Steve Ballmer briefed attendees on approximately what the update was supposed to do, but not how, in his security manifesto last week, but Paul Thurrott has some specifics, the most important being that the update to the built-in firewall will include features from Microsoft Internet Security & Acceleration Server, including outbound scanning capabilities.
Note that the two are described as complementing one another, but that’s more a case of Microsoft product positioning for the business market, and clearly doesn’t apply elsewhere.
Note also that Microsoft categorises ICF as “limited baseline protection for a home or small business network,” i.e. as it shipped in XP it was never seriously intended to do front line firewalling on its own.
If you ship a mini firewallette that by default is off and that is categorised as “baseline”, then clearly it’s not your fault if people are too dumb to get themselves proper firewalls.
But if you ship something you call a proper firewall and then it turns out not to protect users as they thought they’d be protected, it is your fault.
More info: [url=http://www.theregister.co.uk/content/55/33435.html]http://www.theregister.co.uk/content/55/33435.html[/url]