Organisations with customer-facing websites should make
adjustments to their systems to ensure they are still fully
accessible after the introduction of Windows XP Service Pack 2
later this summer, Microsoft has warned.
Microsoft has come under fire from Cert, the US Computer Emergency
Response Team, which since 26 May has published 111 security alerts
and bulletins relating to Microsoft Internet Explorer.
Many of these problems will be fixed with the service pack, which
is due out later this summer. However, the higher level of security
in Windows XP SP2 will mean certain functions on websites may no
longer work.
Stuart Okin, chief security officer at Microsoft, urged
organisations to consider the impact of SP2 when designing
websites. "Balance between the richness of the website and
understanding security," he said.
Among the biggest problems could be the pop-up blocker. This is
designed to prevent pop-up advertisements being downloaded onto an
XP user's desktop. However, Okin noted that some sites use pop-ups
to allow users to enter information such as log-in details.
XP users who access sites using such features will be unable to see
the pop-up after they install SP2.
Another potential problem concerns printing. In a technical
document on SP2 software compatibility, Microsoft said, "With SP2,
you cannot print or print preview a web page that includes an
ActiveX object." The printing function is blocked. The only way for
an end-user to print the page is to turn off a Windows registry
setting called "local machine zone lockdown". Microsoft advises
against this, as it lowers security.
In a corporate IT environment, Microsoft warned that the Windows
Firewall, which is switched on by default, will interfere with the
operations of several Microsoft System Management Server functions.
It suggested a three-step process to fix this problem, which
involves configuring each desktop machine manually.
Firms urged to look at rivals to 'hackers' target' Internet
Explorer