IT staff await critical security update from Microsoft

by Graham Cluley on October 23, 2008 | Comments Off

Filed Under: Microsoft, Vulnerability

IT system administrators are being warned today about a critical security vulnerability in versions of Windows, which could allow hackers to install malicious code (such as a worm) without user intervention.

According to Microsoft versions of its Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 operating system are affected by the bug - which is anticipated to be fixed by an emergency patch to be released at 10am PST (6pm UK time) today.

Microsoft announcement about out-of-band critical security update

More information can be found in Microsoft's advance notice at www.microsoft.com/technet/security/bulletin/ms08-oct.mspx

Microsoft normally bundles its security updates into a monthly package, known in the industry as "Patch Tuesday", and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. This may indicate that Microsoft considers the bug particularly important to patch as soon as possible.

Tags:

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.