IT system administrators are being warned today about a critical security vulnerability in versions of Windows, which could allow hackers to install malicious code (such as a worm) without user intervention.
According to Microsoft versions of its Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 operating system are affected by the bug – which is anticipated to be fixed by an emergency patch to be released at 10am PST (6pm UK time) today.
More information can be found in Microsoft’s advance notice at www.microsoft.com/technet/security/bulletin/ms08-oct.mspx
Microsoft normally bundles its security updates into a monthly package, known in the industry as “Patch Tuesday”, and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. This may indicate that Microsoft considers the bug particularly important to patch as soon as possible.