Security news
Security news10 November 2004
Microsoft releases important security patch, but no sign of a Bofra fix yet says Sophos
 |
| Microsoft has issued an important security update. |
Microsoft has issued an update for its Microsoft Internet Security and Acceleration Server 2000 (ISA Server) and Microsoft Proxy Server 2.0 software.
The update fixes an important security issue in the software, and has been rated by Microsoft as "important". The software giant has recommended that affected customers apply the update at the "earliest possible opportunity".
"Microsoft issues security update for its software on a regular basis, and all companies using Microsoft software need to get into the habit of regularly applying security patches, or they will risk leaving themselves exposed," said Graham Cluley, senior technology consultant for Sophos. "This security update, however, does not address the Internet Explorer vulnerability exploited by the newly discovered Bofra worm."
Sophos believes that the public disclosure of the vulnerability exploited by the Bofra worm, without prior warning to Microsoft, has made it difficult for the software giant to manage the issue properly.
"It would be near on impossible for Microsoft to have created and tested a patch for the Internet Explorer problem exploited by Bofra in such a short period of time. Customers who wish to protect themselves from Bofra will need to rely on anti-virus software and firewalls for now," continued Cluley. "Microsoft strongly encourages those who find software vulnerabilities to work with them, rather than make the news immediately public."
Microsoft has posted details of the ISA Server and Proxy Server vulnerability and made available updates which are reported to fix the issue on its website.
Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.
Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
Sophos protects against the Bofra worms
Sophos issued protection against the W32/Bofra-A worm at 15:29 GMT on 8 November 2004. Customers using Enterprise Manager or the Sophos small business solutions were automatically protected at their next scheduled update. Customers using these products received protection against the W32/Bofra-B and W32/Bofra-C variants of the worm from 8:22 GMT on 9 November 2004.
Sophos recommends companies protect their desktops and servers with automatically updated anti-virus protection.
