Microsoft is now shipping Windows Server 2003 Service Pack 1 (SP1) to improve security and performance.
Microsoft said SP1 addressed core security issues by providing customers with a reduced "attack surface", better protected system services with stronger default settings, and reduced privileges.
"With Windows Server 2003 Service Pack 1, our development team took the time to treat the root cause of many security issues, not just the symptoms," said Bob Muglia, Microsoft senior vice-president of the Windows server division. "This service pack should help address certain classes of exploits."
Al Gillen, an analyst at IDC, said, "Microsoft has brought forward not just the normal collection of updates but several tools that promote more secure network configuration and a streamlined way to administer the latest security releases."
New technologies in SP1 include a security configuration wizard tool, which reduces the platform’s attack surface by gathering information about specific server roles. It then automatically blocks all services and ports not needed to perform those roles.
An additional Windows firewall on the server delivers network-wide control through group policies, and a post-setup security update feature blocks all inbound connections to the server until updates are activated on the computer. This prevents hacks between the time of installing updates and their activation.
Other SP1 features include Internet Information Services 6.0 Metabase Auditing, which allows administrators to identify potential malicious users; and stronger defaults and privilege reductions on services to establish a minimum security threshold for applications.
There is also the addition of network access quarantine control components to allow administrators to isolate out-of-date virtual private networking points.
Based on internal tests, and depending on server workload, Microsoft claims users can enjoy a 50% increase in performance and reliability through installing SP1.