Microsoft warns of critical security flaws in its software, Sophos advises users to patch against vulnerabilities

Sophos Press Release
Microsoft has described five of the vulnerabilities as critical
Microsoft has described five of the vulnerabilities as critical.

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centres, have urged companies and home users to act quickly as Microsoft has released information about new security holes in their products. Five of the advisories are labelled "critical", Microsoft's highest severity level, and could leave users' computers vulnerable to attack.

"If you use Microsoft products you need to keep updated with the latest Microsoft security patches, or you will be leaving yourself open to attack," said Graham Cluley, senior technology consultant for Sophos. "In the past hackers and virus writers have exploited vulnerabilities to break into internet-connected computers for the purposes of stealing money and resources, or launching spam or denial-of-service campaigns."

Microsoft has posted details of the vulnerabilities and made available updates which are reported to fix the issues on its website.

Home users of Microsoft Windows can visit to have their systems scanned for critical Microsoft security vulnerabilities.

"Home users are particularly open to attack, because they have often not bothered to download the latest security patches from Microsoft, and may not be running up-to-date anti-virus software or a personal firewall," continued Cluley. "It's essential that all computer users ensure their systems are properly defended and follow safe computing best practice."

Sophos recommends that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at

Sophos continues to recommend computer users practise safe computing as well as running up-to-date anti-virus software.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at