IT staff await critical security update from Microsoft

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

IT system administrators are being warned today about a critical security vulnerability in versions of Windows, which could allow hackers to install malicious code (such as a worm) without user intervention.

According to Microsoft versions of its Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 operating system are affected by the bug – which is anticipated to be fixed by an emergency patch to be released at 10am PST (6pm UK time) today.

Microsoft announcement about out-of-band critical security update

More information can be found in Microsoft’s advance notice at www.microsoft.com/technet/security/bulletin/ms08-oct.mspx

Sign up to our free newsletter.
Security news, advice, and tips.

Microsoft normally bundles its security updates into a monthly package, known in the industry as “Patch Tuesday”, and it is relatively unusual for the company to issue a fix for a security vulnerability outside of this cycle. This may indicate that Microsoft considers the bug particularly important to patch as soon as possible.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.