Microsoft patches more critical vulnerabilities in its software

Sophos Press Release

"PC users must patch now," advises Sophos

Some of the vulnerabilities have been rated as critical by Microsoft
Some of the vulnerabilities have been rated as critical by Microsoft.

Sophos, a world leader in IT security and control, has advised computer users to install a number of new critical security patches from Microsoft.

As part of its monthly "Patch Tuesday" schedule Microsoft has issued a number of new bulletins (some of them labeled "critical") about security vulnerabilities in its software.

Vulnerabilities described in the security bulletin include vulnerabilities in Windows' Schannel security package, Internet Explorer, Outlook Express, and Windows Mail. These flaws could allow remote code execution, enabling a hacker to access data on a vulnerable PC or run malicious code such as a worm.

"Patching against new security vulnerabilities should be as natural as breathing for Windows users. If you don't do it, you risk hackers breaking into your PC and causing mayhem," said Graham Cluley, senior technology consultant at Sophos. "It makes sense to keep up-to-date with the latest security patches and roll them out across your business as a matter of priority. In the past hackers have shown no mercy in taking advantage of vulnerabilities in Microsoft's code - acting now will help defend your network and keep your company out of trouble."

Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for Microsoft security vulnerabilities.

Sophos suggests that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos experts recommend that companies ensure that all computers connecting to their network conform to a defined security policy, which includes having the latest security patches in place. Sophos NAC Advanced offers a comprehensive and easy-to-deploy network access control solution, giving businesses the ability to control who and what is connecting to their network.

Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, spyware, hackers, and spam.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.