12 Jun 2002
Patched and secure?
Most businesses today recognise that good, up-to-date anti-virus
software is an essential part of the defence against malware
threats. However, it is not the complete solution.
Sophos recommends that customers monitor announcements from
operating system, application and web server software vendors for
details of new vulnerabilities found in their code. Many viruses
(Kakworm,
Nimda and Klez-H are just three of
numerous examples) have exploited loopholes in commonly used web
browsers and email software to increase their chances of spreading
effectively.
Astonishingly even when security vulnerabilities are discovered,
patched and publicised before they are exploited many people will
not bother to apply the fix.
Loopholes are found in products on a weekly basis, some
significant, some trivial. IT managers should keep abreast of these
loopholes and apply patches where appropriate before new viruses
come along to exploit them. Every IT manager responsible for
security should consider subscribing to vulnerability mailing lists
such as that operated by Microsoft at http://www.microsoft.com/technet/security/bulletin/notify.asp.
Other vendors offer similar services.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.