In this section

• Home
• Press office
• News archive
• Articles
• 2005
• 11

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

9 November 2005

Patch now! Microsoft issues fix for critical security vulnerability

Microsoft has described the vulnerability as critical.

As part of its monthly patch distribution, Microsoft has issued a critical security update for users of Windows XP, Windows 2000 Service Pack 4, and Windows Server 2003. The critical patch address a remote code execution flaw which could be exploited by hackers to break into vulnerable computers.

"This flaw in Microsoft's software is connected to the way it renders WMF and EMF graphics. A malicious hacker could send an email or direct users to a website which contained an image which could then run code without the user's consent. It's critical that businesses and home users protect against them as a matter of priority," said Graham Cluley, senior technology consultant for Sophos. "In the past, malicious attacks have followed soon after Microsoft's announcement of problems with its software, so it's important that people take action now to ensure their PCs are properly defended."

• Read more about the security vulnerability now

Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for critical Microsoft security vulnerabilities.

Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos continues to recommend companies protect their desktops and servers with automatically updated anti-virus protection.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also:

• RSS security news and live virus information feeds
• Sign up now for free notification of new viruses found in the wild