IT staff await critical security update from Microsoft

by Graham Cluley on October 23, 2008 | Comments Off

Filed Under: Vulnerability

IT system administrators are being warned today about a critical security vulnerability in versions of Windows, which could allow hackers to install malicious code (such as a worm) without user intervention.

According to Microsoft versions of its Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 operating system are affected by the bug - which is anticipated to be fixed by an emergency patch to be released at 10am PST (6pm UK time) today.

Microsoft announcement about out-of-band critical security update

More information can be found in Microsoft's advance notice at www.microsoft.com/technet/security/bulletin/ms08-oct.mspx

Microsoft normally bundles its security updates into a monthly package, known in the industry as "Patch Tuesday", and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. This may indicate that Microsoft considers the bug particularly important to patch as soon as possible.

Tags:

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.