Microsoft warns of important Windows flaw, Sophos urges affected users to patch now

May 11, 2005 Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centres, have advised companies and home users to patch their systems after Microsoft released information about a new security hole in its products. Microsoft has labelled the flaw as "important" for users of Windows 2000, and warned that the vulnerability could leave users' computers open to attack.

"If you use Microsoft products you need to keep updated with the latest Microsoft security patches, or you will be leaving yourself vulnerable to hackers and worms," said Graham Cluley, senior technology consultant for Sophos. "In the past hackers and virus writers have exploited vulnerabilities to break into internet-connected computers for the purposes of stealing money and resources, or launching spam or denial-of-service campaigns."

Microsoft has posted details of the vulnerabilities and made available updates which are reported to fix the issues on its website.

Computers running Microsoft Windows XP are said not to be affected by the vulnerability.

Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.

"It's essential that all computer users ensure their systems are properly defended and follow safe computing best practice," continued Cluley.

Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.