Patched and secure?

Sophos Press Release

Most businesses today recognise that good, up-to-date anti-virus software is an essential part of the defence against malware threats. However, it is not the complete solution.

Sophos recommends that customers monitor announcements from operating system, application and web server software vendors for details of new vulnerabilities found in their code. Many viruses (Kakworm, Nimda and Klez-H are just three of numerous examples) have exploited loopholes in commonly used web browsers and email software to increase their chances of spreading effectively.

Astonishingly even when security vulnerabilities are discovered, patched and publicised before they are exploited many people will not bother to apply the fix.

Loopholes are found in products on a weekly basis, some significant, some trivial. IT managers should keep abreast of these loopholes and apply patches where appropriate before new viruses come along to exploit them. Every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at http://www.microsoft.com/technet/security/bulletin/notify.asp. Other vendors offer similar services.


More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.