In this section

• Home
• Press office
• News archive
• Articles
• 2005
• 02

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

9 February 2005

Microsoft warns of critical security flaws in its software

Microsoft has described eight of the vulnerabilities as critical.

Experts at Sophos have urged companies and home users to act quickly as Microsoft has released information about a dozen new security holes in their products. Eight of the advisories are labelled "critical", Microsoft's highest severity level, and could leave users' computers vulnerable to attack.

"All businesses who use Microsoft software need to adopt a regime of applying Microsoft security patches regular as clockwork, or they will be leaving themselves open to potential attack," said Graham Cluley, senior technology consultant for Sophos. "In the past hackers and virus writers have exploited vulnerabilities to break into internet-connected computers, so people should strongly consider patching now rather than waiting."

Microsoft has posted details of the vulnerabilities and made available updates which are reported to fix the issues on its website.

"The constant stream of security fixes from Microsoft is a double-edged sword for the software company. On one side it sends a message that Microsoft is acting positively to combat security issues by issuing fixes and informing customers about the problems with their software. On the other, it underlines the impression that many people have that Microsoft's software has serious security problems, which hackers and virus writers often attempt to exploit."

Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.

"Home users are particularly open to attack, because they have often not downloaded the latest security patches from Microsoft, and may not be running up-to-date anti-virus software or a personal firewall," continued Cluley. "It's essential that all computer users ensure their systems are properly defended."

Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

See also:

• Add live virus information to your website or intranet
• Sign up now for free notification of new viruses found in the wild