Microsoft challenges hackers to crack service pack 2

Microsoft has thrown down the gauntlet to computer criminals worldwide by challenging hackers to take down its Windows XP security update, SP2.



The security offensive has been announced by Alistair Baker, UK head of the company, who insisted he would be "impressed" if criminals could get through an operating system running the software.



He said that Microsoft's service pack 2, launched by Bill Gates last month, was the "first big line we have drawn in the sand," to combat security breaches and spam.



The fighting talk has spurred punters odds of 2-1 on the system being hacked by the end of this year, while more generous odds of 6-4 are offered for the software standing up to cyber threats.



Mr Baker explained that while security remained a "big risk" as some users were in a transitional period with potential weaknesses to the operating system, the arrival of SP2 would mean "we are very much in control of the issue."



The US software maker said they expect 2.5 million SP2 downloads a day from its website with a target of seeing the software installed in 100m desktop computers by November.



But the controversy over SP2 focuses not just on security, as businesses and IT managers expressed concern about installing and running the update last month.



Microsoft chairman, Bill Gates, assures XP users need the service pack so they can ensure better security for their IT systems.



He said opting to upgrade, ensures PCs are "better isolated and more resilient in the face of increasingly sophisticated attacks."



Computer security firm, Sophos, which protects 25 million users from spam and anti-virus, recommends SP2 in default mode for average users.



"For stand-alone computers, installing this service pack with all its default settings should make for a more secure environment for average users," says Carole Theriault, security consultant at Sophos.



"It has a firewall turned on by default, Outlook has been improved to stop spammers from validating an email address and adding it to their spam lists. The service pack also alerts users against potentially viral attachments and potentially dangerous downloads."



The task for networked systems, however, was acknowledged as something that is often less straight forward for businesses and IT departments.



"For connected computers that an administrator would like to centrally administer, it can prove a little more difficult to use the default settings. The firewall basically limits the number of incoming connections, meaning it can prove difficult for central software to get in and see what, if any, updates are required. As a result, businesses may find themselves tinkering with the XP SP2 settings to suit their organisation."



Contractor UK asked Sophos about the likelihood of the $1bn software being hacked by the end of the year.



"I don't think the comments from Microsoft's head will change anything for hackers and other net criminals," responded Theriault.



"All software is designed to be as flawless as possible, but all software has bugs. Microsoft is the target because it's the leader in the arena, so there are lots of people who want to knock them sideways."

































Sep 10, 2004