Security news13 October 2004
Microsoft warns of 22 security flaws in its software, Sophos urges users to patch now
 |
| Microsoft has described some of the vulnerabilities as critical |
Experts at Sophos have urged companies and home users to act quickly as Microsoft has released information about 22 new flaws which affect the software giant's products. Most of the advisories are labelled "critical", Microsoft's highest severity level, and could leave the popular Internet Explorer web browser open to attack.
"All companies using Microsoft software need to get into the habit of regularly applying security patches, or they will be leaving themselves open to attack," said Graham Cluley, senior technology consultant for Sophos. "In the past we have seen worms appear exploiting Microsoft security holes within a couple of weeks of Microsoft's announcement. Smarter businesses will be putting protection in place now rather than waiting to see if an attack occurs."
Microsoft has posted details of the vulnerabilities and made available updates which are reported to fix the issue on its website.
"Home users are particularly open to attack, because they have often not downloaded the latest security patches from Microsoft, and may not be running a personal firewall," continued Cluley. "All computer users should ensure their systems are properly protected."
Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.
Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.
