—particularly if you have noticed a recent slowdown in your system. While installing Service Pack 2 will help prevent the installation of spyware, it doesn't remove existing spyware from your computer.

Your virus scanner can detect some spyware, but most virus scanners don't yet detect the full range of spyware. Instead, you can use software specifically designed to detect and remove spyware. The one I use is Ad-aware from Lavasoft. A freeware version is available for use home users. You can find more spyware removal tools at the Microsoft site Security at Home: Fight Spyware or the Anti-Spyware Guide on the Firewallguide.com Web site.

Top of page

Information Bar Helps Alert you while Browsing the Web and Prevents Unsolicited Downloads and Pop-ups

One of the features that Service Pack 2 adds to Internet Explorer is a simple Information Bar that appears at the top of a Web page, as shown in Figure 1.

Figure 1

This feature does a lot to keep you informed while you're browsing the Web. For example, this little Information Bar lets you know when Internet Explorer blocks the installation of ActiveX controls, blocks pop-up windows, or prevents a file download.

The Information Bar also helps you get Web pages that you trust working when Internet Explorer has blocked content on the Web page. For example, if Internet Explorer blocks a download and displays a notification in the Information Bar, you can simply click the Information Bar and select the option to allow the download. If Internet Explorer blocks a pop-up window, the browser will display a notification in the Information Bar; you can click the Information Bar to allow pop-up windows from the Web site permanently or temporarily.

For more information, see Windows XP Service Pack 2: What's New for Internet Explorer and Outlook Express.

Top of page

Block Pop-up Windows That Install Spyware

Pop-up windows can be a constant source of distraction, and consume your computer’s resources. They're also a potential source of spyware and other unwanted software. Pop-ups can a source of advertisements that trick you into downloading spyware onto your system.

One of the biggest anti-spyware feature that Service Pack 2 adds to Internet Explorer is the Pop-up Blocker. You don't need a third-party pop-up blocker anymore. Service Pack 2 installs and turns on a built-in Pop-up Blocker automatically, and then configures it to a medium setting. This setting blocks most unwanted pop-up windows while allowing pop-up windows that result from you clicking a link or button on a Web page.

Of course, Internet Explorer notifies you when it blocks a pop-up window by using the Information Bar (see Figure 1). When you click a notice in the Information Bar, you can choose from temporarily allowing pop-up windows, always allowing pop-up windows from the current Web site, or configuring the Pop-up Blocker.

The following steps show you how to fully configure the Pop-up Blocker:

1.

In Internet Explorer, on the Tools menu, click Pop-up Blocker, and then click Pop-up Blocker Settings. Figure 2 shows the Pop-up Blocker Settings dialog box. Figure 2

2.

Do the following: • To allow pop-up windows from a specific site, type the address of the site in the Address of Web site to allow box, and then click Add. • To prevent Internet Explorer from playing a sound when it blocks a pop-up window, clear the Play a sound when a pop-up is blocked check box. • To prevent Internet Explorer from notifying when it blocks a pop-up window by using the Information Bar, clear the Show Information Bar when a pop-up is blocked check box. • To change the filter level, click one of the following in the Filter Level list: • High: Block all pop-ups (Ctrl to override) • Medium: Block most automatic pop-ups • Low: Allow pop-ups from secure sites

If you turn on the High filter level, Internet Explorer blocks all pop-up windows. You can override this behavior for individual windows by holding down the Ctrl key while you click a link or button.

I find the Pop-up Blocker in Internet Explorer to be smarter than many third-party pop-up blockers. For example, if the browser blocks a window and you click the Information Bar to allow the pop-up, Internet Explorer goes ahead and opens the new window. Other pop-up blockers require you to click the link or open the Web page again. Also, the Internet Explorer Pop-up Blocker does a good job of allowing pop-up windows that you intentionally open by clicking a link. And the Pop-up Blocker doesn't block pop-up windows in the Local intranet and Trusted sites security zones. That's why I think the Internet Explorer Pop-up Block is better integrated with the browser than many third-party blockers.

Top of page

Help Stop Web Sites from Creating Deceptive Windows

Another source of spyware are deceptive windows that look like dialog boxes. For example, a Web site might open a window that contains a prompt and a Cancel button. When you click the Cancel button, the Web site installs spyware on your computer. Still others create pop-up windows with the title bar and Close button hidden from view and then trick you in to clicking a Close button on the window. Likewise, clicking this button installs spyware on your computer.

Service Pack 2 helps prevent Web sites from creating these deceptive windows automatically. First, Web sites can't create windows that hide the title bar or status bar off the edge of the screen. For that matter, the service pack doesn't even allow a Web site to turn off a browser window's status bar. The title bar and status bar are security features that provide important information that helps you identify the source and security of a Web page. By prohibiting Web sites from hiding these elements from view, the service pack prevents unscrupulous Web sites from tricking you in to actions you shouldn't take.

Top of page

Help Inform you About Programs you Download

In addition to blocking pop-up windows that tempt you in to installing spyware, Service Pack 2 helps prevent Web sites from automatically downloading and installing the garbage on your computer. It extends the download common dialog box for downloading files, too, as shown in Figure 3. First, you see an icon in the dialog box that identifies the type of file you're downloading. Also, the dialog box has an information area at the bottom that provides different information about the file, depending on the amount of risk there is in downloading the file.

Figure 3

And Internet Explorer checks all executable files you download for publisher information. After downloading an executable file, the browser displays information about the program's publisher, which helps you make a better-informed decision before you run the program. Internet Explorer also by default blocks downloads of software that is unsigned by the publisher.

Top of page

Use a Little Common Sense

All the best security can't prevent the installation of spyware that you install yourself, however. Take another look at How to Protect Your Computer from Spyware and Adware to learn about the risks.

Make sure that you're familiar with the different ways that you can get spyware; the common-sense steps you can take to prevent its installation; and the tools available for removing spyware once it's installed.

Don't install programs from sources you don't trust, and be wary of free software that's supported by advertisements. If it's sounds too good to be true, it might be spyware or other unwanted software. When in doubt, check it out…before you download.

Expert Zone Columnist Jerry Honeycutt is a writer, speaker, and technologist who has written over 25 books, including Microsoft Windows XP Registry Guide (Microsoft Press, 2002). He frequently writes about customizing and deploying Windows XP.

Top of page